Windows Server

The problem with online streaming video

Dave Farquhar net.culture , , , , , ,

I think we may have lost a project at work today: a project to do streaming video. It’s not really our fault; our offering looked just like everyone else’s streaming video.

The problem is that our competition isn’t everyone else’s streaming video.First let’s look at the hurdles. No matter which option you pick, some percentage of your audience is going to have to download or install something. That all but eliminates Real, since I don’t think even Woodward and Bernstein could successfully track down the link to their free player every time.

Windows Media Player is easier, but won’t necessarily run on some older versions of Windows. An overwhelming number of people have Windows XP now, but not everyone does. How many hundreds of millions of copies of Windows 98 did Microsoft sell? Do you think all of those people have thrown them away yet? No. Those people will have to download and install something.

But Media Player will leave some Macintoshes in the cold. Do you want to do that if your target audience might include schools?

QuickTime is the best cross-platform solution, but again, Windows users will have to download and install something.

OK, so you got it installed. Prepare thyself for thrilling, 15 frame-per-second 160×120 video!

Translation: Video the size of a postage stamp that moves about as fast as your mailman.

Theoretically you can stream bigger and faster video, but it’s going to be jerkier if you do. There’ll be dropped frames, artifacts, and the audio may drop out. And what’s it look like when you send DVD-sized 720×480 video? Well, considering a lot of people run their monitors at 1024×768, it makes letterboxing look good. It’s not full-screen like it is when you pop a DVD into your DVD drive.

And that’s precisely the problem. The competition isn’t other people who stream video. The competition is DVDs. Computers are digital, right? So why does its video look worse than the oldest, most worn-out VHS tape at the video rental place? And why do I have to jump through so many hoops in order to play it? On a DVD, I hit the "menu" button and then I hit "enter" or "play." (Also keep in mind that some people can’t even figure out how to do that. I’m serious. I dated a girl once whose parents couldn’t figure out a DVD player, so they had to get their 15-year-old son to come hit the buttons for them.)

And that, I think, is the reason you still don’t see tons and tons of streaming video on the Web, in spite of the high availability of DSL and cable modems in the United States, the abundance of cheap bandwidth, and the cheapness of the server software (free, in the case of QuickTime, and included with Windows Server in the case of Media Player).

SQLSlammer takes its toll on the ‘Net

Dave Farquhar Viruses , , , ,

If the ‘Net was slow today, it was because of a new worm, called SQLSlammer, that infected vulnerable Windows servers running Microsoft’s SQL database.
The exploit it used was old, but it was made possible because Microsoft’s cumulative hotfixes not being cumulative, and one of the patches not included, if applied afterward, reverted the server back to its vulnerable state. This was not mentioned clearly in the documentation for the hotfixes. Probably Microsoft didn’t know–until it was too late.

But in some cases it’s not Microsoft’s fault. Try getting a pointy-haired boss to give you 15 minutes’ downtime per server so you can roll necessary security patches across your enterprise. Since many people who ultimately make IT decisions never actually administered a Windows server in their careers, a lot of bad decisions get made and servers stay unpatched, as a matter of policy, either out of fear that a patch that closes a security hole might create a new bug, or that some remote VPN user in Kenya might be trying to work during that proposed scheduled time.

Linux got a bad rap in the security press last year because it allegedly had more security vulnerabilities than Windows did last year–never mind that a vulnerability in, say, BIND would get counted several times because it’s included in every Linux distribution, so whereas a vulnerability in IIS would get counted once against Windows’ total, a vulnerability in BIND might get counted 8 times.

We’ll ignore that. Fine. Linux has a larger number of security problems and vulnerabilities than Windows does. Fact. Undeniable. Fine. Answer this question then: Has any worm affecting Linux ever had the devastating effect that SQLSlammer had? That Nimda had? The most notorious worm that affected Linux was called Slapper. Do you remember it? More than 60% of the servers on the ‘Net run on Apache. A worm affecting Apache should have been huge. It wasn’t.

Statistics are, well, statistics. Just because I can find you a set of numbers that suggests the sky is pink doesn’t make it any less blue.

Why anyone, anywhere, has a Windows server on the ‘Net with anything more than port 80 exposed is beyond me.

Trustworthy Computing? Nice buzzwords. Billy Gates has yet to put any meaning into them.

And incompetence rises. Managers didn’t learn from Nimda, so they won’t learn from this either.

Great combination. What does it mean? History will repeat itself. Something like this will happen again. Probably sooner rather than later.

The Compaq DL320 and Ghost

Dave Farquhar Hardware , , , , , ,

We got another Compaq Proliant DL320 in at work. This one’s a Windows 2000 print server (grumble grumble–we’ve been playing with HP’s Linux-based print appliances and so far I really like them).

But anyway, since rebuilding a Windows server is a much bigger deal than rebuilding a Linux server (all our other DL320s run Debian Linux), we tried building a recovery image with Ghost.

Only one problem: Ghost 7.5 doesn’t see the DL320’s IDE drives. DOS sees them just fine. But Ghost 7.5 doesn’t see them, and neither did MBRWork, a freeware partition-recovery tool that’s saved my bacon a few times. There’s something odd going on here.

In desperation, I dug out an old copy of Ghost 5.1c I found on our network. It’s from mid-1999. Oddly enough, 5.1c sees the Proliant’s CMD 649-based UDMA controller just fine. The only problem is, Ghost 5.1c doesn’t handle the changes Windows 2000 made to NTFS. It’ll make the image just fine, but when I went to try to restore it, Ghost crashed.

So I pulled out an unused copy of PowerQuest Drive Image. Drive Image worked fine. Mostly. It made the image at least. One thing I noticed was that Drive Image’s compression was a whole lot less effective than Ghost’s. The other thing I noticed was that Drive Image’s partition resizing didn’t work right. I’d re-size the partitions so they’d fit on another drive I had (I wanted to test the backup to make sure it worked, but not on the live, production drive) but no matter what I did, it reported there wasn’t enough room on the drive.

“Ghost would be so much better in every way, if it worked,” I said in frustration.

“Isn’t that true of everything?” Charlie asked. I guess he didn’t think that was the most brilliant observation I ever made. Not that I did either.

We’ve got support with both Symantec and HP, so we really ought to call them and see if they have a resolution. HP talks out of both sides of its mouth; on the one hand, I found statements on its Web site that Ghost is unsupported on Proliant hardware, and on the other I found some tools that claim to help with system deployment using Ghost.

But since this DL320 is being used to drive a printer that costs about as much as any of us make in a year, and it’s being set up by a guy who’s being flown in early this week at $2,000 a day, I’m not positive that we’re going to get a good resolution to this. I suspect we’ll just end up using Drive Image and keeping an identical drive on hand in case Windows 2000 gets suicidal on us. The price of an IDE drive is pocket change on top of all this.

But when you’re running Linux and GNU tar is a legitimate option as a backup and recovery tool, I love the DL320. It’s small, fast, and cheap. It’s funny when tools allegedly written by college students as a hobby work better and more consistently than commercial tools you have to pay for.

Well, I guess I should say it’s funny when that happens and it’s someone else who has to deal with it.

Vintage PCs and bubblegum and Unix and Windows server crashes

Dave Farquhar General , , , , , , , ,

Mail. Svenson wrote in, a little bit disturbed at the “vintage” label I hung on Pentium IIs this week. Here’s what he said:

What you call a Vintage PC is about what I got as a "new" box at work!

OK, it's a P2/400 but the 128Meg is not EEC and the drive is a standard 10GB 5400rpm thing. No SCSI anywhere. That is the kind of hardware being installed here.

Oh, and, BTW, it has to run Win2000.

To which I replied my “vintage” label was at least slightly tongue-in-cheek. I’ve got a Celeron-400 here that’s still in heavy use. My P2/266 laptop doesn’t get much use anymore because my employer provided me with a P3-800 laptop late last year. There are people who call even that P3-800 passe. They’re idiots, and I have zero respect for them, but they’re out there, and unfortunately people listen to them. Today I’m hearing P2s mentioned with the same disdain that 286s were in 1993 and 386s in 1996. They’re still fine computers. As my workplace is well aware–our workhorse machine is still a P2-350 or 400 with a 5400 RPM IDE drive, and that looks to remain true for another couple of years.

It’s a buyer’s market. If you know someone who needs a computer, buy one of these. They’re built much better than a $399 eMachine, and the models with SCSI drives in them will outperform the eMachine for household tasks.

Absolutely nuts. If you’re in the market for Luis Gonzalez’s bubblegum (Gonzalez is the Arizona Diamondbacks’ slugging left fielder), it’s for sale. I got a bit far out there on my baseball collectibles, but never that far.

Absolutely funny. I’m so glad that the people at Microsoft and Unisys are incompetent. They set their sights on Unix with their “We Have the Way Out” campaign. Then someone noticed the Web site was running on, uh, well, FreeBSD. I see. Unix is good enough for them, but not for the rest of us. Word got out in a hurry, and they hastily moved the site over to Windows 2000. Within hours, the site was down. And down it stayed, for two days.

See what happens when you abandon Unix in your datacenter for Windows 2000? I gotta get me some of that. I’ll charge into my boss’ boss’ office today and tell him we need to migrate our VMS and Digital Unix and Linux systems to Windows 2000. He’ll ask why, and I’ll tell him the truth:

The systems we have now work too well and I need job security.

Wehavethewayout.com is working now, but Gatermann visited it yesterday and noted its form didn’t work right in Mozilla. So I guess you can only get information on Microsoft’s way out if you’re running Internet Explorer.

Maybe these guys are smart, but they have about as much common sense as the chair I’m sitting in.

That’s just as well. If their experience is any indication (trust me, it is), they can keep their information. I’ve seen more useful information written in bathroom stalls.

All in no particular order…

Dave Farquhar General , , , , , , ,

U2. I couldn’t help but notice during U2’s halftime performance yesterday how much Bono has aged. Now, granted, he’s 42 or 43 now, so he’s not going to look 22 anymore, but last night he didn’t look 42 to me. His voice didn’t seem terribly strong either, but that’s something he’s battled for more than 20 years. During their famous Sarajevo gig in 1997, Edge had to sing a few numbers (including Sunday Bloody Sunday) because Bono had lost his voice.
Above all else, it was a show. The band showed up on stage, sans Bono. He was walking through the crowd. They played one obvious song (Beautiful Day), then in a flash of showmanship, projected the names of 9/11 victims as they played an obscure song off The Unforgettable Fire, the haunting MLK (one of two tributes to Martin Luther King Jr. on that album) before segueing into Where the Streets Have No Name, with a few improvised lyrics (including a chorus from All You Need is Love, a nod to Paul McCartney).

Very typical U2. U2 fans undoubtedly loved it or at least enjoyed it; not-so-big fans probably weren’t so impressed (they sounded worse than, for instance, Mariah Carey, but a musician I work with is convinced she was lip-syncing) and U2 haters probably found something else to hate. I was impressed that they didn’t sell out by playing three songs off their current album. They played a hit from a year ago, then they played an obscure song, then they played a minor hit from 15 years ago, but it wasn’t one of the two huge hits off that album.

Heartbreak. That was what the game itself was. The Rams didn’t show up to play for the first three quarters. I have to wonder how badly Warner was hurting, because he definitely didn’t look 100% (and if I can notice a difference, there definitely is one). I have to wonder what if he hadn’t taken those hits late in the game three weeks ago against Green Bay…?

Security. I see from this story that Linux is less secure than Windows, based on counting reports at SecurityFocus.

SecurityFocus reported a total of 96 Linux vulnerabilities, versus 42 Windows NT/2000 vulnerabilityes (24 for Windows 2000 and 18 for NT4.0). Buried deeper in the article, you see that Mandrake Linux 7.2 notched up 33 vulnerabilities, Red Hat 7.0 suffered 28, Mandrake 7.1 had 27 and Debian 2.2 had 26.

So, first things first, James Middleton seems to think 2=4.

Now, math aside, those 26 Debian vulnerabilities were in all likelihood present in all the other distributions. So there’s a lot of triple- or even quadruple-counting here.

I remember a good number of those Linux vulnerabilities. Some of them were buffer overflows in utilities that would be difficult or impossible to exploit without shell access to the machine. Some of them were in daemons (services) that may or may not be running at any given time. Very few were in the kernel itself. Bottom line is, a typical Linux-based Web server sitting behind a firewall with only port 80 exposed probably didn’t have anything to worry about. The same goes for a typical Linux-based Samba server.

This isn’t like Windows, where you get the components Microsoft deems necessary, whether you want them or not, and you fear removing or disabling them because you don’t know what else will break and have no way of knowing. With Mandrake, you’ll get some services you don’t want, but you can disable them without breaking stuff. Red Hat has reformed and installs surprisingly little in its minimum installation these days. Debian installs even less.

So, the dirty little secret this article didn’t tell you: Not all the security problems affected any given Linux server. Chances are most of the security flaws affected any given Windows server.

I hate it when technology journalists blindly spit out numbers without having a clue what they mean.

I may publish again. I was mad enough to fire off a proposal to one of my former editors to see if he’d be interested in a few magazine articles. It’s time there was some stuff out there written by someone who has a clue what he’s talking about.

Useful link. For once I saw a banner ad that halfway interested me today. At LowerMyBills.com you can compare different utilities services available to you. Long-distance rates include both the interstate and intrastate rate (important if you’re like me and rarely call out-of-state). Alas, they don’t list local phone service providers, and their high-speed Internet listings aren’t complete, but it’s better than nothing. They also do listings for loans and debt relief, neither of which I need right now.

If the site’s useful to you, you’ll know.

I’m back.

Dave Farquhar General , , , , , , ,

Very interesting. Just as everyone’s proclaiming Linux dead, Red Hat goes and turns a profit for the first time. Yes, there are too many Linux companies. Yes, there’ll be consolidation. No, I’m not convinced that selling it at retail is necessarily the best way to proliferate the system.
I also find it humorous that people like ZDNet’s David Coursey can struggle all weekend setting up a Windows server, yet state that Linux is no threat to Microsoft, even as a server. The implication is that Linux is too difficult. Give me a weekend–actually, more like 5 minutes, if you’ll spot me TurboLinux and a 50X CD-ROM drive–and I can have DNS going on Linux, easy. Give me a day, and I can have a lovely mail server going too. (I intended to do that just this past weekend, actually, but I couldn’t come up with a working ISA SCSI controller to pair up with my army of SCSI CD-ROMs to make it happen.)

Needless to say, this past week I lost most of what little respect I had for Coursey. VMWare runs Windows under Linux better than VirtualPC runs Windows on the Mac, and Coursey’s obviously never heard of it (see that second link).

Don’t get me wrong, Linux setups drive me up the wall sometimes. But I’ve had instances where Windows flat out wouldn’t install on perfectly good hardware, for no good reason, too. And since Linux servers are unencumbered by a GUI, multimedia, Pinball, Internet Exploiter, and other desktop stupidity that has no business on servers, they’re a whole lot easier to troubleshoot. You’ve got a kernel, a daemon or two, and a plaintext configuration file. That’s not much to break. Actually it’s good engineering–a machine should have no unnecessary parts.

So long, Cal Ripken. Cal Ripken announced he’s hanging it up yesterday morning. I had the pleasure of seeing Ripken play shortstop a couple of times in the early 1990s when the Orioles were in Kansas City. Today, in this era of A-Rod and Nomar and Jeter, Ripken’s offensive stats don’t seem so hot. But in the 1980s (and before), if your shortstop could hit .270 and steal the occasional base, you counted yourself very, very lucky. In those days, Ripken not only hit .270, he was consistently one of the best defensive shortstops in the American League. He was never as flashy as Ozzie Smith, but how many shortstops ever fielded .996? You’re happy to get that kind of a fielding percentage out of your first baseman, and first base is the easiest position to play. Not only that, Ripken was also good for 20-25 homers and 80+ RBIs. These days that doesn’t sound too impressive either, but remember that Ripken played the bulk of his career in an era when people rarely hit 40 homers–someone who could pop 30 was considered a real power threat.

And besides all that, Ripken played 2,632 consecutive games, shattering Lou Gehrig’s record of 2,130. Ripken played the majority of those games at shortstop (he also played some third base at the beginning and at the end). Gehrig played his games at first base and in left field, both much less demanding positions. And while Gehrig played every inning of every game just once, Ripken did it four times, in consecutive years (1983-1986).

Ripken’s really slowed down the past three years, but he did end his streak on his own terms before being cut down by injuries his final three seasons. He’s nowhere near the player he used to be. Then again, at the end of his career, Ernie Banks couldn’t hit or field, and he was playing first base. Ripken refuses to move from third to a less demanding position–partly out of pride, but partly because he’s still capable of playing third.

And we can’t forget his loyalty. Ripken’s played his entire career, from 1981 up until now, with Baltimore. You don’t see that much anymore.