Archive for the ‘Opinion’ Category

« Older Entries

Ostrich responses to an error message

Monday, February 23rd, 2009

I was looking at the DNS servers I admin last week and noticed, among other things, the following error message showing up frequently in the system logs: 

Feb 23 10:23:08 baltimore named[14105]: [ID 873579 daemon.info] \
edns-disabled: info: too many timeouts resolving \
'171.221.32.207.sbl.spamhaus.org/TXT' \
(in 'sbl.spamhaus.org'?): disabling EDNS

This looks like a problem that should be fixed. I googled this error message and 9 out of 10 replies to people asking how to deal with this error was (and I’m paraphrasing)

“Oh just ignore it, and here’s how to configure logging to not log those errors”

WTF? How about some helpful information about why this is happening and how to fix it? Or more information why it is happening so a person can be informed about what is happening and the root causes.

here is a posting from Mark Williamson the bind-users mailing list that does provide some useful information that can be used to made an informed decision if you want to disable logging these events: 

"disabling EDNS" is issued when named experiences too many
timeouts to EDNS queries and named decides to give up on
EDNS and revert to plain old DNS.   Now timeouts can be the
result of many things.  Broken nameservers that don't respond
to EDNS queries.  Firewalls that block EDNS queries.
Firewalls that block fragmented responses.  Firewalls/NATs
that don't handle out of order fragments.

Timeouts can also be due to other network problems including
unreachable servers.

If you are getting lots of these then you do have network /
firewall problems.  They may however *not* be caused by EDNS.

The message has the symptom "too many timeouts", what it
was trying to do "resolving 'ns.cmmail.com/AAAA' (in
'cmmail.com'?)" and what named doing "disabling EDNS" to
try to rectify the problem.

based on that information I think I will be disabling these messages.

Posted in Opinion, Technical, Uncategorized | No Comments »

Empower your employees or handcuff them?

Saturday, January 24th, 2009

I work for a large consulting firm and my employer has decided that instead of empowering their employers they will handcuff them.

Specifically my employer has decided to limit its consultants to only access our email via internal access to an Exchange server, or external access via either Outlook Web Access (a web mail client for Exchange) or via our corporate Blackberry BES (Blackberry Enterprise Server). The later is only an option for connectivity if you are either senior enough and get a company issued Blackberry or have management sign off on allowing you access the company owned BES.

This means for the average consultant at my company we will no longer have easy access to their email outside of the office. Will this impact the rank and file’s ability to be responsive to both internal demands and our customers? In my ever so humble opinion, yes. Will this be noticed by the people who made this decision? Probably not because they are disconnected from the the people who actually generate revenue for our firm.

The sad part is that in the name of security they migh end up encouraging insecure practices. For instance some people might start using external email addresses for business purposes which exposes potentially sensitive corporate data to outside parties. This didn’t have to happen either it is entirely possible despite this statement “IMAPS - it turns out the “S” is pretty darned weak” [1] to allow for a publicly available email solution.

Sadder still is that unless this impacts someone senior enough, which it won’t because they all have company issued blackberries, it will happen no matter how much the rank and file might complain, which they won’t anyway.

[1] I asked for clarification on this statement on Tuesday and to date have not received a response.

Posted in Opinion, Uncategorized | 2 Comments »

Obama’s Baltimore Visit - security insanity

Saturday, January 17th, 2009

Here in Charm City we are experiencing the FRIGID temperature’s and the president elect is stopping to speak in the city this afternoon. Because of the security insanity involved with any presidential appearance if you are heading down you need to follow all sorts of rules about what you can bring inside the security zone. Here is what is prohibited:

  • Weapons
  • explosives
  • aerosols
  • laser pointers
  • Packages
  • coolers
  • thermal or glass containers
  • backpacks
  • structures
  • bicycles

The weapons and explosives make sense. Aerosols, maybe, but this is Baltimore what’s a good Hon supposed to do? Leaver her Aqua Net at home? What if she get’s a chance to meet the president to be? She might need to fresher up her do and look her best…..sadly fashion will have to take a back seat to ’security’. Laser Pointers make a little sense but unless you do a FULL inspection of everything a person is carrying you can’t hope to catch one as they are too small and easy to conceal. Heck I have one that is on the end of normal looking pen. Good look finding that unless your screeners are REALLY looking at everything. Now packages? well that just seems impractical to bring to an event such as this. Coolers? Come on it is colder out than in a cooler…..again impractical for today. Now thermal containers? Today when the expected high is only going expected to be 23? That seems foolish. Even more foolish when you learn that there will be no concessions near by when you could hope to purchase a hot beverage to help warm up. Backpacks? Come on, inspect them but as long as they don’t contain any contraband let them through. Structures? What do they mean by that?!? An Bicycles make some sense since with the crowds they would just get in the way.

I predict numerous problems with the cold from today’s event, partly from people being dumb, partly from poor preparedness by local emergency services, and partly from security restrictions preventing people from brings say….warm beverages with them…..

Hopefully any problems encountered today will be learned from and applied to the inauguration on Tuesday.

[update: I just learned on WBAL TV that Donna's will be inside the security perimeter service food and HOT beverage. Smart move.]

Posted in Baltimore, Opinion | No Comments »

Roku’s Netflix Player

Sunday, January 11th, 2009

Danielle bought me this device for my birthday. I had been hesitant to do so for myself for a couple reasons. The primary one was some of the reviews I had seen mentioned issues with video quality and streaming issues. The secondary one was I didn’t really want yet another A/V component and remote around. But I am glad Danielle didn’t consider any of this and just bought it because it is a wonderful device for my wants/needs.

The quality and streaming issues I have yet to see any problems with. For the former it is probably related to the fact that I’m still using an older standard definition CRT TV. So unless something is very noticeably pixelated or the like I don’t notice. As for any streaming issues I credit my ISP () with providing me a good quality connection.

The other great thing about this device is its core purpose streaming movies from Netflix. Both Danielle and I are more willing to add some movies to our instant queue than we would be to add them to our normal queue. Since we have unlimited streaming and there is no turn around time watching something like McLibel or Going to Pieces: The Rise and Fall of the Slasher Film makes more sense.

I am very much looking forward to Roku adding addition streaming options in addition to Netflix. Hulu would be a great start. Or if they could do something like Sling has with their online streaming and making multiple sources available via a single front end that would be even better and more user friendly.

For me the roku added to my Tivo’s with Amazon Unboxed makes me happy and have zero desire to get an Apple TV even with something like Boxee added to it (via a hack).

Posted in Opinion, Technical | No Comments »

Good customer service

Monday, October 13th, 2008

Say all the bad things you want about Apple but my experience at the Genius Bar in Columbia Mall with Steve today was great. I opted for Columbia over Towson because I had another errand that I needed to accomplish there.

My appointment was for 2:40 and it was right on time (if not a minute or two early that they called on me). I explained my problem and Steve immediately dove in to trying to solve my problem. At first he suspected it might be a video card problem and tried to nail it down to that. He wasn’t able to and called Apple support and one way or another Apple decided to cover the cost of whatever repair is required to get me running (logic board seems to be the consensus to people I’ve spoken to about the problem). I don’t know why they decided to make that decision but it is a cheap way to keep me a happy Apple customer.

I couldn’t leave it with Apple today since I needed to remove some confidential files (even though it is an encrypted drive) because it is just the right thing to do. But Steve left me with his card and a reference number so everything e did and they fact Apple will take it back to fix it is recorded.

So while I am away for the next week my MacBook will be getting fixed. And unless there is some compelling new netbook type Apple being released I won’t feel compelled to venture to an Apple store in Jacksonville.

Posted in Apple, Customer Service, Opinion, Technical | No Comments »

My impression of G1 review/comments

Wednesday, September 24th, 2008

Like the initial release of Apple’s iPhone I’ surprised at how many people are panning the phone before we have any real devices in people’s hands. I’m also noticing some similar themes between the iPhone initial comments and the G1. Here they are:

iPhone (v1.0) T-Mobile’s G1
no exchange support no exchange support
no keyboard no touch screen
locks you into Apple’s world locks you into Google’s world
where is my CDMA (i.e. Verizon) model? where is my CDMA (i.e. Verizon) model?
what no 3G? T-Mobile still doesn’t have 3G where I lived
no support for VoIP (what you mean I need to use my cell phone as a cell phone?!?!?! that’s crazy!) no support for VoIP (what you mean I need to use my cell phone as a cell phone?!?!?! that’s crazy!)
My Windows Mobile phone has been able to do all the same things for years My Windows Mobile phone has been able to do all the same things for years
Only 4GB of storage space on the entry level model Only 1GB of storage space on the entry level model

Personally I’m tempted, especially since unlike the iPhone I can buy one unlocked (for what the original iPhones cost IIRC). But I’m going to wait until I hear back from some hands on reviews and the first adopters.

Posted in Opinion, Technical, Uncategorized | 2 Comments »

Eye-Fi card

Wednesday, September 3rd, 2008

I recently purchased a an Eye-Fi card to give to Danielle along with my old camera. My thinking was since she was getting an old camera she could at least have a nice new feature with it. Sadly he showed no interest it in. It basically sat around for almost a month before I decided to reclaim it from her last weekend.

Since then I’ve been using it with my little point and shoot. At first I was having troubles getting it to transfer pictures directly to iPhoto. After looking into that problem I discovered it was my firewall that was causing the problem. I was able add a rule to allow access from the Eye-Fi to iPhoto and since then it has worked like a dream. The first couple pictures I took this evening of the bathroom were on already in iPhoto when I came back down to my computer after taking them.

I’m still not completely sold on it though. In order to use it you basically have to disable the auto off features on your camera. In addition to that the actual wifi does east into the battery life of the camera.
Another thing I don’t like is that the transfer via wifi requires the Eye-Fi to join a network and then transfer it. I need to sit and figure out how to enable a direct transfer (using an ad-hoc network) when I’m not around a known WiFi network.

Since I’m not sold on it yet I won’t be adding it to the sidebar on the right…..

Posted in Opinion, Technical | No Comments »

Do People Run Production Servers Using Fedora???

Wednesday, August 27th, 2008

Over at the O’Reily Port 25 blog Todd Ogasawara asks the question in the title of this post. The larger context is that the Fedora (and Red Hat) servers were compromised recently and if you’ve installed either the software or any patches you need to at least be considering the implications of these security breaches. But that’s not what I want to comment on.

Does Mr Ogasawara really live in such a cocoon as to not know that a lot of production servers probably run Fedora and other free linux distributions???? And there is one reason for this, the software is FREE. Free means no one has to sign a purchase order for the software, free means a bright person can build a cool new website without outlaying any money up front (assuming the have 1 piece of hardware). Also the people using Fedora as a production probably aren’t the target market for the ’support’ or ‘we need someone to sue if anything goes wrong’ camps.

Aside from free you know another reason people use Fedora and other free distros for production? Apps and tools. Personally I run Solaris (also free for download) but honestly every time I have to figure out why tool X won’t compile on it I’m tempted to migrate to a linux distro where everything works (mostly) out of the box.

Finally I will add one more thing. Having used Red Hat Enterprise I really don’t see what value it adds for the majority of users (i.e. companies) that purchase it. I mean besides a number to call to help you support it. But I think you’re money (in a lot of cases) would be better spent hiring bright people who can get the free distro working with whatever problem you are having.

Posted in Opinion, Technical | No Comments »

Baltimore Business Journal needs better writers

Tuesday, July 22nd, 2008

I actually expect stuff like the following from the Baltimore Sun (considering they have like 6 people left working at actual reporting anymore) not from the Baltimore Business Journal.

Here’s the headline:Gen Y precedes Gen X in technology alphabet


According to a new report, Generation Y is a small but influential group when it comes to technology adoption, while Gen Xers choose to adopt a technology when it fits in with a personal need or desires

I might buy that but then I read this:


While Gen Y is a small generation of 18- to 28-year olds, consisting of only 38 million adults

and later this:


In contrast, Gen X, which is composed of 29- to 42-year olds — about 63 million adults

First of all they are comparing a generation that spans 10 years to one that spans 13. That alone would should have caught the reporter’s attention. That of course ignores the fact that a generation is usually minimally a 20 year span.

And in re-reading the article a 2nd time it reads more like a press release from the survey’s source: Forrester Research. What happened to reporting? You know like questioning the methodology or the conclusions drawn from the data?

Read it for yourself and see what you think.

Posted in Opinion, Uncategorized | No Comments »

New Fileserver

Sunday, July 13th, 2008

A few months ago I had a drive fail in my file server’s RAID5 array. That shouldn’t have been catastrophic since RAID5 is meant to handle that. However before I could replace the dead drive a 2nd drive failed.

As such I’ve been living without any good file server. In the meantime I’ve been using several USB external drives for archiving and backing up data. This solution has worked but is far from ideal. From various online sources I kept hearing good thing about the Drobo. It sounded like wat I wanted. But the price tag of $500 without any storage included was steep. That changed with the recent price drop I mentioned in My new robot.

After ordering the drobo I decided to change my file server from a FreeBSD machine to my existing linux desktop. I had several reasons for this. First Drobo has no support for FreeBSD but has some beta support for linux. Second my FreeBSD machine only has USB 1.1 ports which would mean I’d need to add USB 2.0 ports to use the drobo effectively and that would add some extra cost to the solution. Finally saving energy was the final reason. My linux desktop is already left on for various tasks and using it for a file server also instead of having an additional dedicated machine running as a file server would save on my BG&E monthly bill.

To install the drobo software I found the easiest thing to do was re-build the desktop to be a Fedora Core 9 machine. This also gave me a clean install which is always nice to have. Once I had FC9 installed installing the drobo software was pretty straight forward. The README that accompanied the code also walked you through partitioning the drive using EXT rather than FAT 32.

My first step was to test drobo’s dynamic expandability. Their product literature and marketing all say how easy it is to expand the Drobo’s storage by just adding a new drive. So the first thing I did was install 3 driving in the drobo and wrote data to them. I think powered down the drobo and added a new drive. When I remounted the volume the old data was there and the drobo software reported more capacity. It looks like I will be testing removing a drive and adding a bigger one since even before I’m done moving data to it it is at 70% capacity.

Let’s move to some bullet likes and dislikes:

Like

  1. easy of configuration (if you run Windows or OS X it is ready for you out of the box w/ software on the included CD)
  2. price drop
  3. linux support

Dislike

  1. No matter how much store you have in the drive it reports its size as 2TB.
  2. lack of network port without spending another $200 for Drobo Share.

One item I have noticed in my moving file around has been the speed at which data can be transferred to the device over USB. It isn’t very fast. This might be because I’m transferring from one USB drive to another but it feels slower than mos people would like. This is only a short term concern for me since after my data is moved over it is mostly just going to be a file repository not online access for files.

Posted in Opinion, Technical | 2 Comments »

« Older Entries