If you’ll notice, there’s a very important option that’s missing: “No”. Perhaps this is a misconception due to a poorly-worded prompt, but it was a bad one to screw up at this stage in the privacy game.

Download required files (adding links to the most recent versions of each, check for newer versions as necessary):
cd /usr/local/src
wget http://download.java.net/jdk7/binaries/
wget http://opendedup.googlecode.com/files/debian-fuse.tar.gz
wget http://opendedup.googlecode.com/files/sdfs-latest.tar.gz

And install:
chmod +x jdk-7-ea-bin-b87-linux-x64-25_mar_2010.bin
./jdk-7-ea-bin-b87-linux-x64-25_mar_2010.bin
(follow instructions – afterwards, but sure to set the JAVA_HOME variable)
export JAVA_HOME=/usr/local/src/jdk1.7.0
tar zxf debian-fuse.tar.gz
cd debian-fuse
dpkg --install *.deb

Next, just extract the SDFS packages and use:
tar zxf sdfs-latest.tar.gz
cd sdfs-bin

Now, we make our filesystem and mount it:
./mkfs.sdfs --volume-name=deduped --volume-capacity=5000MB
./mount.sdfs -m /srv -v deduped

Assuming all goes well, you should have a newly mounted deduped mount.

Great results from testing in the small
As a test, I copied over a sample song from my music collection (what nerd doesn’t enjoy a little Weird Al?). Copying to /root, the file size was 2.9MB. Once I copied it to my deduped /srv directory, the file size took just 46K on disk! Not too shabby. Just as a sanity check, I copied the file back off the deduped filesystem and the file size grew back to normal.

Things not all rosy in Opendedup-land
I decided to try throwing a little more data at it as a test and copied over the Documents directory from my desktop. The folder that I copied was slightly over 600MB of docs, text files, images, and a few other file types. During the file copy, Opendedup took a significant amount of memory (it hung around the 90% mark). My test machine was a small virtual machine (1 CPU, 2GB of RAM) and the file transfer slowed it down significantly. Eventually, I got curious as to how much had been transferred. I cd’d to the test dir and did an ‘ls’ which never completed and I could no longer open a new shell via SSH to the vm either. I’m sure this would be much better if I had the resources to throw a little more RAM and CPU at it (since I’m running the minimum), but I don’t have time the resources to try at the moment.

Conclusion
Overall, the technology seems really promising and pretty straightforward to use. If my compression rates hold true, this could dramatically cut down on the amount of disk space needed to store my backups and virtual machine templates. Judging by the performance I’ve seen thus far, I don’t think I’d want to run this in production, but it looks promising, nonetheless.

1. No multitasking
2. Use a push notification for updates
3. Use the iPod Touch ZuneHD interface
4. Force apps to be installed via the iTunes App Store Windows Marketplace

While these changes aren’t confirmed yet, even if one or two of those changes are true, they scream jealousy. Why these changes? Microsoft needs to be able to compete with Apple on speed, battery life, and stability. While I am certainly not in any inner-circles close to this, I’m sure Microsoft is finding that people want stability, responsiveness, and good battery life in their cell phones. I know that responsiveness and stability are top on my list (I haven’t been overly happy with a phone with the exception of my BlackBerry ((no AT&T coverage in my area))  for some time now over those very things).

Whether Microsoft wants it or not, the world is slowly drifting away from do-it-all devices that have to be setup by power users. The world wants phones that they can turn on, install apps, and start using without having to worry about one application slowing down the phone or having too many open causing the phone to crash.

But not to worry, to those now doubting Microsoft, they thought of all of these radical changes all on their own..

UPDATE:

According to a Slashdot article today, the problem looks like it may be much worse. According to the article, Gmail will be adding Facebook-like photo albums and comment feeds. Fortunately, the Gmail social networking tools are opt-in, so perhaps I won’t have to see the clutter when I don’t want to? We’ll see.

Canonical’s decision to change the Ubuntu default search engine and rumors that Apple may be soon to switch the default provider on the iPhone (I’m assuming with regular old Safari soon to follow), Google will no longer be the default on most of the major desktop OS’s of our time. Verizon has also struck a deal with Bing and made it the default search provider on its mobile phones. I personally was pretty mad the day that the Bing icon on my BlackBerry, but that’s a story for another day.

Citing concerns over privacy, there have been several who have spoken out against Google as well. Google has even stated that it is considering pulling out of the huge market of China.

Despite these things, Google’s search market share has continued to increase month after month. These next few months will be interesting to see what happens to market share as these talks fall into place. The true test of the Google brand will be for those users who have to go out of their way to choose Google as their search provider, rather than Google enjoying its nice defaults that it has enjoyed over the past few years.

The sad part is, broadcasting this version number isn’t something that can be disabled using the built-in settings. I don’t know what the rationale is, but one either has to edit the functions.php file in WordPress directly, or install the plugin mentioned above.

Anyway, this got me thinking about plenty of other open source softwares that I’ve disguised over the years.. For instance, perform a fresh install of Ubuntu 8.04 with the LAMP stack and you’ll see the version listed in the headers as detailed as this:

Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.9 with Suhosin-Patch Server

Yup, there it is, script kiddies. Bust out Metasploit and eat your hearts out. In this case, if one leaves the defaults enabled, the server major version, minor version, PHP version, OS, and WordPress version all are exposed. That leaves a pretty nice little attack vector.

Of course, hiding these things doesn’t mean that anything is secure. On the contrary, one must go far deeper than that. I am just disappointed in so many open source projects that cut down the time needed for any script kiddies to start playing with my public services.

For as long as I’ve cared, I’ve always considered myself more of a “responsible disclosure” kind of a person. That is, until I heard an interesting argument that I’ve never seen very clearly articulated before. As a sysadmin, when a vulnerability in a web server (for instance) is disclosed, one can monitor for someone trying to exploit that vulnerability and stop it (or at least log what happens). Without that disclosure, one has no idea what software is vulnerable and known only to some black market somewhere. It’s odd, but humans are comforted in that way. It’s kinda like knowing that a $500 repair is coming for one’s car. It’s a lot easier pill to swallow when one knows about it, say a month or so in advance rather than being surprised by it.

However, there’s still a piece of the rationale behind Intevydis’s stance on immediate full disclosure that I still don’t quite grasp. Quoting from their blog:

You – ABCD company, making N millions per year selling your buggy XYZ product all over the world, why are you asking to give the results of the hard work during many years for free? Instead of wasting your and our time would not it be better to allocate resources to enforce good coding practices for all your amateur software developers?

Okay, so the main argument here is that they don’t want to give away their research for nothing. That is absolutely a fair thing to ask for. Knowledge and research isn’t cheap, so it’s not something that many people want to give away for free. I get it. However, I have to ask: How is full disclosure better than “responsible disclosure” (I’m using the quotes because I’m not sure how responsible so-called “responsible disclosure” is anymore) in that respect? Seriously, you don’t get paid for posting a blog entry about the latest exploit in [insert your favorite CMS here] that allows others to break into those CMSs quite easily every time one is found on the web.

And another thing, exactly who’s time are we wasting here? The developers of the software are obviously not wasting their time since they’re drawing in ‘N millions’ of dollars for the software they created. Yet, the research group is the one disclosing that they’ve found a vulnerability in the software, but they won’t tell anyone what exactly the flaw or bug is. Wait. Who’s time have we wasted now? My time for reading the report and yours for researching, finding, and sort of disclosing the vulnerability? Yes, that’s exactly who’s time was wasted. Of course, if one gets to this point in the game and are wanting money, they’re likely going to be written off as a blackmailer, but let’s be real. Either do work for pay or don’t complain about someone wasting your time for wanting you to backup claims with proof.

I really can’t grasp why full, immediate disclosure of vulnerabilities helps the problem of a revenue stream for this security company over “responsible disclosure”. There are a few indirect ways that these kinds of things can help their revenue such as consulting jobs due to exposure for finding a vulnerability. Of the ways that I can think of, though, there’s still room for a bit more of a “responsible disclosure” strategy than they are acknowledging. Not only that, but they’ve essentially burned a bridge with any software company that might hire them to do a penetration test on their network when they piss off said company.

There a ton more angles to this discussion that I simply don’t have time, nor do I suspect anyone would read much of it. However, I would like to hear from anyone who disagrees or has more to add to the discussion in the comments below.

A conversation by the BBC with Microsoft CEO Steve Ballmer said it all for me. During the interview, Ballmer was talking about why the tablet would take off this year after years of trying. Ballmer did raise some good points about technology evolving, however, he raised a big question for me. During the interview he stated that, “These things are not replacement [devices] in every sense.” Meaning, one won’t replace their laptop or smartphone with a tablet. My problem is, where does that leave the tablet, then?

For me personally, I’m sick of having more gadgets. I’ve got a BlackBerry, an iPod, a MacBook, a Wii, a DVR, and a desktop computer. I’ve like the idea of having a Kindle and maybe a GPS device, but I’ve been turned off about the idea of having yet another device to throw into my backpack or pocket. If a tablet PC can’t replace one of my gadgets (hopefully a gadget that’s larger than the tablet), then it definitely has no place in my home. In addition to that, I’m not sure what economy these people are living in that we can afford all these devices plus purchase another one that doesn’t let us not purchase either a phone or a laptop.

The closest thing that I’ve heard of a tablet replacing is a netbook. That may be the case, only time will tell. The problem with that logic in my mind, however, is that the tablet PCs will likely be significantly higher-priced than netbooks have been so far which might make them cost-prohibitive as replacements for netbooks.

Of course, only time will tell, but I’m not yet convinced that these tablet PCs will see nearly the market share that we’re being led to believe. If Ballmer is right (I believe he is here) and these devices are just add-ons and not replacements for traditional laptops or smartphones, the tablet is doomed to be a niche product forever.

The below screenshot is of the server info as detected by Thunderbird when I put my email address in:

Note that the outgoing mail server is a drop-down.. populated from.. where, exactly? Now, I realize that you can just go ahead and create the account and go back, but one can’t create the account without “re-testing” (validating) the config. So.. it has to be correct before creating it, but yet it won’t let me correct it. Yup, it’s that awesome.

Next, changing the protocol in the drop-down didn’t change the port number. When Thunderbird didn’t find the correct mail server (which is going to be the case almost every time when one’s email is hosted in a shared, hosted environment), Thunderbird automatically populated the protocol with POP. Not a horrible thing, but changing the port when changing the protocol seems like a pretty obvious thing to do in order to avoid frustration with users (and indeed would have helped with some frustration for us tonight).

The last frustration that we ran into was that when selecting the “Manual Setup” option, things weren’t quite so.. er.. manual. It was more like some automatic settings that couldn’t be overridden after clicking the manual frustration button. Since it defaulted to POP when it couldn’t figure out the server settings, simply hitting the manual setup button created a POP account.. Not so bad if you could easily switch the protocol. Of course, not so. To get that corrected, one has to remove the account, create a new account, type in your name and login info, let it try to figure out the settings for you, manually edit the settings to change the protocol, and create the account by hitting the “manual setup” button (intuitive, eh?). Then, you can finally edit the server name to put in the correct info. Ugh.

At the end of it all, I would still recommend Thunderbird to others from a usability perspective, but now with the disclaimer that it’s nasty to setup the first time if you don’t use a mail.domain.com or similar server. I just really wish that we didn’t have to sacrifice power and easy customizations for alleged ease of use.

In the commercial, ‘Angela’ says: “I don’t want to worry about my computer freezing or crashing … and suddenly, Windows 7″. Uh, what? Did we just hear an admission from Microsoft that Vista had problems? I hate to add to my anti-Microsoft list of blog posts, but seriously, what are they thinking with this ad? They should’ve just said: “Upgrade to Windows 7, it sucks less than previous versions”. Definitely not the positive spin on Windows that I was expecting.. With a product out the door that the company can definitely be proud of, I expected them to tout some cool new features, but that’s not the stance we’ve seen from previous versions.