Technologies like OAUTH 2.0 have been around for a long, long time, and their purpose is to provide a verifiable audit-trail for users.

And it works! Although there have been (and will always be) security issues, the reality is that technologies like SAML and OAUTH do provide a very useful level of trust.

Except that, although these technologies do allow for a useful transfer of identity, the agents widely used to provide this identity (the IDP) is never an entity that provides a uniformly useful level of identity.

Here I am: Bill Jones (not my real name) citizen of the UK (not my real country, either) and I have no way to properly assert that to, say, Bank of the West (not my real bank, either) or Northern Airlines. (not my real airline)

If I have to assert my true identity, I have a state-issued driver's license or passport. Why do I have no way to assert either of these identification documents electronically?

Why can't I use my passport ID to assert myself to the bank, or the airline?

Seems to me that it would be HIGHLY USEFUL if I could. And it seems to be self-evident and proper that the agencies that issue drivers licenses or passports could offer electronic identification, even if it's sourced out to a tech company with a good reputation.

In the US, it's now become increasingly common to have a unified electronic ID to interact with agencies: see id.me. This is a start, and I know government agencies work GLACIALLY SLOWLY so maybe by the time my grandkids are having babies this could be a thing.

Eh?

> At some point you have to ask why you're using RAID at all. If it's for always-on, avoiding data loss due to hardware failures, and speed, then RAID 6 isn't really am great solution for avoiding data loss when disks get to these kinds of sizes, the chances of getting more than one disk fail simultaneously is approaching one, and obviously it was never great for speed.

If you're at this point, then using drives at all is probably already off the table. But I think this position is probably ridiculous.

I have many years of experience managing file clusters in scopes ranging from SOHO to serving up to 15,000 people at a time in a single cluster. In a cluster of 24 drives under these constant, enterprise-level loads, I saw maybe 1 drive fail in a year.

I've heard this trope about "failure rate approaching 1" since 500GB drives were new. From my own experience, it wasn't really true then, any more than it's true now.

Yes, HDDs have failure rates to keep in mind, but outside the occasional "bad batch", they are still shockingly reliable. Failure rates per unit haven't changed much, even though with rising capacities, that makes the failure rate per GB rise. It still doesn't matter as much as you think.

You can have a great time if you follow a few rules, in my experience:

1) Engineer your system so that any drive cluster going truly offline is survivable. AKA "DR" or "Disaster Recovery". What happens if your data center gets flooded or burns to the ground? And once you have solid DR plans, TRUMPET THE HECK OUT OF IT and tell all your customers. Let them know that they really are safe! It can be a HUGE selling point.

2) Engineer your system so that likely failures are casually survivable. For me, this was ZFS/RAIDZ2, with 6 or 8 drive vdevs, on "white box" 24 bay SuperMicro servers with redundant power.

3) If 24x7x36* uptime is really critical, have 3 levels of redundancy, so even in a failure condition, you fail to a redundant state. For me engineering at "enterprise" level, we used application-layer logic so there were always at least 2 independent drive clusters containing full copies of all data. We had 3 drive clusters using different filesystem technologies (ZFS, XFS/LVM) and sometimes we chose to take one offline to do filesystem level processing or analysis.

4) Backups: You *do* have backups, and you do adhere to the 3-2-1 rule, right? In our case, we used ZFS replication and merged backups and DR. This combined with automated monitoring ensured that we were ready for emergencies, which did happen and were always managed in a satisfactory way.

that should be good for almost no one

https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fpetapixel.com%2F2025%2F01%2F...

We had old billing systems (think: AOS/VS II hosted COBOL

If I remember correctly, AOS/VS stored dates as a 16-bit number that represented the number of days since some time in 1967. It should theoretically have been good until at least 2100.

VR can't replace the real world.

Exactly. To flesh out your idea a little further, VR won't take off until it's like the holodeck on Start Trek. How do I run across a huge hallway or field, that I might see in the latest FPS game, if I live in an apartment?

We have to thank BASIC for Microsoft.

Sadly, you're probably right. I still have an OSI C4P, from roughly 1978. It prints the following message when it boots:

OSI 6502 BASIC VERSION 1.0 REV 3.2
COPYRIGHT 1977 BY MICROSOFT CO.

If you actually look in the BASIC ROM, it says "WRITTEN BY RICHARD W. WEILAND".

I'm so old I can remember when there was Windows/NT for the PowerPC

And DEC's Alpha

When they released Windows for the Alpha, everyone at my old job was like "Woo hoo! No more Unix!", and we started porting our software to Windows. Then we started doing benchmarks.

That was the last time anyone mentioned Windows on our servers.

people who voluntarily give information to third parties ... have "no reasonable expectation of privacy" in that information

I could see their point, if it was actually voluntary, but banks, phone service, and ISPs are basically required by today's society.

Personally, I think someone (with more money than most of us) should buy that same information for all Secret Service, FBI, and DHS employees, and make it publicly available.

Python is the go-to for unmaintable, once-off, kludges.

Not in my experience. Just recently, we had had to connect a third-party piece of software to a messaging server (IBM MQ). I did it in Python in a couple of weekends, with about 300 lines of code. Unfortunately, we're officially a C# shop, so they paid a consultant to write a new program in C#. It took him eight months and I don't know how many lines of code.

Sorry, but I don't see how you could call 300 lines of code unmaintainable.

The basic x86 instruction set is 46 years old. 8086 was released in 1978.

And it has far outlived its usefulness. How much farther ahead could we have been in computer technology if we'd standardized on a better architecture?

I'm not planning on upgrading from Windows 7

I'd like to do the same, but the only thing I use Windows for is games, and more and more games are refusing to run on Win7.

Nearly every word you wrote is just factually incorrect.

It's funny: I have a nephew that's kind of a semi-pro photographer. (He does some photography for his company, but that's not his full-time job.) I had this exact discussion with him about five years ago, and I took your side. He said that, no, phones were actually pretty good today, and the only reason to get a real camera was if you intended to make something like a 10-foot square poster with the image.

Let me be clear: I don't have a problem banning plastic bags.

Or you could do like the majority of people on the planet, and bring bags with you.

This is fine, unless you're on vacation. Some years ago, I was visiting California and bought a bunch of stuff from a convenience store. For whatever reason, they couldn't give me a bag, so I had to carry the stuff back to the hotel without one. (I wanted to just ask for my money back, but it didn't look like that was going to happen.) I made it without dropping anything, but I wouldn't want to have to do that again.

I've been calling for corporate and individual liability for bad software for at least 35 years.

LOL. The only kind of corporate liability I've seen in my lifetime is where the corporations get bailed out and the taxpayers pick up the tab.

No. The only way you're going to get a company to change their ways is to stop using their products and impact their bottom line.

Maybe I'm blaming the victim here, but instead of "demanding" anything from them, people should go elsewhere. It's the only way they'll listen. Stop using Microsoft software.