Jay's Brain

Qualified Immunity

You will hear over and over how “Ignorance of the law is no defense” for you.  Judges will tell you, lawyers will tell you, police will tell you – you have no reason to not realize that you are breaking a law…. the burden is on YOU to realize that the acts you are engaging in are legal or illegal.    While this is a far stretch, how can we all be aware of every law that we might come into contact with, I guess you could say that it is a reasonable expectation that somehow we will find these things out.

There is, however, no provision for a police officer to be held to the same standard.   Police and other LEO’s (both state and federal) are protected by something called Qualified Immunity which all but guarantees that they do not need to understand or know how a law is to be applied to YOU when they are interacting and arresting you.  In fact, they are only required to have a vague understanding of the laws they are charged to enforce – enough that a reasonable person without any detailed insight would be able to articulate why they thought you were guilty of a crime.

That is right – the very same group that will deprive you of your liberty and natural rights can do so without any specific determination as to if you are truly breaking the law.  They can fully function in an “after the fact” mode where the lawyers and judges figure things out for them.   This allows them to violate your first, second and fourth amendment rights without batting an eye.    Sure, your case will be tossed out but not before you are arrested for false charges, falsely imprisoned and intimidated during the whole process.   As long as their oversight isn’t gross and negligent (in someone else’s eyes) you have virtually no recourse.

Check it out, read about it, and realize that you MUST defend your rights at every occasion.  You must insist on your rights and for pete’s sake… never TALK to an officer…. it can never do you any good.

http://en.wikipedia.org/wiki/Qualified_immunity

http://video.google.com/videoplay?docid=-4097602514885833865#

Posted in Damnit, JaysIdeas

Non-standard cosmology interests me immensely.   It interests me for many reasons, but the main reason is that no matter how hard I try to cram it in – the Big Bang just does not answer some of the really pressing questions for me and it fails to account, in my layman’s opinion, for some of the really interesting stuff coming out of quantum mechanics and theory these days.

While the Big Bang is considered standard cosmology and most of the observable results we have now, including the CMBR, support the model better than the Steady State theory did originally, the recently revised Quasi-Steady State theory attempts to fill many of those problems while maintaining the original premise.   Here is an idea I can wrap my head around but to do so we need to make some assertions:

1) Observable entropy moves in one direction – towards disorder

2) The amount of energy in the universe is finite, and can not be created or destroyed

3) CMBR shows the universe to be expanding and moving the further out you go from the universal center.

4) The universe does not necessarily take the shape of a radiating sphere

5) The act of observation helps influence events or at the very least set the state upon observation.

6) The big bang theory has no answer, yet, to how the singularity started the attosecond before the event.  Where did the inital matter come from?

On point number 6 for a second:  This is tenuous because it is also argued for the ID creation event.  In order to have the discussion between QSS and Big Bang we must overlook the first contradictory response between ID and Big Bang and talk only about the merit of how any amount of energy or matter appeared before the Bang.  This is of course not taking into account the theory of the compression/decompression line of thinking which says that what existed before the big bang was a severe compression of what had existed before.

Now, on to assertion 1:  Is it possible that entropy moves in reverse but that the effects can not be observed?   Since it can not be observed one could only argue that it may be possible if a measure of reverse entropy could be noted, a side effect if you will.   A possible effect of reverse entropy could be the spontaneous existence of non-observable mass or matter which influences other objects in the cosmos.   This feeds into assertion number two, swiped again from the laws of thermodynamics, that the total energy of the system is set.

Assertion number 3 proves to be interesting to non-standard cosmology because we know that the speed of light is fixed in a vacuum but we are not sure what happens at the edges of the universe.  If the universe is expanding at a set rate from the center, then the expanding universe will gain momentum the farther you go out.  At the edges of universe it stands to reason the acceleration of matter begins to pass the speed of light but matter must be converted to energy in order for that to happen.   If this is true and the universe is a radiating sphere then we do indeed go towards heat-death.  If the universe, however is -not- a radiating sphere but rather a torus… as the matter is converted to energy as the acceleration passes the speed of light then the energy can be returned to the cosmic center creating a power source for other bangs.

Could this be how the big bang happened?  A quadrillion years of expansion finally found all the energy collected back at the center for another explosion?   Or could we be experiencing mini-bangs within that torus depending on how energy is distrubuted?

Point 5 is almost a non-sequitur except for the fact that it makes sure that we include ourselves in the equation.  I still have a gut feeling that this is key in our perception of how the math finally ends up working out, but I am an average person and I can only comprehend so much before I must read more and attempt to resolve it within myself.

Now they say that while the universe is expanding, it is really the space between static objects that grows while the objects themselves stay relatively stationary.   I think that is another thing I need to wrap my head around because my understanding of that still says the object must move.   If there were two cars on a street and the street between them began expanding to increase the distance between the two cars, the cars themselves must move in relation to each other and to their starting point.  To say that the car moves at the rate of expansion would be wrong, indeed, in fact it should move at 1/2 the rate of expansion assuming both objects were equally separate from each other and the road expansion started exactly between both of them.   That still means, however, that the object possesses the potential to move at the speed of light or greater if the rate of expansion is multiplied by other such expansions further down the chain (multiple cars separated by multiple spaces growing at multiple times must create a multiplied effect).

I could have this all wrong, especially since I do not understand 1/2 of the equations they use for these things – but I can not trust an equation I do not fully understand, I must learn to understand it or have faith that someone perceives it correctly.  I choose the former.

Posted in JaysIdeas, Tech/Science

A huge leap forward in optical communication is about to happen.  They have reliably shortened the wavelength of a single light pulse to 4.3 femtoseconds by using converging waves to cancel out most of the larger wave.

It sounds interesting, but it can revolutionize existing fiber installations by shortening the amount of light required to indicate binary bits.   This would significantly increase the available bandwidth on existing infrastructure by only requiring source and end point changes.

I love how we just keep squeezing out ways to extend existing infrastructure.

http://www.newscientist.com/article/dn18313-single-light-wave-flashes-out-from-fibre-laser.html?DCMP=OTC-rss&nsref=online-news

Posted in JustPlainCool, Tech/Science

Recently a co-worker, who just returned to our company from a brief stint at SourceForge, turned me on to a opensource project called IdeaTorrent which I have started to really like.   The idea is basically a submission and voting engine for people to submit ideas and then allow them to collaboratively up/down-voted and commented on.   Eventually this process would help drive the pipeline for R&D or Product and, hopefully, turn into a real feature or product.

As I started implementing the product I realized that it also helped satisfy another requirement that we had been having in our existing R&D process – documentable proofs of intellectual property.  Dealing in the industry that we are currently in, music, there is a lot of fierce competition over product development and intellectual property.  In addition we signed up with a fairly large electronics manufacture to build a joint product next year and there are significant hurdles when it comes to joint IP and ownership of ideas once the product takes off.

Things happen, partnerships dissolve, and in the end you only have your records to prove that it was your idea far before the partner says they came up with it.  IdeaTorrent is a great way to start documenting those ideas in a loose way before going on to other tangible assets like notebooks, emails and printed documents.   In fact, with IdeaTorrent it is entirely possible that it can help start the documentation process far sooner than a hallway conversation – some of those take weeks to actually make their way into a forum where IP law starts to take hold.

While the system itself needs some work to get into an easily installable solution (it requires some pretty strict standards – drupal and postgresql only)  - I think that eventually it will be a defacto tool for thinking organizations.

http://www.ideatorrent.org/

Posted in JustPlainCool, Tech/Science

I was recently introduced to a new online service called Aardvark (http://vark.com/) which is a question/answer service in the spirit of twitter.  It integrates with IM clients, email, mobile phone and your browser and promises to be an amazing tool if harness properly.

The basic concept is this:  You have a question, you post it in a simple interface for your mobile phone, IM, email or web browser – and then someone (or many someones) answer it for you.  You get the notification via any method you wish and it is all free.  That is a great service!   However, for the people like me in the world, it also allows you to go online and browser for any questions to answer that you want.  Not only that, but if you see a question that you then become interested in.. you can follow that question until it gets an answer you like!

To top it all off, you can subscribe to topics that you are well versed or interested in and Aardvark will randomly assign a question to you in IM or Mobile Phone and you can choose to answer it or pass it off to someone else with natural language like “sure” or “not now”.

All in all it is a great concept of taking the terrible Yahoo Answers and making it an on-the-go type service.  Sure, why can’t I use a fraction of my knowledge about technology to quickly answer someones quick question?     Just a great idea that I hope lasts.  Tell you friends!

http://vark.com/ask

Posted in JustPlainCool, Tech/Science

We just through a big hassle to fix our demo license with urchin after we mistakenly updated the server name that it was installed on.  We had done a fair bit of data setting up profiles and log sources and did not want to have to redo it all… so we set about to hack the gibson.   Finally we figured out the steps:

1) Stop the urchin services

2) Run mysql and login as root or the urchin user

mysql -u root -p [enter password]

use urchin;

update uglobals set ucgl_serial = ”,ucgl_license=”;

commit;

3) Go to your C:\Program Files\Urchin6\util directory and run

ugetlicense.exe -s whateverfakestuffyouwant

Which will error out with a “ERROR: License Retrieval Failed! (-5)” message, which is OK

4) Restart urchin services

5) Reload your admin interface (by default http://localhost:9999)

6) Activate another demo license key.

This should retain all of your previous profiles, settings, log sources and users but will allow you to use a new server name/server.   Enjoy!

Posted in Damnit, Tech/Science

I had wondered what the end game for Google’s aggressive acquisition of street by street view camera data would be and has suspected for a long time that it would be used for a GPS SaaS product.   Originally I had figured that Google would collect all of the data, expose the API for a fee and let Garmin/TomTom and the rest buy their service like a Sat Image provider does.

Today, I found out.   Google Navigation is the penultimate collection of all of the other previous Google services (GPS, voice recognition, Satellite and other Terrestrial data, Streetview images) thrown into a single service.

Google 411 was a useful service, but it provided Google with far more than just peoples 411 interests, but also helped shape their voice recognition model.  Google StreetView was instrumental for the adoption of Maps.  GPS on the iPhone was a great look into how GPS on a handset would work and leveraged the already popular search software with relevant user information.   And now the mashup of those services combined with Google Search has now created the GPS killer.

Google Navigation is a beta application available to the Google Andriod OS in beta mode.  It offers turn by turn directions, POI and natural language intelligence and StreetView as an overlay for it all.   I have no idea how TomTom and Garmin will compete with this product, they can only stumble to keep up.   The only possible way that they could compete is by begging Microsoft to allow them to integrate Live and somehow establish a dominant product.

Touche Google… you win again.

http://www.google.com/mobile/navigation/index.html#p=default

http://www.youtube.com/watch?v=tGXK4jKN_jY&feature=player_embedded

Posted in Damnit, JustPlainCool, Tech/Science

A friend of mine recently asked me about using online proxy services to help his company gain a little bit of anonymity with some research they were doing on the net.  I almost dismissed his question in my mind as silly, mainly because I could not imagine at the time why he would want to use an anonymous proxy.   After he explained what he wanted to accomplish (questionable but legal) I had to reconcile in myself the implications of what he wanted.

For many years I have been aware of, researched and even used some of the proxy services that have popped up.  Years and years ago I, myself, setup several multi-hop proxies through fake shell accounts at universities, phished shells from IRC and a couple of ones I setup myself.  The whole thing back then was how far you could go to run a teardrop, Pepsi or smurf on a friend of yours.   I guess I could have used it for warez transport, but it was so damned slow there was no point at all – the BSA was going after disk copiers and not file tx’rs.   But I digress.

The fact of the matter is:  Anonymity is still very important on the web and with IPv6 we are about to lose a whole lot more of it if the powers that be have their way.    This begs the question – Are proxies today any good?  The best answer that I have come up with so far is :  It depends.   What are you trying to hide?  If you are trying to hide your browser’s user-agent string and your IP address, perhaps it may work if the site you are hitting and the proxy are using follow certain rules.

The age of analytics

The Interwebs love for data these days is unmatched compared to previous years.  The implementation of analytical software/scripts like Google Analytics and WebTrends is very high -and- they are client based now.  This means that -if- you are using an HTTP/HTTPS based per-request proxy service it must filter out all scripts for analytics.  If it does not filter these out, the script will be delivered to the client and the client will make a new, potentially non-proxied, connection to the analytics service.

Flash is another way that people are using the client to do much of the heavy lifting these days.  Many people today still do not realize that the flash application is not running on the server, but is delivered to the client to run on the client machine.  By running the flash you explicitly give it permissions to interact it your computer, your IP session and your browser.   Now depending on what browser you are running the range of data that can exposed is very wide but virtually all of it can be used to identify you individually as a user and then submit that data to another service.  These HTTP/HTTPS proxies do not mask the payload of the POST/GET, but only of your browser requests and the IP address of origin.

Either way, HTTP/HTTPS proxies need to be very current on their methods of scraping out analytical scripts and tools or much of the point is moot.    Basic point:  Server logs are virtually dead now for mining user access.

The single point of subpoena

Now lets exclude HTTP/HTTPS based proxies and look at VPN based solutions.  Whether using a formal VPN product or OpenVPN your client must be configured to use a centrally located service.  Virtually every VPN based proxy that I have seen uses a single set of IP addresses that are co-located with other identifiable services.  That means that either the provider becomes a target for subpoena and discovery, or the first time that it happens the ISP drops them because the other customers on that IP block complain about lost business.

That aside, VPN based proxies as well as client side application proxies function in very much the same way.  With a VPN proxy the traffic to *.*.*.* excluding your local LAN (hopefully) is routed through the secure VPN tunnel and then sent out of a centralized proxy server.   In the client side application model there is a driver that functions as a TCP wrapper which packages up your TCP traffic and forwards it to a third-party for routing.    Either way, you must be connected to the proxy.   Being connected to a centralized server is problematic because during the exercise of subpoena you can be identified explicitly AND your stateful traffic can be watched.     Forget about all of the advertisements that say that your traffic is “mixed with other users” – that is false.  Yes, your traffic is going out an aggregated egress circuit from the company, but they keep the state of your proxy request in server.   This is a technical limitation they must have because of how proxy requests work.   If you are under investigation then the centralized proxy server that you have a VPN or Client connection to is your weak link.   Tapping at the other end of the VPN (after decryption) tunnel results in all of the information an interested, motivated and snoopy entity needs to nail to you the wall.

The decentralized model

Decentralization is the only way that anonymous proxying can work properly.  The primary downside is, interestingly, it is as slow as a snail asleep in winter.    A decentralized anonymous proxy creates a peer-to-peer system of computers, running “Exit Node” software,  which publish themselves at random egress points in the Internet.   Your client then uses this diverse and semi-random network to drop various requests out to the internet.  Take this model and then ensure that no series of requests exit the same portal and you can begin to imagine how a truly anonymous proxy network can be built.  If none of the “Exit Nodes” are configured for logging, then there are very few trails back to your computer for any specific series of requests.

Tor, for example, is a great model for the application of a decentralized anonymous proxy model.  In a Tor use case a request by a client application for a specific web page is made and exits out of a randomly selected tor exit point.  The exit point then proxies the request and delivers the initial stream of data back to the requesting client.  In the HTML there are instructions for downloading additional bits of content (graphics, RSS feeds…etc).  Each request for each bit of content exits out of a separate and usually random Tor exit node.  Since your request for content was decentralized among many peers the chance that any single transaction will be tracked back to your computer is highly unlikely.

The catch with Tor, as with any client model, is when a client side application gathers data about you and then proactively sends that data out in a separate submission.  Since Tor controls the exit point but not the content, you can still unwittingly submit data about yourself to an interested party.   Thus the real model of true anonymity becomes one of strict client control in addition to the use of a decentralized proxy model.

A good example of this would be using Firefox with a Tor plugin running NoScript and AdBlock.  NoScript, on its highest setting, will prevent even a flash application from loading.   While this severely limits the browsing experience, it also significantly obfuscates your path.

Live operating systems

With the creation of net oriented operating systems we are moving closer and closer into a “BYOOS” model where you can bring your whole operating system/desktop with you to a dumb terminal.  The best option for doing this anonymously now is to build a LiveCD with Ubuntu or another similar distribution (include Damn Small Linux, or DSL).  You can make a CD-ROM if you want and keep your personal files on a USB stick – but even better is to build a LiveCD on one thumb drive partition and then keep data on another.  I carry a stick configured just this way in my backpack for occasions where I have hardware but want to use my own custom system without infringing on the host hard drive.    Using the USB method you can literally use any USB bootable computer to run a Tor entry point in Firefox with no logging or tracking.  Remove the thumb drive and crush/melt/throw it away and the possibility that your session can be tracked to you becomes virtually nil- except through physical surveillance.

Conclusion

Building, using and then torching your thumb drives is obviously a little bit alarmist (at least under normal circumstances) but the combination of options to keep prying eyes away from your projects or ideas is a good tool to have in your toolbox.   Having one tucked away will at the very least  give you some level of freedom to explore interesting information on the Intertubes.    While not described above there are many other additions you can use to increase the level of anonymity that you enjoy by employing ideas in this article such as GIF encoded torrents and ICMP tunneling – some of which I may post about later.

The final straw is:  True anonymity still comes with a hefty price tag but it is not a monthly fee from a service, it is one of performance and availability.  The LiveCD systems and distributed proxies are still slow, and the Tor Exit Nodes that exist today are burdened with too many users and not enough end points.  While Tor is a manifestation of distributed anonymous proxies, there are still many hurdles to overcome including Exit Node harassment and raids,  like this one , which scare users out of running an open node.

Posted in JaysIdeas, Tech/Science

We are in the middle of our in situ 2007 transition trying to use the existing 2003 environment in tandem with the 2007 architecture.  It is, supposedly, a supported type of transition where things just intelligently balance themselves depending on where your mailbox is.   For the most part is looks like it wants to work, but there are a couple of limitations that we ran in to (or perhaps just isolated bugs) that prevent us from doing a graceful transition.

Problem 1 is that 2007 front end (or CAS as they call it now) works flawlessly with webmail, webdav and owa for both 2007 and 2003 based mailboxes, but it only works properly for ActiveSync on 2007 mailboxes and fails to proxy correctly for 2003 mailboxes.  That is obviously a no-starter for all of our mobile users.  So we have to scratch the CAS box flip for now.

Problem 2 is that the 2003 front end can not handle 2007 mailboxes because of the switch from /exchange to /ews.  So we have to scratch using the 2003 front end for 2007 users.

Problem 3 is we are not using a reverse proxy so I can not intelligently look at the client coming in and direct them to the appropriate server.

In retrospect, the reverse proxy would have been the better idea but it also added another component to the architecture that we were not planning on time or money wise.  We had always held the door open for the potential to use one, just not as part of the upgrade.   The admin inside of me wants to fix the ActiveSync problem on the 2007 front end and then all will be right in the world, but the logical side of me that has done this type of change hundreds of times knows that if I go down that rabbit hole I will not be able to successfully time-box the work.   Things get a little to tangential when you are troubleshooting something so specific.

I have a feeling that we are just going to need to do the full monty 2007 migration and take about 10 hours of downtime in the process to get this thing working, but I keep holding out for another option (like a IIS based proxy for the /Microsoft-Server-Activesync service where I can just proxy all requests to the 2003 FE)… but we are running out of time.

I will update with the final result, in case anyone searching happens to come across this.   I have not been able to find -anything- on the intarweb that indicates this problem has happened on a large scale or with people who actually post to forums instead of calling M$.

Posted in Damnit, Tech/Science

New estimates on the amount of water and possible oxygen on Europa, one of Jupiter’s moons, show that it is not only available in tremendous quantities… but that it more than likely is in the right conditions to at least allow the potential of life.

Obviously, because of the vastly different conditions of both cosmic radiation and its distance from the sun – life would evolve quite differently on Europa than what we would imagine here on Earth… but for me the greater possibility is the use of Europa as a source of resources for human expansion in the solar system.   Reading Foundations, it is obvious that Asimov knew the correlation between human expansion and the vast consumption of resources that it would require – something Star Trek rarely focused on.    Any potential for us to leave the inner solar system and expand outward would depend on capturing resources from other worlds – NOT transporting them from Earth.

Exciting stuff!

http://www.physorg.com/news174918239.html

Posted in JustPlainCool, Tech/Science

There was a lot of debate around the possibilty of a “new” welding solution which supposedly uses a new combination of Oxygen/Hydrogen (HHO) after the electrolysis of H20.   Supposedly the “new” solution would create a 4000 degree torch to metal but be cool to the touch.   After doing a bit of research there was a bunch of people way smarter than me in chemistry arguing that it was a rehash of something called Brown’s Gas.

A quick wikipedia search revealed this link which verifies the technology but not the benefit of energy savings or simple process.

I find the whole topic extremely interesting, especially when some argue that the “new” welder creates Brown’s Gas on the fly to burn it instead of trying to store it.  Apparently, according to the posters, Brown’s Gas is extremely volatile at low pressures – tending to the explosive below 200PSI.  Apparently the current HHO welders need to use an additional coolant gas, such as one created with acetone or gasoline to cool the the HHO flame down so it can actually weld.

I still need to verify much of the data before I regurgitate it in random conversation, but it is fascinating none-the-less – especially for a hobby welder like myself.

http://en.wikipedia.org/wiki/Brown’s_gas#Brown.27s_gas

Posted in JustPlainCool

Cloud computing – Running your stuff in someone elses data center.

It was supposed to be the Valhalla of systems management.  For many, who do not care about uptime, it is.  The real sex appeal to the whole thing is that you can save dozens of thousands of dollars in capital expenses for hardware/network purchases and then potentially hundreds of thousands of dollars in employment costs by outsourcing the hardware and network maintenance to a third party.   The trade-off, of course, is that you lose your control of your own network and must rely on a third-party underpinning contract for your company’s SLA.

For some companies, this is not a problem – especially startups who want to prove a product with little investment money or SMB’s who just do not want to host in a data center.    Those companies can take the hit that is uptime for the tradeoff of known MRC (or at least a linear scale).   There is the initial cost of creating your server images and figuring out the nuances of the hosting solution, but after that it should be a cakewalk right?

Well many companies are finding out that the “Cloud” is not all that it is cracked up to be – at least not yet.

SPOFs

The first thing that any good Systems Administrator will think of is SPOF (Single Point of Failure).  In the Cloud, SPOF is not thought of in the traditional sense of single server failure, database failure or network device failure.  Of course, why would it be since you are paying to host it in a virtualized environment.   The SPOF we talk about in the Cloud are service based SPOF’s.   A service based SPOF is one in which the entire service being provided by the third-party goes down.  That means all customers using that service are down for the duration of the outage, or a group of customers using services in a single center are down.  This is evident by the several well known outages of Amazon’s S3 storage cloud service which has brought down companies like SmugMug for lots of downtime.    These types of outages range from the preventable to the inevitable, but most of them come with the territory when you have a 99.9% SLA, which is your underpinning contract with Amazon.  That means that you can _never_ offer a higher SLA service because that is the weakest link in the chain.

An 99.9% SLA means a single service can be down (hard down) for no more than 43 minutes per month.  That sounds pretty reasonable right?  Well, look further and you will see the rub.  Amazon, for instance, makes a “reasonable effort” to guarantee 99.9% uptime.  If you dip below that all the way down to 99% for the month they will give you a 10% credit of your monthly fees as compensation.  Anything lower than 99% nets you a 25% savings on your monthly bill for the time lost.   That .9%, however, is a big number change.  To go from 99.9% to 99% takes you from 43 minutes per month to 432 minutes per month, that is 7.2 hours of downtime.  That 7.2 hours of downtime will net you a 10% savings of your monthly bill, but because these services are significantly marked down compared to what you may be charging your customers – your loss will mostly likely be significantly higher than the 10% savings over that 7.2 hour period.

Since Amazon offers many services as part of its AWS cloud platform, you have many ways in which your company can die.  The more services you use, the greater the number of SPOF’s you have.   Want to use their EBS (Elastic Block Store) as a database?  You can have 42 minutes of downtime there as well – except _that_ 42 minutes of downtime will probably take your entire application stack down.  That means you will still pay for the S3 and EC2 hosting costs but will get a 10% discount only on the EBS portion of it.

The more you slice it, the more you see that it does not make sense to put your entire enterprise on a cloud platform quite yet – from the SPOF point of view.

Network Obfuscation

The first thing a good Network Administrator will think of is probably “How can I manage the interfaces for my devices?”.   The true answer, for now at least, is – you cannot.  Companies like Amazon and ServePath give you some limited tools to control your ACLs and host entries, but most of these companies are severely lacking in broad network support that many of us have come to rely on.  Things like intra-VLAN ACLs and complicated application layer rules just are not there.  You are also at the whim of whatever NLB (Network load balancing) method the company chooses for you for redundancy.

If you are used to setting up iRules for your F5 or have a layer 7 switch currently, do not expect AWS or GoGrid to meet your expectations for flexibility and features on the network level.   Instead, many companies are choosing to invest greater dollars in doing these types of tasks on the software level than on the network level.   While that methodology has a life of its own, and its own merits as well, nothing beats an appliance that is dedicated to a task.   You could write an application to take the place of the iRules feature of an F5, but I will bet you a paycheck it will take longer/cost more money and will not be as reliable as the appliance version with SSL accelerators.

In addition, simple things (I say that with my tongue firmly planted in my cheek) like DDOS attacks, can go untreated for hours while services crash around them.  Take for instance BitBuckets latest outage with a DDOS and Amazons EBS offering.   One could say they should have been using a network monitoring solution, or Amazon will learn from this and build better tools – both of which are true.  Both of said options, however, are significantly limited by _what_ you can access and when.  If your sites are being DDOS’d from the network and you need to connect to the machines over the network, you are a little assed out now are you not?  Conversely if your servers are in your own datacenter, the simplest option is to take the outage but block traffic at the edge or firewall and then deal with the servers on your LAN.   These issues are not currently dealt with in the nicest way with Cloud offerings.   Now, an iLO type approach would be very nice – and it might be coming – but we will need to see a bit of movement before we are ready to move our services over.

The simple fact is, cloud computing is a commodity based service with commodity options.  Those options are growing every day, but some of the significant limitations are still right in the face of the best admins around.

The better idea, as far as I can tell, is to use AWS and GoGrid as a supplement to your existing services.   If you look at cloud computing as a very cheap, somewhat reliable and commodity based scaling platform you can easily use these services to spin up another fleet of servers based on load.   Why not use your F5 that you have already and add new nodes on demand in the remote data center?   Why not use AWS or GoGrid as your D.R. site?   Why not use GoGrid or AWS or GoogleApps to prove that new Proof of Concept system without shelling out cash for new servers?   These are some of the ideas that I think Cloud computing is good for -now- and ones that make sense -now- for companies that need an extra % of uptime in their services.

With the new VPN and SDC services from both AWS and GoogleApps , things are getting better, but even those options are zeroing in on the practical uses that I outlined in the paragraph above – not on hosting your entire company in the cloud.

As with anything, too much of a single thing is bad and excess is never a good policy to follow.  A good IT shop should never put all of its eggs in one basket (from Backup solutions to a single technology play) so why would you let your entire company ride on hosted solutions?   Well, that is, unless you build your company around a poor SLA model and just factor that into the product .

http://smugmug.wordpress.com/2008/07/20/amazon-s3-outage-causes-smugmug-outage/

http://blog.bitbucket.org/2009/10/04/on-our-extended-downtime-amazon-and-whats-coming/

http://www.theregister.co.uk/2008/02/15/amazon_s3_outage_feb_2008/

http://www.gogrid.com/index.v5.php

http://aws.amazon.com/

Posted in JaysIdeas, Tech/Science

Ron Paul, Cato and many other informed financial conservatives were predicting that the FDIC (the insuring organization responsible for bank deposits in case of failure) would run out of capital with the, at the time, upcoming swath of bank failures.    The FDIC vehemently denied all of these accusations and asserted that it was in strong financial shape to weather the storm.

Well, here we are now after a huge storm of bank failures (with more failing every day) and the FDIC fund is nearly empty.  They are now eyeing their $500bn line of credit from the Treasury (read: citizens money) to cover the banks losses.

The sheer fact that this type of usury is even allowed by us, the citizens of this Republic, is unfathomable to me.  That we have allowed the Congress to put -another- central bank in charge of our money and create a situation in which the Treasury of the United States is lending OUR money to cover bank deposits of OUR money is unconscionable and vomitous.

They are taxing our income (Thank you 16th amendment *cough*ass*cough*) to establish a fund filtered through a multi-level marketing scheme (Fed & Treasury) to -maybe- provide a service through the FDIC to give us our money back (which they tax again for interest bearing accounts).   The fact that we were taxed in the first place is horrible.   The fact that we face ANOTHER tax through dilution of the currency supply by bailing out the FDIC is grotesque.

How can we allow this to happen?   How can intelligent and otherwise civically minded people allow this financial tyranny to take place?   It can not be because we think they are smarter than us – can it?   Are we that afraid of letting their house of cards that they have built themselves fall?

How can we allow the Private Federal Reserve Bank to dilute our money supply and apply a shadow tax on every dollar in our pockets without accountability?  This can not stand.  This will not stand.  There will be a watershed event soon, and then the country will finally say “Why did we not do something before now?”.

Yes, it is possible that they will increase their reserve by taxing their institutions – but they will never underestimate the sheer volume of cash they can generate out of thin air by taxing us – and apparently we do not give enough of a crap to complain about it, unlike the corporations.

Support H.R. 1207 – Fight to end the Third Bank and restore control to the Congress where it belongs.

http://www.bloomberg.com/apps/news?pid=newsarchive&sid=aEKc7Yh8ogXw

http://www.govtrack.us/congress/bill.xpd?bill=h111-1207

Posted in Damnit

So the Gömböc is basically a shape with one point of equilibrium only, like a turtle shell, which will attempt to right itself anytime it is not on this point.  Because of the unique shaping, moving to a point of equilibrium is actually fun to watch because it appears the object is expending a great deal of energy in the process.

Unfortunately for this very cool shape, its coolness is being exploited for cash.    The “Official Gömböc store” is selling them for upwards of $750.00 (for Brass) and as low as $250 (for Aluminum).   This puts it far out of the price range for curious dads like me who just want to show their kids something cool and could care less for the expensive Plexiglas/Alumium/Brass models.

Still, the idea is intoxicating and I should probably find the dimensions and make one myself out of steel/plasma cutter/welder and grinder.

http://en.wikipedia.org/wiki/Gömböc

http://www.gomboc-shop.com/?gclid=CLKfjrbUiJ0CFeFM5Qod2keqaw

Posted in JustPlainCool, Tech/Science

It occurred to me yesterday that time travel along the same timeline may not be possible for two reasons.  I have to thrash this out in my head still but it seems as though the basic tenants of time travel follow two paths:   (A) That you can time travel and interact with the timeline (B) That the timeline will prevent you from interacting.

I think that both are probably not possible for several reasons.  I can only conclude this based on the recent past history and trends, but as this is my only point of comparison I think it is reasonable to make these assumptions.   This does not deal with time travel which places you in another dimensional timeline – only time travel as it relates to our timeline.

Interaction with the timeline

My feeling on this is strictly to do with the human condition.  Humans have shown, over our entire history, that we -must- interfere or respond if we feel that it is within our power to do so.  Be it great evil or altruistic motivation, our history is so compacted with interventions/intercessions/annexes/aid…etc that it would be far from just reasonable to assume that we would continue on this path into the far future (at least 10,000 years forward).   If we let history be our guide on that matter, we can assume that humans will continue to try and alter conditions to be more favorable if in their power to do so.

Taking the human condition into consideration, and then looking at simple things like development of technology on predictable exponential scales (such as Moore’s Law) one can see where it would be quite obvious for an interloper from the future to insert or guide technology that would be out of that scale.   Some futurists believe that exponential laws like Moore’s Law are sustainable much farther than the conservative estimates of 2016 or so.

Now take Moore’s Law for example, one based specifically on integrated circuits (IC).  It seems a bit myopic to make a point on that alone (40 years young and only based on one technology) – but one can follow the path of the creation of IC’s very clearly even before Kilby & Noyce’s work.  If you look at the use of IC in technology and the replacement of vacuum tube, it is easy to see where we are going and that makes Moore’s Law possible.  Every technology that we use today is based on IC – no exception that I can see except perhaps the theoretical models for quantum computing devices (and even THOSE are integrated with IC).    It is very clear that this age of advancement has gained the most speed after the introduction of the IC.   Even once-bare mechanical devices are controlled by IC now.

That brings me to my first point:  If the most important technology of these two centuries has progressed on a predictable scale, why has  an altruistically motivated person from the future not spawned a loop of technology advancement?  Why are we not further along than we should be (thus pushing their own technology further along)?  It seems to me that if you take the human condition into consideration, predictable growth of anything beneficial wouldn’t happen “naturally” – growth would be sporadic and unpredictable.

Again, my thoughts are not exactly well formed on this… but as I start looking into the theory of biocentrism more closely I realize that any explanation that we seek that includes us as participants MUST include the variables of our actions in those explanations – it can not be just viewed from the science alone.

Non-Interaction with the timeline

Another theory states that time travel is possible, but you would be unable to alter that timeline due to some function that would prevent temporal paradoxes.   While this sounds more appealing from the observer point of view, it now creates a very sticky situation in which the Universe must maintain a checksum or CRC (to borrow another technology term)  for every event that has happened and then must be able to predict if your actions will invalidate that checksum.  It must then create a condition in which you can not violate the checksum that you intend to, but also do so in a way that would maintain referential integrity for other checksums.

Basically, the Universe would have to prevent you from changing history but in doing so create a series of circumstances which would not alter any other checksum.  The entire timeline would have to have one giant CRC with an incalculable number of smaller CRC’s inside of it for individual actions.

I see this concept as virtually impossible because of my Universal view.  If I see the Universe as an entity on its own, not being guided on a attosecond by attosecond basis, I must consider the fact that there would be no one at the wheel guiding the decision making of if something violates the checksum.   In order for me to even consider it I would have to believe that the Universe itself was running a law behind the scene that would prevent these actions from happening.   I find a law of that magnitude much harder to stomach than say some of the other more “simple” laws like gravity, motion or thermodynamics.

This one, obviously, rests on shakier ground in my mind because it relies on my understanding of the laws of nature and very little to do with the variable of human interaction (which can be supported by human history).  It also assumes that I can comprehend the physics and nature of the Universe, which I know I can not.   I do, however, think the idea is plausible if the premise is correct.

Now, one could follow a different path – one of quantum physics – where you use the ideas of something like quantum entanglement where energy is physically tied to other matter even at great distances (like photons).  If this were true, and our Universe and timeline were like a giant Moebius strip or torus… I could begin to see how time travel could be possible without needing to have a “program” run to verify consistency – it would be hard set in the timeline as soon as the action was taken.

————-

It is all still a very new idea to me and I do not want to make a firm stand on it, but when a spark lights in your brain inside the shower and a block seems to fall into place – one should not ignore it right away.   At least that is what I am telling myself .  It is also possible that time travel IS possible in the far future before we go into heat death and that I am labeling the importance of our past 2000 years as significant enough to have someone travel back in time from 1,000,000 years in the future when time travel is possible – but you have to work with what you have, right?  I have to assume that the events in the past 2000 years would be important enough for -someone- to come back here.   Either to confirm Christianity, or to stop us from using the LHC or just giving their own past a bit of a bump in technology – someone would have to come back to make a deviation in time that we should perceive as being out of the ordinary considering our history.

Posted in JaysIdeas, JustPlainCool, Tech/Science