Trusting Open Source for Production...
- 
 I always thought TrueCrypt was for File Level encryption rather than FDE. 
- 
 See in my craziness I like FDE because I'm always worried about what products leave behind. 
- 
 @Jason said: I always thought TrueCrypt was for File Level encryption rather than FDE. TC supported FDE Through at least XP if not through 7. But I know it never supported Windows 8/8.1 etc. 
- 
 What timing... Microsoft "pulls a TrueCrypt" with Windows 7. You thought it couldn't happen with Microsoft? It just did. Remember, it is closed source that allows this to happen. Open Source is protected from this kind of thing. http://www.forbes.com/sites/gordonkelly/2016/01/02/microsoft-windows-7-problems/ 
- 
 @scottalanmiller said: What timing... Microsoft "pulls a TrueCrypt" with Windows 7. You thought it couldn't happen with Microsoft? It just did. Remember, it is closed source that allows this to happen. Open Source is protected from this kind of thing. http://www.forbes.com/sites/gordonkelly/2016/01/02/microsoft-windows-7-problems/ WHAT? I have to call BS @scottalanmiller. They did not pull a TrueCrypt. It's not like this morning we woke up to find a sign on MS.com that said - Windows 7 is not secure/trustable/whatever TC's site said the day the developers decided to get out of that game. Is MS pushing people - users - to Windows 10, heck yeah they are, and they are shoving hard. But considering Windows XP, and how long it took the majority to move to Windows 7/8/8.1, can you blame them? And in this situation, you have one similar to Linux - a free path to a new version. There isn't even any cost involved. Of course that last part - we know that's BS, there's cost involved. Your time, internet bandwidth, your failout plan, etc... these things aren't free, even if they don't cost you dollars from your wallet, they cost you in other ways. I'm guessing that OS X users in very high numbers upgrade to the latest version of OS X shortly after it comes out, otherwise I'm guessing Apple would find some way to force them to move or remain unsupported to minimize their support requirements. Look at the number of Android 2.x devices that are still out in the world that will NEVER be updated, yet are vulnerable to attack. It's basically another platform akin to Windows XP non SP, or SP1 that just became virus spewing monsters Yes we as a society are being shoved forward, but frankly I don't have an issue with this. 
- 
 @Dashrender said: WHAT? I have to call BS @scottalanmiller. They did not pull a TrueCrypt. It's not like this morning we woke up to find a sign on MS.com that said - Windows 7 is not secure/trustable/whatever TC's site said the day the developers decided to get out of that game. What TC did was make crazy claims that their software was insecure in the hopes that people would move to a different product (we don't know who encouraged them to do this or what their agenda was but it was totally obvious what happened) based on a lack of adequate ongoing code updates for things that had not yet been discovered. That's exactly what MS did here, right? Exactly. Except that in the MS case we know which product they are doing this to promote rather than having to guess. TC was not insecure. Nor is Windows 7. In both cases, the vendors claimed that they were vulnerable due to a lack of future patches or updates or technologies for issues not yet arisen. I see them as completely the same. In what way to they differ other than the trivial fact that MS has to provide "support" but that is very limited and does not cover most security concerns and that TC fell to public domain and was able to be supported and the entire concern bypassed? That makes TC the lesser of the two problems here, in reality. 
- 
 @Dashrender said: Is MS pushing people - users - to Windows 10, heck yeah they are, and they are shoving hard. But considering Windows XP, and how long it took the majority to move to Windows 7/8/8.1, can you blame them? Is that any different than TC? We don't know what product they were pushing people to, but clearly they were hoping that their customers would go somewhere. 
- 
 A major difference is that MS is giving you a place to go, and that place is free. TC didn't even make a suggestion, instead they just said that the code might be unsafe, and they up and slip in a second! MS put the word out (though frankly not good enough in my mind) that the end of security updates was coming for Windows XP, yet people didn't move away - at least not quickly. The move to Windows 10 looks to be more like a move to iOS - assuming your hardware will support it, you'll get updates forever. Which brings to mind - how does Apple handle iPhone Gen 1 products? Can you update to iOS 9? I recently read that there is or might be a lawsuit against Apple claiming that Apple intensionally puts in code to make iOS 9 run slower on older hardware to hopefully force people to buy new hardware - is this true? I'm not sure about you, or the other readers here, but I'm a bit afraid of old hardware staying online, being yet another device that can be powned and used as an attacker on the web. Short of moving to a subscription based solution, I'm not sure how we solve this problem. I can't imagine that people want to be forced into a hardware refresh requirement though subscription fees and of course new hardware will come with the latest and greatest software - but hell, it's happening with O365, and streaming music, etc. As a society we are moving away from owning things and moving toward a rental type setup. Sure there are many things that you still buy (Scott's million and one games, and movies on Vudu, etc) but renting seems to be the wave of the future. Though with rentals - if the musicians and their publishers are to be believed, the creators barely make anything on these deals. So who knows. 
- 
 @Dashrender said: A major difference is that MS is giving you a place to go, and that place is free. TC didn't even make a suggestion, instead they just said that the code might be unsafe, and they up and slip in a second! But there were places to go, including free ones and including their own code which was then maintained by others. It seems a pretty trivial difference to use "they told us the alternative" as the difference in the behaviour. 
- 
 @Dashrender said: MS put the word out (though frankly not good enough in my mind) that the end of security updates was coming for Windows XP, yet people didn't move away - at least not quickly. And that's all that TC did, too. Just a bit more dramatically acting like the end of official updates was a big deal when, in fact, it was not, because updated ended up still coming and an audit showed no update was needed. I don't see how the history behind XP is relevant. That their warnings went unheeded is a different issue. This is about calling something currently well maintained "insecure" based on a theoretical, future loss of support. 
- 
 @Dashrender said: Which brings to mind - how does Apple handle iPhone Gen 1 products? Can you update to iOS 9? I recently read that there is or might be a lawsuit against Apple claiming that Apple intensionally puts in code to make iOS 9 run slower on older hardware to hopefully force people to buy new hardware - is this true? Gen 1 stops around iOS 5 or 6. I know you can't install 7. It's not slow, it just doesn't even install. Can't remember if it was 5 or 6 which was the last version, but pretty sure it was actually 5. They stopped updating a long time ago. OS vendors have made OSes bloated in the closed source space for a very long time as an incentive to sell new hardware. That's been a standard tactic. It doesn't require anything special, just no effort to clean up and be really efficient. It's a dangerous tactic that left closed source OSes dangerously exposed to leaner open source options. This is why people feel like each version of Windows must be slower than the one before even though every OS since Windows 7 has been faster than the one before. Microsoft had to chance tack and work like Linux getting more efficient with each release rather than less. But from Windows 1 through Windows ME and Windows NT 3.1 through Windows Vista, each version had always gotten slower. 
- 
 @scottalanmiller said: @Dashrender said: Which brings to mind - how does Apple handle iPhone Gen 1 products? Can you update to iOS 9? I recently read that there is or might be a lawsuit against Apple claiming that Apple intensionally puts in code to make iOS 9 run slower on older hardware to hopefully force people to buy new hardware - is this true? Gen 1 stops around iOS 5 or 6. I know you can't install 7. It's not slow, it just doesn't even install. Can't remember if it was 5 or 6 which was the last version, but pretty sure it was actually 5. They stopped updating a long time ago. OS vendors have made OSes bloated in the closed source space for a very long time as an incentive to sell new hardware. That's been a standard tactic. It doesn't require anything special, just no effort to clean up and be really efficient. It's a dangerous tactic that left closed source OSes dangerously exposed to leaner open source options. This is why people feel like each version of Windows must be slower than the one before even though every OS since Windows 7 has been faster than the one before. Microsoft had to chance tack and work like Linux getting more efficient with each release rather than less. But from Windows 1 through Windows ME and Windows NT 3.1 through Windows Vista, each version had always gotten slower. OK didn't know Gen 1 iPhones lost support so long ago. Well, maybe the people looking to sue Apple were talking about iPhone 5 (any variant that supports iOS 9) Yeah - I know that every version of Windows since Win7 has been faster than the one before - though I don't know if MS has really had people freaking out about new hardware just because of a new OS (though these ads/BS campaigns make you think they do). Of course with Windows 10, some of the newer features require new hardware - Windows Hello. I want to use Windows Hello, but only with a finger print reader, not that stupid iris scanner! 
- 
 @Dashrender you'd be shocked how many IT Professionals use the term "new OS version" as a synonym for "slower". You can say the words "each new release is faster" and they will say "yes, but it is a new release, so it needs more hardware." Um, no. It needs less. "But, but... the OS is newer!" It's become completely common for IT people to confuse "newer" with "slower". But, as always, only Windows folks. 
- 
 @scottalanmiller said: @Dashrender you'd be shocked how many IT Professionals use the term "new OS version" as a synonym for "slower". You can say the words "each new release is faster" and they will say "yes, but it is a new release, so it needs more hardware." Um, no. It needs less. "But, but... the OS is newer!" It's become completely common for IT people to confuse "newer" with "slower". But, as always, only Windows folks. yeah, sadly that stereotype is still haunting MS from uniformed techies. 
- 
 @Dashrender said: @scottalanmiller said: @Dashrender you'd be shocked how many IT Professionals use the term "new OS version" as a synonym for "slower". You can say the words "each new release is faster" and they will say "yes, but it is a new release, so it needs more hardware." Um, no. It needs less. "But, but... the OS is newer!" It's become completely common for IT people to confuse "newer" with "slower". But, as always, only Windows folks. yeah, sadly that stereotype is still haunting MS from uniformed techies. Most of whom did not even work in the industry in the era when it happened!! 
- 
 @scottalanmiller said: @Dashrender said: @scottalanmiller said: @Dashrender you'd be shocked how many IT Professionals use the term "new OS version" as a synonym for "slower". You can say the words "each new release is faster" and they will say "yes, but it is a new release, so it needs more hardware." Um, no. It needs less. "But, but... the OS is newer!" It's become completely common for IT people to confuse "newer" with "slower". But, as always, only Windows folks. yeah, sadly that stereotype is still haunting MS from uniformed techies. Most of whom did not even work in the industry in the era when it happened!! I have to assume that those youngsters learned it from old dogs, like the young'ins learning that RAID 5 was totally fine from those same old dogs. 
- 
 yeah, an insane amount of unfounded, rumour-based word of mouth learning seems to have taken over the industry. That's why I'm so passionate about best practices and approaches documentation. It is heavily needed. No one seems to be creating higher level (e.g. less "press this button") writing out there. Everything is either super high level like "cloud is cool" or super low level "press button X to do the thing you need" but nothing addresses a level where you actually need to understand how things go together. 
- 
 So in bringing this back, I now have a fully functionaly (albeit crapbox build) of Xen Orchestra running on my Production Hypervisor which is running scheduled Delta Backups of my targeted VM (on the production hypervisor) and backing up to a separate hypervisor running CentOS7 NFS server. Here is a screenshot of the delta in progress (in reverse folder order, AKA I'm backing out of the folders) 
  
  In this picture I'd also made a full Backup, it's the oldest dated file. 
  Now this seems pretty freaking awesome, and trustworthy! 
- 
 To boot the full backup of this VM using NAUBackup would be 28GB versus the 16.2GB when compressed. Assuming I'm reading it correctly, which a delta creates a full, and only copies the changes. So this next delta that I'm running should only be ~300MB larger. I moved some files over. 
- 
 And wow, here is the completed delta!  
  
  



