by Robin Harris on Sunday, 24 May, 2009
Today is Memorial Day in America. For StorageMojo.com’s international visitors, this is the day Americans remember those who have fought for our liberty and our ideals.
But many of our ideals are older than America. Others have shared them, beginning in ancient Athens, the first democracy.
2500 years ago Athens was fighting for its life against its polar opposite, Sparta. Athens, the world’s only democracy, cultivated trade, learning, arts and politics. In contrast the Spartans lived as a military state on a permanent war footing, for some 90% of their population were slaves, always tempted to revolt.
After an early battle the Athenian leader Pericles spoke of his city’s ideals at a memorial service for the dead. The text is from The Peloponnesian War by Thucydides. The words are his, the bolding and editing mine.
Our constitution does not copy the laws of neighbouring states; we are rather a pattern to others than imitators ourselves. Its administration favours the many instead of the few; this is why it is called a democracy. If we look to the laws, they afford equal justice to all in their private differences; . . . advancement in public life falls to reputation for capacity, class considerations not being allowed to interfere with merit; nor again does poverty bar the way. . . .
The freedom which we enjoy in our government extends also to our ordinary life. There, far from exercising a jealous surveillance over each other, we do not feel called upon to be angry with our neighbour for doing what he likes. . . . [We] obey the magistrates and the laws, particularly such as regard the protection of the injured, whether they are actually on the statute book, or belong to that code which, although unwritten, yet cannot be broken without acknowledged disgrace.
Further, we provide plenty of means for the mind to refresh itself from business. We celebrate games . . . all the year round, and the elegance of our private establishments forms a daily source of pleasure . . . while the magnitude of our city draws the produce of the world into our harbour, so that to the Athenian the fruits of other countries are as familiar a luxury as those of his own.
If we turn to our military policy, there also we differ from our antagonists. We throw open our city to the world, and never by alien acts exclude foreigners from any opportunity of learning or observing, although the eyes of an enemy may occasionally profit by our liberality; trusting less in system and policy than to the native spirit of our citizens. . . .
We cultivate refinement without extravagance and knowledge without effeminacy; wealth we employ more for use than for show, and place the real disgrace of poverty not in owning to the fact but in declining the struggle against it.
…[O]ur ordinary citizens, though occupied with the pursuits of industry, are still fair judges of public matters; . . . and, instead of looking on discussion as a stumbling-block in the way of action, we think it an indispensable preliminary to any wise action at all. . . . [T]he palm of courage will surely be adjudged most justly to those, who best know the difference between hardship and pleasure and yet are never tempted to shrink from danger.
. . . And it is only the Athenians, who, fearless of consequences, confer their benefits not from calculations of expediency, but in the confidence of liberality.
May it be ever so.
by Robin Harris on Monday, 4 May, 2009
Free the American worker!
After a truly wretched New England winter, news that EMC’s David Donatelli is moving to HP’s sunnier climbs isn’t a total surprise. Nor is it surprising that EMC is trotting out its noncompete agreement to keep Dave from HP.
Bad public policy
The theory behind noncompetes is that a company is protecting its intellectual and commercial property such as customer relationships and product plans. But we already have laws protecting intellectual and commercial property — laws that are quite regularly enforced through civil and sometimes criminal action. Nor is it difficult to suss out who major customers are or what v6.4 of product X will look like.
The problem with noncompetes is twofold. First, they interfere with the free movement of labor to the highest and best use. Shouldn’t Mr. Donatelli be free to take his talents to the highest bidder for the maximum benefit of the free enterprise system?
Second, non-competes are bad for the US economy. Unlike Massachusetts California does not honor them. Yet California has managed to create many more jobs and much more wealth than Massachusetts in the postwar period – despite the Bay state’s early lead in computers and telecommunications as well as DoD and DARPA funding.
Looks like EMC lost this one
If you are a California company following HP’s example could be profitable. As a law firm noted:
If an employee with a noncompetition agreement . . . joins a California company, there is a good chance that the California employee and the new employer may sue in California to invalidate the agreement . . . . The former employer will opt to sue in a state that enforces noncompetition agreements. . . . [U]ltimately, it may come down to whichever side can first obtain a judgment in its favor.
In other words: “you have a good case Mr. Donatelli. How much justice can you – and HP – afford?”
Bay state readers: throw off your chains
Bay state readers: contact your state rep and state senator to support House Bill 1794 that would outlaw all non-competes in the state. Yay!
Somehow I doubt EMC’s top brass is supporting this long overdue reform. But it will be good for you and and your children. Maybe EMC and other companies will be more considerate of employees if it is easier to leave.
The StorageMojo take
There is no evidence that non-competes have helped the economy or the companies that employ them, while hurting labor mobility. Let’s end this relic of medieval serfdom and give labor the same freedom accorded capital.
Hiring companies should also think hard about whether EMC execs are worth the hassle. I’ve seen too many EMC long-timers make a mess at their new company because of cultural differences. EMC’s unique culture has served them well, but it isn’t like most other tech companies.
Courteous comments welcome, of course. I wish HP luck with their new hire. Expect culture shock on both sides.
by Robin Harris on Tuesday, 7 April, 2009
I’m at SNW and learning a lot about the latest and greatest, including wordpress hacking.
I found this helpful Google warning when I went to the site this morning:
Oh, goodie.
Running the latest version of wordpress, so I *hope* that isn’t the problem.
Combed through the site files and found a few hundred suspicious cache files, which I deleted.
Also appears that my new theme, Thesis from DIYthemes, was hacked as well. Still sorting that out.
Update: It appears the culprit was a hacked “creative” coming in from IDG’s advertising network which reps for StorageMojo. I looked at the source and found no way to determine that.
So how does a “creative” get hacked? Are ad agencies being infiltrated by hackers? Did some idiot download a cute graphic and paste into a layout?
While I like my new theme, I’ve realized that its developers it know way less about security and software development than the WordPress team. And that gives me pause. End update.
Update II: Got another Google malware warning Saturday afternoon and was able to pull the offending script v fast. Also found a “WordPress” document that wasn’t part of WordPress at all. I hope that does it. End update II.
The StorageMojo take
The crack StorageMojo security team is on the case. Sorry for the disturbance.
Now back to our regularly unscheduled program.
Courteous comments welcome, of course.
by Robin Harris on Monday, 13 October, 2008
Or a reasonable facsimile thereof
If you are interested in Disaster Recovery check out Axxana. They solve the limited synchronous data copy distance problem with a black box designed for data. Concept is simple but getting the details right is hard.
The problem
Synchronous replication requires that apps wait until the remote site completes the write. Given the speed of light, that means that synch sites can’t be very far away. Certainly not the 300 miles the SEC would like to see for financial institutions – we still have a few of those, don’t we?
Axxana’s answer
No matter what happens in a plane crash, they always seem to be able to recover the “black box” that tells them what the plane was doing shortly before the crash. Axxana has developed a black box for data centers.
Here’s how they describe it:
The Phoenix Black Box is located near the storage system at the primary data center and records a synchronous data stream from the storage. At the same time, an asynchronous data replication system is moving data to a secondary data center (the remote recovery site). The Phoenix Black Box has to protect only the Gigabytes of data that would have been lost in a typical asynchronous replication scenario. Data is protected inside the Black Box during the course of the disaster and can be immediately extracted.
Data extraction is achieved either by:
- Physically locating the system by tracking the homing signal and connecting a laptop with an Axxana software component to the Phoenix System™ at the disaster site, or
- The self sufficient and well protected system transferring the data to the secondary site using highly resilient cellular broadband technology.
Your data phones home after a disaster.
Compelling economics
It will take a while to suss out all the implications, but one simple scenario is a company with 3 data centers around the world could in-source their DR strategy with the equivalent of synchronous data recovery. How much would that save?
Distribution
They are working with as many of the major vendors as they can to get the product to you through people you already deal with. Expect to see some announcements.
The StorageMojo take
They are in contention for StorageMojo’s “coolest new product as SNW” award. It looks like they can handle anything up to an A-bomb blast. If that happens even synchronous data replication may not work. Besides, a dirty bomb is much more likely. Happy thoughts, eh?
Comments welcome, of course. Guys, sorry if I jumped the gun. But when I saw the web site was up . . . .
by Robin Harris on Sunday, 3 August, 2008
Stepping beyond marketing green-washing, the folks at Wikibon have done something. Tomorrow morning they’ll announce, along with California-based PG&E, Conserve IT,
. . . a first-of-its-kind service that accelerates the qualification of storage products for energy rebates and provides independent validation of energy efficiency for storage platforms from a number of leading vendors, spanning emerging Web 2.0 suppliers to the most recognized brands in the business.
Conserve IT was launched on behalf of IT customers in the Wikibon community who wanted to take advantage of the excellent programs PG&E and other utilities have put in place to conserve energy. The community felt that it could help to dramatically increase the participation of storage technologies which are major consumers of power and cooling in data centers. PG&E responded to Wikibon by allocating resources to help qualify additional storage technologies and providing guidance to the storage industry at large.
A watt saved is a watt earned
3PAR, Compellent, DataDirect Networks, EMC, Hitachi Data Systems, Nexsan and Xiotech, have signed on to the program. Customers who want PG&E’s incentives must be accepted into the program before buying new equipment.
PG&E has long understood that conservation cuts their marginal cost of power. Since that power is the most expensive they buy – usually natural gas-fired turbines – it is cheaper for them to pay customers to conserve power than building more power plants. Faster and better for the environment too.
The StorageMojo take
Kudos to Wikibon for sheparding this program and to PG&E and the storage companies for their support. Now it is up to the customers to take the next step.
Of course, looking at the companies involved, you are wondering “where are HP, IBM, Sun and NetApp?” I hope they are already in process, but if not, get the lead out. Company reps are invited to comment to update StorageMojo readers on your progress.
Comments welcome, of course.
by Robin Harris on Wednesday, 14 May, 2008
Getting rid of the hacked files and spam links wasn’t the end of it
Dreamhost notified me that the load on my server was excessive and they’d disabled StorageMojo.
Yikes! Had I been hacked again? DDOS attack? What?
Building the correct mental model
In short order I brought up my SFTP client, my tracking site, the Dreamhost webpanel and my son on chat. He had me toss a new index.html file into the site folder to let people know that the problem was getting addressed.
On to problem solving
It took a while to figure it out because I’d never seen it before.
The load was coming from Google referrals for charming search terms that I’m going to misspell on purpose in hopes of not attracting similar traffic:
- download sh*mail
- downlode free 1ndian s3x movies
- pharmasuitical affiliate prom0
- 0rgish/behe*ding
- h1nd1 p0rn m0v1es
*Lots* of pee-oh-rn requests for many different ethnic types. Some things are universal – at least among guys.
There were no hacked files still on StorageMojo – I’d gotten them all last week and they were still gone. But the tracking site was referring to them, so for a while I thought they were there but that for some reason I couldn’t see them.
But then my son checked what happened when someone tried to go to the spam links. The site was delivering a “system error” message – not the static 404 page I’d expect – so the site wasn’t delivering the spam content and it really was gone. Presumably processing for the “system error” page created much of the extra overhead Dreamhost was seeing.
For a while StorageMojo was getting thousands of hits an hour from these Google referrals. At some point Google must have crawled the site again, saw the content was no longer there, and stopped referring people.
Not a moment too soon!
So what was this all about?
My son hypothesized:
This looks like a two-step scheme…step one is that they hacked your site and got all those bad SEO files uploaded. Step two is to send lots of fake Google traffic through your site to increase PageRank.
Then I went one step further and checked out one of the spam pages that Google had cached. In big bright colors it told me that my XP system was infected with viruses and I should download their *free* virus scanner.
Whoa, scary. Except I’m on a Mac.
Botnet recruitment? I don’t know.
The StorageMojo take
I’ve made a number of changes to tighten up StorageMojo. As I was researching this I found that there are many security “folk remedies” out there, but very little on what the high priority issues are.
Keeping software up to date seems to be the critical success factor – and sad to say, I’d been lax. In addition to keeping current I’m now checking my site files more often among other changes.
Hopefully these requests will tail off as Google stops referring people. And StorageMojo can go back to being a quiet little site.
Thank you for your patience.
Comments welcome, of course.
by Robin Harris on Monday, 3 March, 2008
I had a con call with Chris Gladwin and Russ Kennedy of Cleversafe a couple of weeks ago. They’ve come to market with a product line that seeks to deliver:
- Massive scalability to meet growing digital content requirements
- Unprecedented Security and Privacy for critical digital assets
- Survivability against disasters, dishonesty and time
- Extremely cost-effective infrastructure compared to traditional methods
That’s a quote from their pitch.
Cleversafe’s product line
Cleversafe, IIRC, started as a software company, but their announced products come in nice rack-mountable boxes. There are 3 of them:
- CS Slicestor – Dispersed Storage server – $11.3k
- CS Accesser – Dispersed Storage router – $12.3k
- CS Manager – Dispersed Storage network manager – $12.3k
The Slicestor is a 1U storage server containing 4 disks. The Accessor slices up the data and distributes it – think slice router. The Manager works out of band to monitor and manage the storage network components.
I assume the pricing includes some room for volume discounts. There is an open-source version (c. 2006) of the software. The company intends to offer a software-only version as well.
Why hardware?
The Conventional Wisdom in VC circles is that tin-wrapped software ramps revenues faster – hey, you’re selling tin + bits – at the cost of lower margins and loss of focus.
Qualifying hardware is non-trivial; so you tend to stay on one platform longer than you should. At liquidity event time, software companies fetch higher multiples, so it may be a net loss. VCs live by the Golden Rule: he who has the gold makes the rules.
What it does
Cleversafe has an iSCSI or block storage interface. It takes the data, slices it into small pieces using Information Dispersal Algorithms and then ships the slices off to storage either locally or around the world.
In the latest version you can specify how many slices the system makes and how many slices are required to rebuild the data. If you have 11 data centers around the world, you can specify that, say, 6 are required to recreate the data.
You could lose access to 5 data centers and still recover. If the local controlling authority busts into 3 or 4 data centers, they get nothing. Pretty cool if you worry about corrupt government officials getting hold of your company secrets.
The company is planning on adding FTP, CIFS and NFS in the fullness of time.
How well it works
Cleversafe claims that given sufficient low-latency bandwidth the dispersed storage is as fast as a local disk. That’s a tall order, but for now I’ll take their word for it.
Who should buy it?
The company is aiming the Dispersed Storage Network at ISPs to offer as a service and multinationals with round the clock operations and critical data.
How it works
Cleversafe uses Cauchy Reed Solomon erasure codes to slice and dice the data. These codes have several advantages:
- More capacity efficient and failure tolerant than parity codes
- Doesn’t require a license
- Code and decode are faster than other stack operations
If you’d like to play with Cauchy Reed Solomon, check out Dr. Jim Plank’s software page which includes
. . . Reed-Solomon coding, Cauchy Reed-Solomon coding, general bit-matrix coding, Reed-Solomon coding optimized for RAID-6, and Liberation coding. The documentation provides some tutorial material on matrix and bit-matrix based erasure coding.
I met the good doctor at FAST, where he was delighted to find that Clevesafe – also a FAST presenter – was using techniques he’d worked on a decade ago.
The StorageMojo take
I’m impressed with what Cleversafe has done. They will look even smarter after EMC’s Hulk/Maui announcement this spring. I suspect they’ll be bought by year’s end.
Kudos to the Cleversafe team.
Comments welcome, of course.
by Robin Harris on Wednesday, 6 February, 2008
What’s wrong with White House backup?
I published a review of David Gewirtz’s book Where Have All the Emails Gone? over on ZDnet.
A quick overview:
- The White House may or may not have lost 5 million emails. They aren’t sure.
- Gewirtz, an email expert, started investigating the White House email infrastructure and found:
- The mail archiving process is unprofessional and unworkable.
- The claimed loss of email in a Notes to Exchange migration is highly unlikely.
- Over 100 million emails from the White House were sent through an insecure ISP in Chattanooga TN.
- Existing law – the Hatch Act – mandates an external email system for partisan political activity, a ludicrous requirement in a 7×24 Washington.
The Hatch Act prescribes what partisan political activities are acceptable for federal employees. One of the prohibitions is the partisan use of government property. While a good idea in general, in the case of telecom the prohibition is senseless.
White House communications need to be secure. When we force White House employees to use multiple email, IM and computer systems it is inevitable that material received on the internal system will go out over the external system. A single secure system is easier to achieve.
This isn’t about George Bush
This is about maintaining records so the next administration can know how policy got developed and what committments were made. I’ll let others worry about if the loss of the emails was part of a deliberate attempt to cover up criminal activity.
Ironic, isn’t it?
American companies are spending billions for backup and archive software and hardware. But the White House, head of an executive branch with a $3 trillion budget, can’t manage its email backups despite a clear legal requirement to do so under the Presidential Records Act?
The StorageMojo take
Gewirtz recommends that a professional, non-partisan IT organization be detailed with the job of protecting and archiving all White House email communications. There are many groups with the ability and the motive to snoop White House email going out over the public Internet. That has to stop.
Making a single entity responsible, as the Secret Service is for Presidential safety, is the best way to ensure that vital public records are protected. It will also help remind White House officials that they are accountable to the people of the United States.
Comments welcome, as always. BTW, Congress also needs to clean up its data protection act. It is less urgent thant the White House, but just as important.
Update: As luck would have it the New York Times reports another Bush attack on America’s right to know. After passing Congress unanimously he’s gutting the latest freedom-of-information law in the budget. A new high in bipartisanship! Less than a year to go!
