RAID is the best backup
-
I don't see any rubber hoses.
-
-
and it would be really impressive if they managed to only spend $5 on teh wrench.
still that's what the concern is, not saying i agree with it mind, just what it is.
-
If he had said $5 wrench I would have gotten it. He said rubber hose.
How is the rubber hose used? Like... to choke a person? Are we talking garden hose, or like industrial-size here?
-
How is the rubber hose used?
No, you hit them with it. Presumably they don't mean a garden hose.
I dunno, it's an idiom. Cope.
-
No, you hit them with it.
Does it have one of those metal spray attachments on the end? I guess if the hose was long enough it would be kind of like a shitty whip...
I dunno, it's an idiom. Cope.
I MUST KNOW WHAT THE HOSE IS FOR!
-
It plays off the idea that hitting someone with a softish item leaves less identifying marks of the beating you are going to need to deny doing. It's a tangential reference thing rather than direct (which is probably why you missed it).
Edit: Kinda like the idea behind using a sack of oranges or wrapping something small and hardish in a towel to produce beating element.
-
as i understand it the procedure is as follows:
- restrain subject
- vigorously apply rubber hose to soles of subjects feet to remove layers of skin.
- continue until feet are no more (subject likely dead) or subject tells you what you want to hear
interestly enough exactly what kind of hose is never mentioned. my guess is surgical tubing.
-
I've said it many times before, and I'll say it now - if you're publicly voicing concern about NSA peeking at your super secret data, it's almost certain that you're just information noise to them.
I probably am noise to them; the problem is, their signal is ill-defined and easily influenced by other agencies, which is rather troubling in a three-felonies-a-day world.
rubber hose cryptography.
basically beating the shit out of someone until they give you they keys you want. either metaphorically or literally.
This. 'Rubber hose crypto' is using physical-space measures to make someone cough up the crypto keys you want from them, in other words. Some of these are closer to literal rubber hoses, others (the more common ones) are subpoenas and other legal instruments.The few people that should actually be worried about getting on NSA's hit list know better than to post on publicly accessible forums about how everyone's out to get them. And if they don't, well, they deserve it.
I'd so much rather this be true! Sadly, it isn't quite true; the back-and-forth between governments and large multinationals has a habit of sweeping up targets it shouldn't.My main concern about nation-state actors (not just the NSA, but their counterparts worldwide) is that some systems should be off-limits to intrusion at any level. 'National security' doesn't justify penetrating (or introducing vulnerabilities into) safety-critical transportation infrastructure.
How is the rubber hose used? Like... to choke a person? Are we talking garden hose, or like industrial-size here?
Think 'whip', as in your:Does it have one of those metal spray attachments on the end? I guess if the hose was long enough it would be kind of like a shitty whip...
Hey, we keep CompSci PG-13. "Mutilation with a crowbar", while probably more accurate, is not something you want to put in a research paper.
Agreed here; a real 'rubber-hose-crypto' incident, in the sense of physical abuse being used to extract a crypto key, is likely to involve something more damaging than being whacked across the back with a garden hose repeatedly.Or you could go with this route:
as i understand it the procedure is as follows:
- restrain subject
- vigorously apply rubber hose to soles of subjects feet to remove layers of skin.
- continue until feet are no more (subject likely dead) or subject tells you what you want to hear
interestly enough exactly what kind of hose is never mentioned. my guess is surgical tubing.
-
-
meatspace
You know what's a good strategy when explaining obscure terms that people don't understand? Using obscure terms that people don't understand to do it.
Still waiting to learn what "networks" have had "active attacks" made against them.
-
rubber hose
Find the differences:
Lets use brute force to crack this password, no lets use brute force to crack this password.
-
I probably am noise to them; the problem is, their signal is ill-defined and easily influenced by other agencies, which is rather troubling in a three-felonies-a-day world.
Exactly. There is evidence for example that the NSA feeds information to the DEA which then uses parallel construction to build a case that essentially lies to the court about how the case was made, because they either are unable or choose not to meet the constitutional criteria that would be required if they actually told the whole truth.
We're not at the point where the NSA et al. appear to be abusing their powers against political enemies or something like that, but they do appear at the point where they're doing it in a manner that I think is clearly contrary to the intentions of the constitution.
-
There is evidence
And there's evidence that unicorns exist and live on Neptune. Also from crazy people.
Where is the evidence? Has it been presented to a court, or the press, or any other entity capable of determining truth? Can you... link to it? Or even a story about it?
After numerous NSA discussions online, I'm telling you, I've gotten a LOT more convinced of the Neptunium unicorn conspiracy theory.
-
but they do appear at the point where they're doing it in a manner that I think is clearly contrary to the intentions of the constitution.
So just like the rest of government?
-
-
Although these cases rarely involve national security issues, documents reviewed by Reuters show that law enforcement agents have been directed to conceal how such investigations truly begin - not only from defense lawyers but also sometimes from prosecutors and judges. ... A former federal agent in the northeastern United States who received such tips from SOD described the process. "You'd be told only, ‘Be at a certain truck stop at a certain time and look for a certain vehicle.' And so we'd alert the state police to find an excuse to stop that vehicle, and then have a drug dog search it," the agent said.
Not all of the details are available of course because some have been redacted, but there have been documents obtained through FOIA from the DEA on this.
-
Ok,
-
we're off the topic of the NSA hacking into networks, which I really wanna hear about damnit!
-
the DEA is not the NSA, it's ok to hate the DEA because they're pretty fuck fucking awful
-
that article specifically states that the citizenship of the intelligence sources is checked before the evidence is considered, even in the parallel construction. Now I'm sure a paranoid person would say: "well we only have the DEA's word on that!" which is true, but until I see some evidence to the contrary, I have no reason to disbelieve it.
-
-
wut
-
I tried RAID and now none of my hard drives work anymore. I haven't seen any gnats since then either.
http://i200.photobucket.com/albums/aa130/SBrooksB/Macrium/RAID_zpsdaecb339.png
-
-
I'm probably not much older than you child(ren).
-
I'm guessing at least 10 years older. So it depends on your definition of "not much."
-
One order of magnitude!
-
Yep, not much.
-
Order of magnitude is *10 not +10. Only one that may be close to plus 10 is @ben_lubar if I remember conversation snippets from various places correctly.
-
He'd be on the under for that. Somewhat recent college grads would be about right.
-
not much older than you child(ren)
Assuming child = <10, which is a decent heuristic (preteen being 11 and 12, teen being 13+), then someone who is a decade older than a child is also an order of magnitude older (by virtue of their age having two digits).
-
Yup, but I doubt that his child(ren) are still 3.
-
Order of magnitude is *base, not *10. If you have binary, increasing by one order of magnitude is doubling.
-
Fair enough, was just mild attempt at the pedantry thingys, but you are getting a flag for the correction.
-
Totally off-topic, but your current title reminds me...
@PJH how am I doing on attendance? I think I was at around 70 consecutive days last time you showed me the report so I have to be very close to 100 by now, unless Discourse Discoursed it up somehow.
-
I consider the NSA's intrusiveness to be a major cybersecurity concern -- intentional weakening/backdoors that the blackhats are all too happy to take advantage of is not a possibility I want to deal with, given the size of the rubber hose the NSA has to use on those who don't play by their rules.
That is a possibility. An absolute surety is the fact that when foreign companies look for products they are quite likely to not buy the US made or engineered product as it could very well contain a backdoor that will steal their data. That will absolutely hurt US tech companies. At this point US tech companies are like the celebrity who was accused of sticking furry rodents up his ass for pleasure. Objectively, we know he did not do it. But he will always be thought of as that guy who sticks gerbils up his ass. In the case of the NSA, we are not sure WTF they have done. We only know they have done it to US tech products and services.
-
@Intercourse said:
when foreign companies look for products they are quite likely to not buy the US made or engineered product
[Citation needed]
-
RAID isn't backup at all. If you accidentally delete or overwrite a file, it's gone from ALL of your RAID drives in a matter of milliseconds.
That is why you use RAID + file versioning as part of your backup strategy. Even Cobian Backup has it
That's good advice, but it works better if you tell people RAID isn't a backup at all. Which is true.
RAID is not a backup, if you only have one copy of the data on that RAID array. If you have two copies of it, on two RAID arrays, then you have a backup. It seems like you are saying that RAID is no part of any good backup strategy.
AND HUMAN ERROR! The reason files are recovered from backup 95% of the time!
Yes it is, which is what file versioning can get you, when used in conjunction with RAID arrays. If you have to go to an offsite copy or tape backup just to recover a fucking deleted file, you are a failure as a sysadmin.
you can get the cost of those discs down by getting consumer grade disks but that's asking for trouble. consumer disks try their best to hide errors from end user so if you use them by the time one fails there's a fair bet that the others are not far behind and might not make it through the rebuild cycle.
BackBlaze uses nothing but cheap, consumer-grade drives and they have data to show that, at least in their case, they are more reliable than enterprise or NAS drives. YMMV of course, but this seems like a bit of a simplistic point of view on the subject.
Citation for @Yamikuronue: https://www.backblaze.com/blog/hard-drive-reliability-update-september-2014/
The few people that should actually be worried about getting on NSA's hit list know better than to post on publicly accessible forums about how everyone's out to get them. And if they don't, well, they deserve it.
That is not even in the realm of the point. The point for me is: we have laws, we have the Constitution, this shit is supposed to protect us from our government and its entities, they circumvented the Constitution and they should be fucking drawn and quartered for it.
Here's your citation: a customer I worked at was having problems with their application, which had a database on a RAID 5 array. They hired Progress (the company that makes the database product) to come out and tune it. They walked in, saw the RAID 5, and said "call us back when you're off RAID 5.)
Running a database off of a RAID 5 is asking for trouble if that database sees any load. But, most of what a database server does should be cached in memory. Now, yes, at some point that cache has to catch up with disk or else your commits are sitting unprotected on volatile RAM, but still. The working dataset should be able to be read from RAM.
The parity disk in a R5 array kills write performance if you're doing something that's heavily write-intensive. Home users will probably never tell the difference, though, nor would users who aren't using something like a database/app with a lot of transactions.
And there is the point for most other cases. Unless you are really hitting the file system, it doesn't fucking matter if parity calculations slow it down. It is not the parity disk that slows it down (as RAID 5 & 6 are distributed parity anyway), it is the calculations for the parity.
This is well-known. You'll discover disk vendors routinely lie, though. "Our massive cache eliminates the slowdown due to parity." Sure, until you have to write enough to fill the cache.
Only partially true. There are a LOT of factors that come in to play here. Speed of the RAID array, RAID card processor, speed of network (or however you are writing to the array), processor, etc. In most use cases, it will not matter though. One of our servers here has a 12 drive RAID 6 array with 24GB of RAM and dual quad cores. Those drives are parity calculated entirely by the CPUs and cached entirely with RAM. I could write well over 24GB of files to it before it slows down and I will still get 80MB/s write speed or better once it fills the cache up until the time the transfer is done. But that only happens when I am moving entire directories over. Most people make very small writes to network storage. A few MB at a time. Maybe a GB. So yes, in most cases, filling the cache is non-point and most people will never see the speed drop off.
[Citation needed]
Citation: common sense
-
@Intercourse said:
I could write well over 24GB of files to it before it slows down and I will still get 80MB/s write speed or better once it fills the cache up until the time the transfer is done.
This brings me to the next level of objection: Oops, nobody tested the UPS recently. The battery died, and you just had a power outage. Sucks that a couple of GB of transactions were just dropped on the floor because the cache hasn't been written out yet, doesn't it?
-
Sucks that a couple of GB of transactions were just dropped on the floor because the cache hasn't been written out yet, doesn't it?
If you are not testing your UPS regularly, you deserve to lose data. Hell, most UPS's come with software that will even schedule tests for you.
-
-
Darn, I was hoping to learn something interesting.
Common sense is not that common. That is interesting in and of itself?
-
@Intercourse said:
If you are not testing your UPS regularly, you deserve to lose data. Hell, most UPS's come with software that will even schedule tests for you.
Do they have UPS units yet that work more often than not?
-
I have never had issues with one that has been tested regularly. Now that I have said that, there is probably one of ours erupting in flames somewhere...
-
Do they have UPS units yet that work more often than not?
We do in our office. They're huge things the size of several racks, though.
-
2) the DEA is not the NSA, it's ok to hate the DEA because they're pretty fuck fucking awful
- The NSA is party to the SOD, which is the group encouraging and enabling parallel construction.
- You were the first to only talk about the NSA.
3) that article specifically states that the citizenship of the intelligence sources is checked before the evidence is considered, even in the parallel construction. Now I'm sure a paranoid person would say: "well we only have the DEA's word on that!" which is true, but until I see some evidence to the contrary, I have no reason to disbelieve it.
I am willing to give them a bit of the benefit of the doubt on the content of calls. But the NSA's position is that warrentless collection of "meta"data on citizens is constitutional, so it's not a big leap to say that there's an alarmingly high chance that they consider turning over that information for law enforcement purposes to also be constitutional. That wouldn't be enough to get you to the "be at this truck stop at this time and search this car," but it could easily become enough to get to "look very closely at this person."
-
nailed it!
-
@Intercourse said:
I started this at 3PM EST today. It might be done by 3AM. Re-syncing a 15TB RAID volume takes a little while.
<img src="/uploads/default/9423/c45312b12d2423ea.PNG" width="315" height="397">
What type of RAID set can you build with that mismatched pile of disks? Spanned JBOD? That's likely to fail before you fill it with data.
-
It is a Drobo, so it is a proprietary implementation of RAID. I would guess that it is some form of RAID 4, perhaps combined with JBOD.
That's likely to fail before you fill it with data.
No.
-
I am really starting to believe that most people think that when they were defining RAID levels they started with 1 and then went on to 5 and 6 and just skipped those other numbers for some reason.
A little reading for those who were not aware that there are more than 3 standard RAID levels.
-
@Intercourse said:
just skipped those other numbers for some reason.
I always assumed it was because 2-4 aren't generally useful.
-
that. there was at least a proposal for RAID 7 and 8 too, but i don't recall seeing any implementations and i can't find the original proposals on google. my googlefu has failed me for the last time...
-
or be served with, you know...papers.
You don't encrypt backups stored on 3rd party servers?
rubber hose cryptography.
Not quite the issue here - if they really want the data they can subpoena you directly; we're talking here about stopping casual browsing of your backups.
How is the rubber hose used? Like... to choke a person? Are we talking garden hose, or like industrial-size here?
Across the bottom of the feet:
in which a rubber hose is applied forcefully and frequently to the soles of the feet until the key to the cryptosystem is discovered, a process that can take a surprisingly short time and is quite computationally inexpensive
Exclusive: U.S. directs agents to cover up program used to investigate Americans
RAID - Wikipedia
