@wrx7m A 6.5 vCenter can manage a 6.0 host just fine.

@coliver said in VMware vSphere Update Manager Client - Is there a version 6.5?:

@storageninja said in VMware vSphere Update Manager Client - Is there a version 6.5?:

@wrx7m Always hated CIP myself also. The standalone update utility is gone. You can use VUM through the web client. Also, try out the HTML5 client while you are at it. It's nice in 6.5

Is VUM in the HTML5 client? I haven't seen it in ours that's why I'm questioning it.

If you want the newest builds, run the fling in a separate VM. It gets updates every 2 weeks. I don't think VUM is in H5 yet, but it's obviously highly requested.

The lifecycle stuff has been slower because they are trying to re-work those workflows to be easier/more logical/holistic.

@wrx7m Always hated CIP myself also. The standalone update utility is gone. You can use VUM through the web client. Also, try out the HTML5 client while you are at it. It's nice in 6.5

@rojoloco said in Major Intel CPU vulnerability:

So maybe it becomes a PR night are for Intel, but the actual guilty party will walk away scot free.

If he had an automated trading plan that his broker was trading on his behalf under specific instructions and the broker was not made aware to change said plan between the time he got the bad news and the sale he's not guilty.

Then again, the internet court is more fun.
Youtube Video

@scottalanmiller said in Major Intel CPU vulnerability:

@rojoloco said in Major Intel CPU vulnerability:

@storageninja said in Major Intel CPU vulnerability:

@mlnews said in Major Intel CPU vulnerability:

Ars Technica agrees that Intel's CEO knew before he sold.

https://arstechnica.com/information-technology/2018/01/intel-ceos-sale-of-stock-just-before-security-bug-reveal-raises-questions/

As long as his Broker executed this plan without MNPI he's in the clear.
10b5-1 doesn't actually require public disclosure but it does help avoid PR problems like this.

As a result of his stock sale, Krzanich received more than $39 million. Intel stock, as of today, is trading at roughly the same price as Krzanich sold stock at, so he did not yield any significant gain from selling before the vulnerability was announced

SEC officials could still see the maneuver as a trade based on insider information—especially if there was no other material reason for Krzanich to sell the stock.

He's following a set pattern on his trades, and no stockholders short of day traders were hurt by this. The SEC really isn't going to bother with this unless there is some sort of smoking gun found in the way of text messages telling his broker "SELL IT ALL NOW BAD SHIT GOING DOWN".

When you can click a button and make a cool $39 million, you can easily avoid the scrutiny of the SEC or anyone else. Money = power, power = easy to avoid legal entanglements.

Bloomberg is pointing out that this was NOT following his established pattern: https://www.bloomberg.com/news/articles/2018-01-08/intel-ceo-krzanich-s-stock-sales-seen-warranting-sec-examination

RTFA

Intel says Krzanich’s sales were part of a pre-arranged stock plan with an automated schedule, but some securities lawyers say the larger-than-usual transaction will probably be examined by the U.S. Securities & Exchange Commission

It's a clickbait headline. They will look into it, but if it was part of an automated schedule they will quickly close their case.

@mlnews said in Major Intel CPU vulnerability:

Ars Technica agrees that Intel's CEO knew before he sold.

https://arstechnica.com/information-technology/2018/01/intel-ceos-sale-of-stock-just-before-security-bug-reveal-raises-questions/

As long as his Broker executed this plan without MNPI he's in the clear.
10b5-1 doesn't actually require public disclosure but it does help avoid PR problems like this.

As a result of his stock sale, Krzanich received more than $39 million. Intel stock, as of today, is trading at roughly the same price as Krzanich sold stock at, so he did not yield any significant gain from selling before the vulnerability was announced

SEC officials could still see the maneuver as a trade based on insider information—especially if there was no other material reason for Krzanich to sell the stock.

He's following a set pattern on his trades, and no stockholders short of day traders were hurt by this. The SEC really isn't going to bother with this unless there is some sort of smoking gun found in the way of text messages telling his broker "SELL IT ALL NOW BAD SHIT GOING DOWN".

@scottalanmiller said in New laptop recommendation - Mom compatible:

But MS Office is specific and needs compatibility

Office Online (If they have 365) runs just fine in Chrome.

@fuznutz04 said in New laptop recommendation - Mom compatible:

Right, plus she also remotes into her work PC I believe, but not sure what app she uses for that.

Horizon View works just fine on a Chromebook. Just need to use the Blast Extreme protocol. Citrix has a reciever for chromebook also.
My wife uses VPN's and RDP's still like a barbarian, but for civilized remote users you should be fine.

@scottalanmiller said in Major Intel CPU vulnerability:

Pretty cut and dry insider trading, I wonder how much of hiding this flaw from the public was solely to hide the insider trading?

" To avoid charges of trading on insider knowledge, executives often put in place plans that automatically sell a portion of their stock holdings or exercise some of their options on a predetermined schedule, typically referred to as Rule 10b5-1(c) trading plans. According to an SEC filing, the holdings that Krzanich sold in November — 245,743 shares of stock he owned outright and 644,135 shares he got from exercising his options — were divested under just such a trading plan.

But Krzanich put that plan in place only on October 30, according to the filing. "

The plan was created in 2015 per Bloomberg.
You can also see the history of transactions here.

Since the plan was set up, Krzanich has had a common trading pattern. In February, he gets his equity payout under Intel’s performance-based incentive plan. For fiscal years 2015, 2016 and 2017, he received 89,581, 87,061 and 278,868 shares, respectively. Then in the last quarter of each of those years, he makes sales that are proportionate to the awards he got. In the last quarter of 2015, he sold 70,000 and in 2016 he sold more than 50,000. And this year, the sale was much larger in light of the large payout he got in February.

Looks like he traded on 11/29.
Market Close was at $43.95 that day. Market Close today is $44.74 today. I expect Intel shares to go up as people realize public clouds need to buy 20% more compute this quarter (and it's too late to qualify to move those workloads to ARM/AMD systems, nor can AMD/GF handle an order that large).

While I know insider trading doesn't require you actually make money off of it, I'd argue he missed out on gains by not waiting to sell until now. Intel is clearly fine, and while this is painful for a lot of people who have to go do patching, the market isn't punishing Intel in any serious way.

Note: the stock has doubled under Brian as CEO. This design decision was made in 1995 (well technically earlier given how long it takes to get something out the door).

Equifax is different in that their trades were NOT scheduled. Those yahoos are going to jail or to pay a token fine and promise not to do it again.
Also, EqualFax has only recovered 1/2 of its losses from the breach.

Full SEC yadayadayada disclaimer, I hold no Intel, but am considering a long position in the near future.

https://www.bloomberg.com/news/articles/2018-01-04/intel-ceo-krzanich-slashed-stock-holdings-at-end-of-last-year

@dustinb3403 said in Major Intel CPU vulnerability:

It takes 3 seconds to look at his stock trades and see the pattern, and another 5 minutes to see that he filed paperwork for this plan back in 2015

At the end of Q4 he sells his awards. Nothing to see here fake news from the internet mob who's too lazy to learn basic finance skills.

@scottalanmiller said in Major Intel CPU vulnerability:

@tim_g said in Major Intel CPU vulnerability:

@irj said in Major Intel CPU vulnerability:

This might be the worst vulnerability we've seen to date...

You can plan for patching and maintenance. You cannot plan for unexpectedly losing resources. Can you imagine how many cloud providers this is going to affect. They share so many services across so many servers, I doubt they could afford to take a 30% resource hit. It could take down their whole environment.

I thought I read the performance hit only effects 32-bit processors? Did I read that wrong?

Pretty sure, as I've seen vendors discussion the performance hits on purely 64bit systems.

Meltdown's impact indeed is on 64 bit systems.

https://access.redhat.com/articles/3307751

*Measureable: 8-19% - Highly cached random memory, with buffered I/O, OLTP database workloads, and benchmarks with high kernel-to-user space transitions are impacted between 8-19%. Examples include OLTP Workloads (tpc), sysbench, pgbench, netperf (< 256 byte), and fio (random I/O to NvME).

Modest: 3-7% - Database analytics, Decision Support System (DSS), and Java VMs are impacted less than the “Measurable” category. These applications may have significant sequential disk or network traffic, but kernel/device drivers are able to aggregate requests to moderate level of kernel-to-user transitions. Examples include SPECjbb2005, Queries/Hour and overall analytic timing (sec).*

Note on the virtualization front I can't speak to if KVM or Xen will carry compounding overheads with the guest OS overheads. (ESXi so far is the only Hypervisor reporting as unaffected by Meltdown).

@scottalanmiller said in Major Intel CPU vulnerability:

@storageninja said in Major Intel CPU vulnerability:

@scottalanmiller said in Major Intel CPU vulnerability:

@storageninja said in Major Intel CPU vulnerability:

Not sure all the Intel hate is due here....

It's the unsubstantiated claims, cover up, and embargo. All unacceptable things. That they had a bug is not the issue.

The Embargo was technically the entire software industry conspiring including Linus himself. Would you rather have them released this back in June before anyone had any POC code?

Yes, I never support secrecy. Transparency is always more important.

Google breached their maximum disclosure holding for project Zero. Funny how you do that when it's your servers on the line...

@scottalanmiller said in Major Intel CPU vulnerability:

@storageninja said in Major Intel CPU vulnerability:

Not sure all the Intel hate is due here....

It's the unsubstantiated claims, cover up, and embargo. All unacceptable things. That they had a bug is not the issue.

The Embargo was technically the entire software industry conspiring including Linus himself. Would you rather have them released this back in June before anyone had any POC code?

Meanwhile, I can confirm that VMware products are NOT vulnerable to Meltdown, the newest Fusion and Workstation were also not impacted at this time (They would depend on their guest OS being patched), and currently it looks like the CVE's in the wild for Spectre are being handled by the patch that went out on Dec 19th.

https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html

Also Z-Series, Power, ARM, and AMD are impcated by Spectre. Not sure all the Intel hate is due here.... They got burned by Meltdown (which sucks if you use Xen PV which always had shit security IMHO for memory) but otherwise, this is a general-purpose multiplatform issue.

@jaredbusch said in Major Intel CPU vulnerability:

@jaredbusch said in Major Intel CPU vulnerability:

@scottalanmiller said in Major Intel CPU vulnerability:

A base Windows license core count is sixteen. So dual proc EPYC 7251 or single proc 7281, 7301, 7351, or 7351P procs incur no Windows licensing penalties.

This is not correct unless Microsoft has updated their terms in the last 12 months and I have not heard about it.

The core based licensing that came out at the time of Server 2016 is a 16 core minimum, but that is also a 2 socket minimum. Not 16 cores on a single processor.

Looks like the datasheet no longer mentions 2 processors.
http://download.microsoft.com/download/7/2/9/7290EA05-DC56-4BED-9400-138C5701F174/WS2016LicensingDatasheet.pdf

So, that means, yes, the 16 core proc is a good deal.

The confusion comes from the transition licensing for Software Assurance. If you had more than 8 Cores per process AND 2 processors per host you needed additional core licensing grants. The operative word is AND.

This chart shows a Single socket 10 core processor not costing more, so there isn't a penalty for going over 8 core's per proc up to 16 as long as it's single socket.

Note, this is "Informational only" datasheet so my friends who do license law (yah, the lamest thing to specialize in) tend to think of these docs as "maybe's" for if they count or not.

@scottalanmiller said in Major Intel CPU vulnerability:

@dbeato said in Major Intel CPU vulnerability:

@scottalanmiller said in Major Intel CPU vulnerability:

@dbeato said in Major Intel CPU vulnerability:

@scottalanmiller said in Major Intel CPU vulnerability:

@storageninja said in Major Intel CPU vulnerability:

@scottalanmiller said in Major Intel CPU vulnerability:

This year has really shown that Intel has no idea what they are doing. Time to get to AMD and ARM procs and stay there.

ARM's impacted.

How is ARM impacted?

@scottalanmiller said in Major Intel CPU vulnerability:

@storageninja said in Major Intel CPU vulnerability:

@scottalanmiller said in Major Intel CPU vulnerability:

This year has really shown that Intel has no idea what they are doing. Time to get to AMD and ARM procs and stay there.

ARM's impacted.

How is ARM impacted?

They are saying all Intel, AMD and ARM devices.
https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html
https://www.wired.com/story/critical-intel-flaw-breaks-basic-security-for-most-computers/

Any reputable sources? I did a search and came up only with disputed claims by Intel.

Phoronix states the following:
https://www.phoronix.com/scan.php?page=news_item&px=x86-PTI-EPYC-Linux-4.15-Test

Just implies that Intel paid someone to include that on other processors. Not a good sign that it is included without information.

Did you not read Linus's response? It was hilarious.
https://lkml.org/lkml/2018/1/3/797

@irj said in Major Intel CPU vulnerability:

This might be the worst vulnerability we've seen to date...

You can plan for patching and maintenance. You cannot plan for unexpectedly losing resources. Can you imagine how many cloud providers this is going to affect. They share so many services across so many servers, I doubt they could afford to take a 30% resource hit. It could take down their whole environment.

No, It's @#%@% amazing for AWS. They can charge customers 30% more for the same amount of computing power. SaaS providers might get screwed, but they can also just pass this on to customers as a 10% cost increase and call it a day. On-Prem datacenters, this is potentially good (It's forcing people to run denser who were not coming close to the limit). people close to the limit will just have to order gear.

@scottalanmiller said in Major Intel CPU vulnerability:

This year has really shown that Intel has no idea what they are doing. Time to get to AMD and ARM procs and stay there.

ARM's impacted.

@scottalanmiller said in BitCoin:

Keep in mind that most currencies are useless today. As in, you can't spend them. Some, like BitCoin, have a few places where you can spend them. Most have nothing you can buy with them (nothing legal, anyway.) And BitCoin is losing, not gaining, places that you can spend it because of the volatility. FOr example, Steam used to take BC but doesn't any longer.

So you risk the "circle jerk" problem of investing with these currencies.... they are closed systems. You put money in to get the currency, you get nothing back - no way to convert back to usable currency. As long as people will invest, you can keep making money, but the moment that they stop there is literally nothing.

It's a currency version of a pyramid scheme in every sense. Only the top tier make anything.

I've got (Some) BitCoin. Bought it a year ago (needed a VPN service and some other things, and threw a few hundred in.
My biggest complaints with it are that...

1. Transaction times/costs are terrible. Lightning MIGHT solve this. Other cryto currencies have.
2. There are fewer and fewer places you can buy things with it. (I've bought a VPN, and mailed a bag of crap to someone).

My speculative holding (That reaches long-term capital gains tomorrow) is based on its value coming from the following things.

1. Greater Fool Theory. (Bubbles last a LOT longer than you would think). I even bought some in the dip the other morning and made a cool 15%

2. Defeating currency controls. Bitcoin Isn't actually as good as other cryptocurrencies out there, but it's the one that money gets brought back thru before it goes to cash. LiteCoin might replace it (because it was designed to not have the transaction/cost issues BitCoin does). With bearer bonds becoming rarer this is a big deal.

@scottalanmiller said in pricing on websites:

Because you have to assume that they are going to just work for an hour, and deal with continuous billing as you go, it creates a lot of overhead and friction and you have to bill with the assumption that you are context switching on and off. It costs more to provide, it costs more to consume.

If you've paid for a block of hours ,and we are in within my scope for a project on the blocks you bought to deliver (with no weird issues) I have ZERO worries about the bill being disputed.

If your a customer who bills by the 15 minutes and disputes by the 15 minutes get ready for me to OVER document to make sure the bill will stick.