Am 26.12.2011 17:03, schrieb Sebastian Freundt:
Stefan Seyfried <stefan.seyfried@googlemail.com> writes:
Am 26.12.2011 07:41, schrieb Claudio Freire:
2) Ability to write and read logs faster then before. Speed is not an issue. I've processed gigabytes of text logs quickly enough when doing forensics.
If you've really ever done real forensics, you'd probably value signed tamper-proof log entries.
That just proves that you've never done forensics. Relying on tamper-proofness is a bad idea. The whole feature is a typical thing some people seem to assume that everyone needs. I imagine the reader software will be designed to detect such `tampering' and invalidate it one way or the other.
No, if not implemented totally braindead, then it will just flag the entry as "has a problem".
Just imagine a dying disk flipping bits at random with a probability of X. At some point either the signature will be invalid, or the data. Having discarded valuable redundancy by using a binary format, how do you detect the validity and how do you cope with situations like these?
If you're doing forensics on a dying disc, then that problem flag is a sign of "oh, a flipped bit!". But if you are doing forensics after a security breach, then it is a sign of "someone tried to do something bad".
I don't want to depend on that particular less feature, at least not in real-life stress situations.
You also depend on your dynamic linker still working. I have seen too many machines where it was not, so I finally had to get out that rescue system. So what.
It pains me to see that some people seem to scale their experience with 2
or 3 computers to a farm of 10000+ computers. It's a LOT different.
Thanks for assuming I'm not farming 10000+ computers. You're wrong.
Let's not forget this is new territory for anyone that hasn't done a similar migration (for the better or worse) in the past, promises mean nothing, *experience* is what counts.
So you surely have filed lots of bugzilla entries about all that bad experience? It is pretty rude assuming that the guys who are actually volunteering to do parts the work (Cristian is) will certainly screw up. If I'm looking at Cristians track record regarding openSUSE, I am willing to give him some credit and I assume that he will not screw this up. -- Stefan Seyfried "Dispatch war rocket Ajax to bring back his body!" -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org