Posts made by tonyshowoff

@scottalanmiller @xrobau

@travisdh1 said in Revisiting ZFS and FreeNAS in 2019:

@DustinB3403 said in Revisiting ZFS and FreeNAS in 2019:

@JaredBusch said in Revisiting ZFS and FreeNAS in 2019:

@DustinB3403 said in Revisiting ZFS and FreeNAS in 2019:

@tonyshowoff let's step back here, what site did you run?

You didn’t know this?

Obviously not, why would I have asked otherwise?

Yeah, we've got contacts for everything around here.

[ in vague Slavic accent ] You want girl? I get you girl. Or men, Anton does not judge. Money up front.

@xrobau said in Revisiting ZFS and FreeNAS in 2019:

"What?" I hear you say, "why would I want to compress and decompress my data, surely that will add an immense CPU load to my NAS!"

Holy shit dude, you're talking like Devil Bill pushing a nerve tonic at a carnival at the end of the 19th century. Do you have a top hat and magic wand too? You ignore why these things are myths and reiterate them as though they were actually true or truer (in the sense that something else also doesn't do the same). Plus you're just condescending as hell and doing so many cringy, classic bad debate tactics with people who know how to check facts, or, you know, read shit you intentionally misquote.

It's bafflingly insane taking things are said to be myths and then saying they're not myths by reiterating the myth itself.

As a major early user of ZFS, not because I believed zpool to be some fault tolerant pixie dust bullshit, but because btrfs was behind and we kept running out of inodes rather than disk space, mostly due to image storage (I ran the 4th most popular porn site on the Internet, but at one time it was 2nd).

ZFS is cool, but you have to watch it like a hawk, and that's something people like you like to essentially act like isn't the case. Since ZFS isn't like a good hardware RAID, all of your reads go right into system memory, so if you ever have any bad RAM all the magic of ZFS won't make a damn bit of difference, it will write that stuff straight to disk without any checks or just fault and degrade it's own metadata no matter how big zpool is. Snapshots! Well too bad those are broken too. Ask me how I know...

What also really sucks is you can't add disks to VDEV, but lower than that, for example with RAID 6, you can add disks and expand the RAID without destroying all your data or having to create a virtual array or something. This and the concept of resilvering drives to expand storage space is both time consuming and fraught with potential danger of fucking it all up like February.

For a filesystem which people want to claim is a good replacement for RAID (typically by acting like things it does, RAID can't do, when often RAID actually does them) that is a real pain in the ass, especially for my situation. If you have expanding data, can't get rid of it, it really sucks to have to go through hoops to expand rather than just adding another disk.

I've been dealing with it for years in a real world environment, and I'm also not IT, I'm a developer, so I don't care about the "come one, come all, take a gander at the fantastic, frip-frappity-doo-da" shit show about why since Jesus Christ and Muhammad the best thing is... ZFS. It's great, but it's not that great.

I was talking with @scottalanmiller and brought up something that had popped into my mind recently: wasn't there a version of Windows Server where the clock was hidden by default? I asked him:

This is totally unrelated but it has been on my mind, there was a time when Windows Server shipped and by default the clock was hidden from the system tray, did that happen or I'm I misremembering something? I'm thinking .NET server beta or even pre-SP1 2003

He couldn't recall that, so instead of just thinking about it I decided to google: windows server default clock hidden

Hey, first result is exactly what I'm looking for!

It's my own question asked 6 years ago on the very same topic. I'm not sure the selected answer is the right one, I am second guessing myself, how do I know that I wasn't a raving lunatic when I accepted that answer? I didn't quite remember ever asking it.

This has happened to me before though at least twice, though I wasn't forgetful that I had asked it. I had some issues with Exchange and XML RPC, really strange edge case stuff that I had asked about on stackoverflow.com, but nobody ever answered. I figured out a hack around it, a really ugly one, and about a year later I saw the code again and I really wanted to solve the problem, only to run right into my question again, still with no answer.

@scottalanmiller said in Finally leaving my job, and it's just as annoying as I thought it would be:

He gets busy and pops in when he gets time.

A person like that lacks the dedication required to really belong to this cult forum.

@IRJ said in Finally leaving my job, and it's just as annoying as I thought it would be:

@IRJ said in Finally leaving my job, and it's just as annoying as I thought it would be:

@guyinpv still there?

He seems in and out, here from about a week ago, evidently he's training someone:

@guyinpv said in Finally leaving my job, and it's just as annoying as I thought it would be:

To begin a detailed, thought-out, plan of finding a competent replacement. Start looking at quality job boards, map out job requirements, etc. Be reasonable, efficient, mindful.

Instead they panicked that I was going to walk out and leave in a couple days. They rushed to find anybody with basic knowledge of a computer from the local staffing agency and threw them onto my lap with little consideration. Now I'm trying to train a person with no experience and fairly rudimentary knowledge. Plus they dumped all these demands for an encyclopedia worth of how-tos, procedures, vendor notes, troubleshooting guides, etc.

It's funny but also sad. One day the new person was there and I was at home, sick or something. A shared network connection in Windows got disconnected which made an app pop up an error. New person tried to troubleshoot the app, perhaps not knowing the shared network drive existed. So boss asks if I've already written a specific procedure for this specific app when having this specific error caused by this specific problem.

I'm just like, no, I can't write a procedure detailing every conceivable error that can happen on every one of 50+ vendors we deal with, lol.

The IT person is supposed to know how to troubleshoot issues, not just read from a procedure book encyclopedia written by the previous IT person!

@mlnews Man that Guns 'n Roses album is really getting out of hand.

@valentina said in What Are You Drinking:

Strawberry-Mango smoothie

White folks love smoovies

Youtube Video

@black3dynamite said in Miscellaneous Tech News:

Here I thought Microsoft will Chromium but keep Edge interface.

Damn that really is close. It has the obligatory high definition photograph of some natural space which Microsoft also uses on bing.com to distinguish itself from google.com

@Dashrender said in WebAuthn now a standard:

@tonyshowoff said in WebAuthn now a standard:

My advice on WebAuthn is: wait until the next version of the standard when they iron out all the things they could have avoided had they done an RFC rather than just announcing it like a bunch of jackasses.

Pun indended: FIDO(2) is dog shit

What don't you like about FIDO(2)?

It extends from the lack of an RFC, because they require implementation of already broken/obsolete RSA models. Of course their answer to this issue is "don't use them", which is utterly retarded.

At the end of the day, the simplest is this: they're pushing it for mobile, if you lose your device or somehow don't have access to your private keys, you can't login, pure and simple.

My advice on WebAuthn is: wait until the next version of the standard when they iron out all the things they could have avoided had they done an RFC rather than just announcing it like a bunch of jackasses.

Pun indended: FIDO(2) is dog shit

@dafyre said in WebAuthn now a standard:

@tonyshowoff said in WebAuthn now a standard:

†Of course, you can add key phrases to your private keys but if you're doing that, what in the hell was the point of going down that road in the first place?

I thought the idea was to help eliminate passwords flying all over the internet. With something like a key phrase on a private key, that password should never leave your computer... but I'm relatively certain that's not how this is going to work, lol.

With SSL it wouldn't make any difference anyway. And no your passphrase for your generated private key would not have the password sent, rather it's in order to use the key file at all.

@dafyre said in Random Thread - Anything Goes:

@tonyshowoff said in Random Thread - Anything Goes:

@nadnerB said in Random Thread - Anything Goes:

Win what? Both are terrible approaches to passwords.

Free network pwnage with every Posty Boi.

Until I get the password file or SAM file (no, not that SAM) and then crack all those kick ass, secure 10 character passwords fairly fast and instead of just having access to the secretary's Office 365 account, I now have access to everything because people thought characters and numbers really made that much of a difference with entropy. On my networks I always enforce at least 15 character pass phrases. It used to be 12.

Something I'm sure most people here have seen but still applicable:
https://xkcd.com/936/

Saying a password is "complex" just means "more likely to be written down", it doesn't mean "secure." Length, especially with slightly mispelled words or replacing a letter with a number, in order to avoid compound dictionary attacks does a whole hell of a lot better. It's easier to remember: purplem0nkeedishwasher than it is to remember S!kl33S(I@ and it's immensely more secure. 10 character passwords are peanuts, no matter what characters they have in them, especially with GPU crackers. It's basically obsolete advice.

@nadnerB said in Random Thread - Anything Goes:

Win what? Both are terrible approaches to passwords.

@JaredBusch said in WebAuthn now a standard:

In the short term, places like ML will enable WebAuthn and what? We load a public key of some type from our browser into our profile.

Hopefully browsers will make the private side hard to pull out of them. Most people will not use a yubikey or anything. It way too easy to lose and then where are you ?

The thing is, it doesn't follow you as easily as a username and password, and on the other hand, depending on the client-side implementation it means there's literally no barrier when it comes to a shared computer†. If the device that stores the keys also automagically generates/stores them initially then OK, but moving beyond that what do you do then?

It's like OpenID, while seemingly apparently simple, until you try to explain it to a user.

Or more of a closer analogy are stored SSH keys, if you're logged into the machine, then you have a free for all. Hell, just open PuTTY and you're authenticated (assuming keys are stored).

†Of course, you can add key phrases to your private keys but if you're doing that, what in the hell was the point of going down that road in the first place?

Note, I'm speaking totally independently of any security benefits of internet-facing services using keys vs classical logins, so let's not start a whole thing SAM

@scottalanmiller said in Random Thread - Anything Goes:

@dafyre you'd escape. You might not live, but you'd escape.

You don't know that, maybe there's a small swimming pool, dirty mattress, trampoline, or bed of spikes at the bottom.

@JaredBusch said in What Are You Doing Right Now:

As both terrible and boring are personal opinions

Not if you state them as facts.

(lol what am I saying?)

@dafyre said in Miscellaneous Tech News:

@scottalanmiller said in Miscellaneous Tech News:

@brandon220 said in Miscellaneous Tech News:

@JaredBusch I tried switching to a Samsung galaxy S9 a few years ago. It lasted 14 days (took it back before the trial period ended) because I missed iMessage, battery life was poor, and a few other issues. I use wifi calling a lot and it didn't seem to have that at the time. Wouldn't call myself an Apple fanboy. I do love the keyboard on my wife's macBook Pro...

I'm really a fan of my S9. First Android device in a long time, but it has been great.

I'm a big fan of the Galaxy line... I had both a Note 3 and a Note 4... I'm considering switching back to Samsung for the Note 9 instead of a Pixel XL 3... But I want to see if Verizon is going to get the Fold first. From what I hear, nobody knows yet.

Fanboy much?

jk

@scottalanmiller said in What Are You Doing Right Now:

Just got home from SpiceCorps DFW.

I'm reminded:

Uncle Charlie : How was church, Charlie? Did you count the house? Turn anybody away?
Young Charlie : No. Room enough for everyone.
Uncle Charlie : Well, I'm glad to hear that. The show's been running such a long time, I thought maybe attendance might be falling off.

@scottalanmiller The green tap dancer is what really brings it all together