TechOpsGuys.com Diggin' technology every day

June 29, 2011

Adjust CPU power in 1 watt increments

Filed under: General — Tags: — Nate @ 2:09 pm

Saw this over at the AMD blog recently, certainly sounds pretty neat, the ability to control the power usage of your CPU on a per-watt basis, which is significantly more effective than current power limiting strategies available today.

Well, let’s say that you have a maximum power draw on your fully configured server of 300W, and you have 42 slots in your server.  The simple math says that you have 12.6Kw of power load that you need to be able to support.  Now, if your power budget only allows you to bring 12Kw to the rack, you essentially have 2 slots that need to be left open in the rack because you can only support 40 and not 42 servers. But, by utilizing a custom TDP, you could drop the max power that some servers could draw, bringing you in under the limit of 12Kw and still getting 42 servers in the rack.

No mention on whether or not the processor will turn off cores once you hit certain thresholds (say you reduce a 80W 12-core cpu to 60W of power, it may be better to run fewer cores with higher clock speeds than more cores on lower clock speeds depending on the workload).

June 23, 2011

Microsoft Sync not so hot?

Filed under: General — Tags: — Nate @ 10:20 am

Ford has been plastering the nation (and probably world) with advertising recently which included giving lots of props around Microsoft’s Sync technology. I’ve never used it, and haven’t talked to anyone who has mentioned using it so I don’t know a whole lot about the product.

But a short time ago survey results from JD Power were released on initial car quality. A big source of complaints was the technology features in the cars. But what I thought was interesting and how it may tie into Microsoft’s Sync technology is the fact that Ford practically fell off a cliff on this survey dropping a full 18 positions to #23 on the list.  If you asked me to name 23 auto brands I couldn’t do it. Maybe I could come up with a dozen or fifteen.

Here is a couple articles on the list.

The problems with MyFord Touch — the latest generation of its heavily promoted and popular SYNC system of voice commands — are especially disappointing for Ford. Consumer Reports has criticized the new system repeatedly for being too complicated.

The technology in my new Juke has me somewhat concerned as well, it works fine, but I’m sure when it breaks, it won’t be cheap or easy to fix, so I got the extended warranty on it, and may very well not want to own the car beyond the warranty(I didn’t buy this car with the thought of driving it into the ground). I haven’t had any issues with the technology in my new car, aside from one time my GPS crashed, but that seems to have been a freak event.

The one thing I would like on my GPS though is some of those custom voices that are available for TomTom, I have disabled the voice output of the GPS because it was disruptive to my nightclub on wheels stereo, but it would really be fun I think(at least for a short time) to be able to have random famous actors or characters talking to me through the GPS.

Collecting taxes an Administrative nightmare?

Filed under: General — Nate @ 1:13 am

[sorry for the rash of non technical posts recently there just hasn’t been much going on in the tech world that has been interesting to me recently]

This has been pissing me off for a long time. Amazon trying to evade collecting taxes on behalf of states. I tried finding a report of this in text form but could only find one that had these words in video form from CNBC (yeah I’m watching CNBC shows my Tivo recorded at noon today at 1AM)

Amazon says the real issue is the administrative nightmare of collecting different rates for different states

That has got to be the most stupid excuse I have ever heard in my life. There is no administrative nightmare. There are several companies out there that specialize in exactly that sort of information so you don’t have to worry about keeping track of it yourself. I was using one such system going back as far as 2003.

It was called Taxware, and it handled everything for us (the link points to ADP, whom I assume acquired the company at some point, I don’t recall ADP being associated with Taxware at the time, assuming I have the right Taxware, it was a long time ago). Taxes can get pretty complicated, but complication is not an excuse when you have something like Taxware doing the hard work for you.

While my memory is foggy on the details back in the day I do recall coming across some very interesting tax things that went on at the time, and that Taxware handled just fine. I’m talking about tax breaks for certain kinds of products that only lasted a certain amount of time for example, and these could vary on a city by city or county by county basis it was that detailed! Because of those things you really had to stay on your toes with the data file updates which came regularly.

I have no doubt there are other platforms and services like Taxware.

If the small startup I was at at the time could calculate and collect taxes, there’s no excuse for the bigger companies to not be able to do that other than they want the competitive edge against local businesses in the state that are forced to collect taxes.

I can understand a small mom & pop operation  (maybe sub $300k in revenue a year) not having the resources to collect taxes, but even for them it wouldn’t surprise me if there was a SaaS offering out there that did it. Maybe they’d call it SpeedTax or something so it sounds fast and easy.

Most people don’t realize that we also have use taxes as well, in the event you buy something from out of state (assuming your state has sales taxes), and they ship the product to you without collecting taxes, or if you go out of state, buy it, and bring it back (e.g. those living on the border between WA and OR that exploit the tax conditions between the two states (WA having no income tax and OR having no sales tax)), you’re technically not off the hook for taxes on those products. Though enforcement has been an issue and your only likely to get caught if you are doing large scale evasion.

One thing I do agree with Amazon with though is we should have a national system, some law that removes all remaining avenues of escape or excuses for Amazon (and others) for collecting the taxes that they’re supposed to collect.

May 27, 2011

MS cashing in on Android

Filed under: General — Tags: — Nate @ 9:07 pm

Oh how ironic, to me at least. Just came across this on Tech Flash.

Based on an estimate that HTC has shipped 30 million Android devices, Asymco calculates that Microsoft has seen $150 million in revenue from Android. With Microsoft selling 2 million Windows Phones licenses, its Windows Phone revenue comes in at $30 million.

Microsoft making more money off of Android than it is on it’s own cutting edge mobile platform..

May 25, 2011

RIP: Mark Haines

Filed under: General — Nate @ 8:42 am

Not tech related, but a sad day for me, a great guy Mark Haines who was an anchor on CNBC for decades died recently at the age of 65. I have been watching his show for at least the past 5 years now and he really was my favorite guy, always honest, never afraid to confront someone on a topic, and never afraid to speak his own mind. He was with CNBC since the day they launched in 1989.

Mark Haines correctly called the top of the Nasdaq in 2000, also correctly called the bottom of the markets (known as Haines’ bottom at the time) in 2008. With that in mind he called the recent tech IPOs (especially LinkedIn) a bubble (regardless of whether of whether or not the environment is different from the dot com days).

This sums him up pretty good in my eyes, from the words of Bob Pisani“How do I feel about you as a person, do you make sense to me, does your argument make sense to me, if it doesn’t make sense to me I’m not going to have that much respect for you – I don’t care what your title is, I don’t care what your position is. I don’t care if your a famous economist, I don’t care if your a world leader or not. If it makes sense to me, and I think you have a point to make, I’m going to give you the time and respect your opinion – if it doesn’t – I’m going to come back at you”.

There’s a tribute show for him today at 4PM PDT on CNBC.

He was an awesome person, and will be greatly missed by me.

 

May 20, 2011

LinkedIn IPO could ruin tech sector?

Filed under: General — Tags: — Nate @ 2:28 pm

I’ve been seeing an increasing number of people (some of whom I at least know of and respect) saying how bad the LinkedIn IPO was yesterday.

A recent one I just came across is from John Dvorak (damn I miss Cranky Geeks), who has a column on the Wall Street Journal site saying how the LinkedIn IPO could ruin the tech sector.

Myself I don’t agree that the IPO itself could ruin the tech sector, I think it’s just another part of the frenzy in social media, LinkedIn is of course seen as a gateway into one of the leaders in the space and there has been so much hype being built up over the years. It’s just a sign as to how rabid some of these people are(the fact that there is a whole second market for this kind of stuff that has opened up is far more concerning to me than the IPO). Whether or not they IPO’d wouldn’t of changed that fact.

I just think back to my days at Jobster(closed up shop about two years ago) when they were running rampant on the social media stuff, I couldn’t believe my eyes or ears. I knew the days were numbered when the management of the company wouldn’t let us remove bad email addresses from our databases (the bad email addresses were causing us to get blacklisted, hampering abilities to do the amount of email traffic to users that we were doing).

We couldn’t delete them because it would hurt our user count. I mean oh my god, are you kidding me? These users are not there anymore! Maybe they never were there! They are actually impacting other users by having their emails bounce! I suppose another approach we could of taken was somehow flag the accounts to not email them, but nobody seemed to come up with that idea at the time.

Here is a good video on some of the hot IPOs in the past year (many from China), and how poorly they have done since they debuted. I tell ya, the more I read and learn about stocks and investing the less interested I become in ever participating in it.

Maybe I’ll get lucky and the world will end tomorrow and I won’t have to worry about my home grown retirement plan 🙂

May 16, 2011

MySQL Scalability with flash

Filed under: General — Tags: — Nate @ 11:48 am

Just a quick post, came across this on the MySQL Performance blog and thought it was a really well written paper. Talks about vertical scaling in the most current versions of MySQL, what the major bottlenecks are when scaling with more CPU cores, and how to extract the highest amount of I/O out of today’s modern server hardware.

What I’d like to see just for comparison purposes is running the latest & greatest MySQL, vertically scale it to 48 cores, and compare it against Oracle Standard Edition on the same 48 cores. As far as I know the Oracle license agreement forbid publishing performance numbers so I’ll probably never see this but it is a curiosity of mine, because sharding a database can make application development significantly more complex.

It is nice though that the latest versions of MySQL can scale beyond four cores.

May 8, 2011

Social Shopping – weapon against small businesses

Filed under: General — Tags: , — Nate @ 10:46 am

I’m not sure if Social Shopping is the right term or not, but what I am referring to is the Groupons of the world as well as those cell phone apps that help you hunt down specific deals at retailers.

I have been thinking about this off and on for quite a while, and it really is a troubling trend for me, what sparked my interest today was this article I saw on slashdot.

My concept around Groupon is kind of interesting in that you get a group of people a discount or special offer of sorts at your business. The businesses offering the discounts expect, in return to get repeat business from many of those consumers. However it seems in reality that is rarely what happens. The business becomes a victim of their own deal, and most of those consumers never return (unless they get another screamin’ deal). So the business takes a big hit on the front end, and gets little or nothing in return.

Then there are the businesses that offer something that they cannot hope to possibly fulfill, such as the article about the photographer article above. I saw another news story last year where about a dance studio having similar issues, as well as a house cleaning service. This problem is probably addressable by better educating the business that is posting the offer to the site(s).

The other really troubling shopping trend are those cell phone apps that allow you to do stuff like scan the barcode of the item you want to buy and it will look at other shops in the area to try to find a better price.

On the surface it sounds like something good for the consumer, but in the longer term I believe strongly it will cause significant harm to the small businesses who can afford only so much to offer as loss leaders to bring people into their stores. Again there is some expectation that there will be return business, and I believe in this situation the likelihood of that happening is higher than that of Groupon but not nearly enough to make up for the losses incurred by the good deal they were offering.

I’m not sure what will happen with the group coupon sites, whether it is something like small businesses realize what is happening and stop participating in the sites altogether, or maybe they feel so much pressure from everyone else that they feel compelled to participate for some mutually assured destruction. Or maybe something entirely different.

As for the cell phone apps, it’ll be a lot harder to deal with those, it could be that businesses are forced to stop doing loss leaders, or try to impose rules around taking pictures in the store(hard to enforce), I’m not sure.

It seems like a scary time to be a small business in this economy, with everything that is going on in the macro economy, having technology exploit your business even more is quite sad.

May 5, 2011

Sony Compromised by Apache bug?

Filed under: General,Security — Tags: , , — Nate @ 10:26 am

Came across an article from a friend that talks about how Sony thinks they were compromised.

According to Spafford, security experts monitoring open Internet forums learned months ago that Sony was using outdated versions of the Apache Web server software, which “was unpatched and had no firewall installed.”

The firewall part is what gets me. Assuming of course this web server(s) were meant to be public, no firewall is going to protect you against this sort of thing since of course firewalls protecting public web servers have holes opened explicitly for the web server so all traffic is passed right through.

And I highly doubt those Apache web servers had confidential data as the article implies, obviously that data was on back end systems running databases of some sort.

Then there are people out there spouting stuff on PCI saying the automated external scans should of detected they were running outdated versions of software. In my experience such scans are really not worth much with Linux, primarily because they have no way to take into account patches that are back ported to the operating system. I’ve had a few arguments with security scanners trying to explain how a system is patched because the fix was back ported but them not being able to comprehend that because the major/minor version being reported by the server has not changed.

Then there was the company I worked for who had a web app that returned a HTTP/200 for pretty much everything, including things like 404s. This tripped every single alarm the scanners had, and they went nuts. And once again we had to explain that those windows exploits aren’t going to work against our Apache Tomcat systems running Linux.

IDS and IPS are overrated as well, unless you really have the staff to watch and manage it full time. In all of the years I have worked at companies that deployed some sort of IDS (never IPS), I have seen it work, one time, back in I want to say 2002, I saw a dramatic upsurge in some type of traffic on our Snort IDS at the time from one particular host and turns out it had a virus on it. I worked at one company that was compromised at LEAST twice while I was there(on systems that weren’t being properly managed). and of course the IDS never detected a thing. Then that company deployed(after I left) a higher end hardware-based IPS, and when they put it inline to the network (in passive, not enforcing mode) for some reason the IPS started dropping all SSL traffic for no reason.

They aren’t completely useless though, they can help detect and sometimes protect against the more obvious types of attacks (SQL injection etc).  But in the grand scheme of things, especially when dealing with customized applications (not off the shelf like Exchange, Oracle or whatever), IDS/IPS and even firewalls provide only a tiny layer of additional security on top of good application design, good deployment practices(e.g. don’t run as root, disable or remove subsystems that are not used, such as the management app in Tomcat, use encryption where possible), and a good authentication system for system level access (e.g. ssh keys). With regards to web applications, a good load balancer is more than adequate to protect the vast majority of applications out there, it is “firewall like” as in it only passes certain ports to the back end systems, but (for higher traffic sites this is important) vastly outperforms firewalls, which can be a massive bottleneck for front end systems.

With regards to the company that was compromised at least twice, the intrusion was minor and limited to a single system, the compromise occurred because the engineer who installed the system put it outside of the load balancers, it was a FTP server, or was it a monitoring server, I forgot.  Because it needed to be accessed externally the engineer thought hey let’s just put it on the internet. Well it sat there for a good year or two, (never being patched in the meantime) before I joined the company, compromised in some fashion, and ssh was replaced with a trojaned copy (it was pretty obvious, I am assuming it was some sort of worm exploiting ssh). It had all sorts of services running on it. I removed the trojan’d ssh, asked the engineer if he thought there might be an issue, he said he didn’t believe so. So I left it, until a few weeks later that trojan’d ssh came back. And at that point I shut the ethernet interfaces on the box off until it could be retired. There was no technical reason that it could not run behind the load balancer.

If you really need a front end firewall, consider a load balancer that has such functionality built in, because at least you have the ability to decrypt incoming SSL traffic and examine it, something very few firewall or IDS/IPS systems can do (another approach some people use is to decrypt at the load balancer than mirror the decrypted traffic to the IDS/IPS, but that is less secure of course).

It really does kind of scare me though that people seem to blindly associate a firewall with security, especially when it’s a web server that is running. Now if those web servers were running RPC services and were hacked that way, a firewall very likely could of helped.

One company I worked at, my boss insisted we have firewalls in front of our load balancers, I couldn’t convince him otherwise, so we deployed them. And they worked fine(for the most part). But the configuration wasn’t really useful at all, basically we had a hole open in the firewall that pointed to the load balancer, which then pointed to the back end systems. So the firewall wasn’t protecting anything that the load balancer wasn’t doing already, a needless layer of complexity that didn’t benefit anyone.

Myself I’m not convinced they were compromised via an Apache web server exploit, maybe they were compromised via an application running on top of Apache, but these days it’s really rare to break into any web server directly via the web server software(whether it’s Apache, IIS or whatever). I suspect they still don’t really know how they were compromised and some manager at Sony pointed to that outdated software as the cause just so they could complete their internal processes on root cause and move on. Find something to tell congress, anything that sounds reasonable!!

April 25, 2011

Netflix: more users than Comcast ?

Filed under: General — Tags: , — Nate @ 9:48 pm

Netflix seems to be unstoppable for the moment, with their stock continuing to go through the roof and their subscriber numbers climbing all the time.

Just saw this on slashdot

NEW YORK (CNNMoney) — Netflix knocked over a new milestone Monday: It now has more subscribers than the largest cable TV operator in the U.S.

[..]

Revenue rose 46% to $719 million.

Sooner or later I think investors, and customers will realize that the streaming model Netflix has doesn’t scale, the unicast nature of the platform just won’t scale. Doesn’t matter if your on every CDN on the planet. Maybe with IPv6 multicast (assuming it works as advertised as far as I know nobody has ever deployed multicast on anything remotely approaching the size of a cable network over the internet).

Myself I already do have trouble streaming from Netflix on occasion (and I rarely stream from them, because I rarely find anything I am interested in watching). I can’t remember the last time I was able to actually stream HD. (I’m on Comcast and have what is advertised as a 16Mbps connection, which speedtest.net claims at this point in time – 9:48PM on a Monday, I get 22Mbps download and 5Mbps upload)

Here’s hoping Tivo can survive. My 70 season passes give me a whole hellva lot more entertainment than Netflix can hope to provide me.

That being said I am still a Netflix customer, but I tend to watch maybe 2-4 DVDs a month (average), and stream, at this point 1-2 hours/month (there was some points where I came across a series or something that I liked a lot and watched the whole thing but it’s been a while since that happened).

« Newer PostsOlder Posts »

Powered by WordPress