Tag Archives: flash

Batinator – spot bats in flight

Post Syndicated from Liz Upton original https://www.raspberrypi.org/blog/batinator-spot-bats/

Even you live somewhere heavily endowed with bats, you’ve probably never had a good look at one on the wing. Bats fly so fast – in poor lighting conditions – that if you’re lucky you’ll get a glimpse of something flashing by out of the corner of your eye, but usually you won’t even notice they’re there.

Enter the Batinator.

bats

The Batinator is a portable Raspberry Pi device with an Pi NoIR camera board and a big array of IR lights to illuminate the subject, which means it can see in the infra-red spectrum. Martin Mander has set it up to record at 90 frames per second – enough to capture the very fast flappings of your neighbourhood bats in slow-mo. And it’s powered by a recycled 12v rechargeable drill bat-tery, which makes it look like some sort of police hand-held radar bat scanner. (Which it is not.)

batinator

Here’s the Batinator in action (bats start doing bat stuff at about 2:40):

The Raspberry Pi Batinator

The Batinator is a portable Raspberry Pi that uses a PinoIR (No Infrared Filter) camera module to record video in the dark at 90 frames per second, 640×480 resolution. It features a 48 LED illuminator lamp on top and the power is provided by a 12v rechargeable drill battery.

Martin’s made a full writeup available on Instructables so you can make your own, along with some video he’s taken with the same setup of a lightning storm – it turns out that the same technology that’s great for bat-spotting is also great for storm-filming. He’ll walk you through the equipment he’s built, as well as through building your own bat lure, which involves soaking your socks in beer and hanging them from a line to attract tasty, tasty moths.

sad bat

Thanks Martin – let us know if you take more footage!

 

The post Batinator – spot bats in flight appeared first on Raspberry Pi.

My Raspeberry Pi cluster

Post Syndicated from Robert Graham original http://blog.erratasec.com/2016/07/my-raspeberry-pi-cluster.html

So I accidentally ordered too many Raspberry Pi’s. Therefore, I built a small cluster out of them. I thought I’d write up a parts list for others wanting to build a cluster.

To start with is some pics of the cluster What you see is a stack of 7 RPis. At the bottom of the stack is a USB multiport charger and also an Ethernet hub. You see USB cables coming out of the charger to power the RPis, and out the other side you see Ethernet cables connecting the RPis to a network. I’ve including the mouse and keyboard in the picture to give you a sense of perspective.

Here is the same stack turn around, seeing it from the other side. Out the bottom left you see three external cables, one Ethernet to my main network and power cables for the USB charger and Ethernet hub. You can see that the USB hub is nicely tied down to the frame, but that the Ethernet hub is just sort jammed in there somehow.

The concept is to get things as cheap as possible, on per unit basis. Otherwise, one might as well just buy more expensive computers. My parts list for a 7x Pi cluster are:

$35.00/unit Raspberry Pi
 $6.50/unit stacking case from Amazon
 $5.99/unit micro SD flash from Newegg
 $4.30/unit power supply from Amazon
 $1.41/unit Ethernet hub from Newegg
 $0.89/unit 6 inch and 1-foot micro USB cable from Monoprice
 $0.57/unit 1 foot Ethernet cable from Monoprice

…or $54.65 per unit (or $383 for entire cluster), or around 50% more than the base Raspberry Pis alone. This is getting a bit expensive, as Newegg. always has cheap Android tablets on closeout for $30 to $50.

So here’s a discussion of the parts.

Raspberry Pi 2

These are old boards I’d ordered a while back. They are up to RPi3 now with slightly faster processors and WiFi/Bluetooth on board, neither of which are useful for a cluster. It has four CPUs each running at 900 MHz as opposed to the RPi3 which has four 1.2 GHz processors. If you order a Raspberry Pi now, it’ll be the newer, better one.

The case

You’ll notice that the RPi’s are mounted on acrylic sheets, which are in turn held together with standoffs/spaces. This is a relatively expensive option.

A cheaper solution would be just to buy the spaces/standoffs yourself. They are a little hard to find, because the screws need to fit the 2.9mm holes, where are unusually tiny. Such spaces/standoffs are usually made of brass, but you can also find nylon ones. For the ends, you need some washers and screws. This will bring the price down to about $2/unit — or a lot cheaper if you are buying in bulk for a lot of units.

The micro-SD

The absolute cheapest micro SD’s I could find were $2.95/unit for 4gb, or half the price than the ones I bought. But the ones I chose are 4x the size and 2x the speed. RPi distros are getting large enough that they no longer fit well on 4gig cards, and are even approaching 8gigs. Thus, 16gigs are the best choice, especially when I could get hen for $6/unit. By the time you read this, the price of flash will have changed up or down. I search on Newegg, because that’s the easiest way to focus on the cheapest. Most cards should work, but check http://elinux.org/RPi_SD_cards to avoid any known bad chips.

Note that different cards have different speeds, which can have a major impact on performance. You probably don’t care for a cluster, but if you are buying a card for a development system, get the faster ones. The Samsung EVO cards are a good choice for something fast.

USB Charging Hub

What we want here is a charger not a hub. Both can work, but the charger works better.

A normal hub is about connecting all your USB devices to your desktop/laptop. That doesn’t work for this RPi — the connector is just for power. It’s just leveraging the fact that there’s already lots of USB power cables/chargers out there, so that it doesn’t have to invite a custom one.

USB hubs an supply some power to the RPi, enough to boot it. However, under load, or when you connect further USB devices to the RPi, there may not be enough power available. You might be able to run a couple RPis from a normal hub, but when you’ve got all seven running (as in this stack), there might not be enough power. Power problems can outright crash the devices, but worse, it can lead to things like corrupt writes to the flash drives, slowly corrupting the system until it fails.

Luckily, in the last couple years we’ve seen suppliers of multiport chargers. These are designed for families (and workplaces) that have a lot of phones and tablets to charge. They can charge high-capacity batteries on all ports — supplying much more power than your RPi will ever need.

If want to go ultra cheaper, then cheap hubs at $1/port may be adequate. Chargers cost around $4/port.

The charger I chose in particular is the Bolse 60W 7-port charger. I only need exactly 7 ports. More ports would be nicer, in case I needed to power something else along with the stack, but this Bolse unit has the nice property that it fits snugly within the stack. The frame came with extra spacers which I could screw together to provide room. I then used zip ties to hold it firmly in place.

Ethernet hub

The RPis only have 100mbps Ethernet. Therefore, you don’t need a gigabit hub, which you’d normally get, but can choose a 100mbps hub instead: it’s cheaper, smaller, and lower power. The downside is that while each RPi only does 100-mbps, combined they will do 700-mbps, which the hub can’t handle.

I got a $10 hub from Newegg. As you can see, it fits within the frame, though not well. Every gigabit hub I’ve seen is bigger and could not fit this way.

Note that I have a couple extra RPis, but I only built a 7-high stack, because of the Ethernet hub. Hubs have only 8 ports, one of which is needed for the uplink. That leaves 7 devices. I’d have to upgrade to an unwieldy 16-port hub if I wanted more ports, which wouldn’t fit the nice clean case I’ve got.

For a gigabit option, Ethernet switches will cost between $23 and $35 dollars. That $35 option is a “smart” switch that supports not only gigabit, but also a web-based configuration tool, VLANs, and some other high-end features. If I paid more for a switch, I’d probably go with the smart/managed one.

Cables (Ethernet, USB)

Buying cables is expensive, as everyone knows whose bought an Apple cable for $30. But buying in bulk from specialty sellers can reduce the price to under $1/cable.

The chief buy factor is length. We want short cables that will just barely be long enough. in the pictures above, the Ethernet cables are 1-foot, as are two of the USB cables. The colored USB cables are 6-inches. I got these off Amazon because they looked cool, but now I’m regretting it.

The easiest, cheapest, and highest quality place to buy cables is Monoprice.com. It allows you to easily select the length and color.

To reach everything in this stack, you’ll need 1-foot cables. Though, 6-inch cables will work for some (but not all) of the USB devices. Although, instead of putting the hubs on the bottom, I could’ve put them in the middle of the stack, then 6-inch cables would’ve worked better — but I didn’t think that’d look as pretty. (I chose these colored cables because somebody suggested them, but they won’t work for the full seven-high tower).

Power consumption

The power consumption of the entire stack is 13.3 watts while it’s idle. The Ethernet hub by itself was 1.3 watts (so low because it’s 100-mbps instead of gigabit).

So, round it up, that’s 2-watts per RPi while idle.

In previous power tests, it’s an extra 2 to 3 watts while doing heavy computations, so for the entire stack, that can start consuming a significant amount of power. I mention this because people think terms of a low-power alternative to Intel’s big CPUs, but in truth, once you’ve gotten enough RPis in a cluster to equal the computational power of an Intel processor, you’ll probably be consuming more electricity.

The operating system

I grabbed the lasted Raspbian image and installed it on one of the RPis. I then removed it, copied the files off (cp -a), reformatted it to use the f2fs flash file system, then copied the files back on. I then made an image of the card (using dd), then wrote that image to 6 other cards. I then I logged into each one ad renamed them rpi-a1, …, rpi-a7. (Security note: this means they all have the same SSH private key, but I don’t care).

About flash file systems

The micro SD flash has a bit of wear leveling, but not enough. A lot of RPi servers I’ve installed in the past have failed after a few months with corrupt drives. I don’t know why, I suspect it’s because the flash is getting corrupted.

Thus, I installed f2fs, a wear leveling file system designed especially for this sort of situation. We’ll see if that helps at all.

One big thing is to make sure atime is disabled, a massively brain dead feature inherited from 1980s Unix that writes to the disk every time you read from a file.

I notice that the green LED on the RPi, indicating disk activity, flashes very briefly once per second, (so quick you’ll miss it unless you look closely at the light). I used iotop -a to find out what it is. I think it’s just a hardware feature and not related to disk activity. On the other hand, it’s worth tracking down what writes might be happening in the background that will affect flash lifetime.

What I found was that there is some kernel thread that writes rarely to the disk, and a “f2fs garbage collector” that’s cleaning up the disk for wear leveling. I saw nothing that looked like it was writing regularly to the disk.

What to use it for?

So here’s the thing about an RPi cluster — it’s technically useless. If you run the numbers, it’s got less compute power and higher power consumption than a normal desktop/laptop computer. Thus, an entire cluster of them will still perform slower than laptops/desktops.

Thus, the point of a cluster is to have something to play with, to experiment with, not that it’s the best form of computation. The point of individual RPis is not that they have better performance/watt — but that you don’t need as much performance but want a package with very low watts.

With that said, I should do some password cracking benchmarks with them, compared across CPUs and GPUs, measuring power consumption. That’ll be a topic for a later post.

With that said, I will be using these, though as individual computers rather than as a “cluster”. There’s lots of services I want to run, but I don’t want to run a full desktop running VMware. I’d rather control individual devices.

Conclusion

I’m not sure what I’m going to do with my little RPi stack/cluster, but I wanted to document everything about it so that others can replicate it if they want to.

Smedberg: Reducing Adobe Flash Usage in Firefox

Post Syndicated from corbet original http://lwn.net/Articles/694972/rss

Benjamin Smedberg writes
that the Firefox browser will soon start taking a more active approach to
the elimination of Flash content. “Starting in August, Firefox will
block certain Flash content that is not essential to the user experience,
while continuing to support legacy Flash content. These and future changes
will bring Firefox users enhanced security, improved battery life, faster
page load, and better browser responsiveness.

Security updates for Wednesday

Post Syndicated from ris original http://lwn.net/Articles/694956/rss

Debian has updated apache2 (HTTP redirect).

Debian-LTS has updated apache2 (HTTP redirect).

Fedora has updated ecryptfs-utils
(F24: two vulnerabilities), kernel (F24; F23:
multiple vulnerabilities), php-doctrine-orm (F24; F23:
privilege escalation), and spice (F24: two vulnerabilities).

Gentoo has updated ansible (code
execution), arpwatch (privilege escalation
from 2012), bugzilla (multiple
vulnerabilities from 2014), commons-beanutils (code execution from 2014),
dropbear (information disclosure), exim (code execution from 2014), libbsd (denial of service), ntp (many vulnerabilities), and varnish (access control bypass).

openSUSE has updated ImageMagick
(Leap42.1: many vulnerabilities), nodejs
(Leap42.1, 13.2: buffer overflow), and samba (13.2: crypto downgrade).

Red Hat has updated java-1.8.0-openjdk (RHEL6,7: multiple vulnerabilities).

SUSE has updated flash-player
(SLE12-SP1: multiple vulnerabilities).

Ubuntu has updated python-django
(16.04: cross-site scripting).

Rocket Man

Post Syndicated from Alex Bate original https://www.raspberrypi.org/blog/rocket-man/

James Dougherty, co-founder and owner of Real Flight Systems, was looking at how to increase the performance of his high-altitude rockets…

Rocket Pi High Altitude Rocket

These types of rockets… yeah…

James’s goal was to build a ‘plug and run’ video system within a rocket, allowing high-definition video to be captured throughout the entirety of the flight. He also required a fully functioning Linux system that would allow for the recording of in-flight telemetry.

You can totally see the direction he’s headed in, right?

This requirement called for long battery life, high storage to accommodate up to 1080p video, and a lightweight processor, allowing the rocket to be robust and reliable while in flight.

Unsurprisingly, James decided to use the Raspberry Pi for his build, settling for the model B.

Before starting the build, James removed the HDMI port, composite video output, USB post, audio jack, and Microchip LAN9512. Not only did this lessen the weight of the Pi, but these modifications also lowered the power needed to run the setup, thus decreasing the size of battery needed. This shrunken unit, completed with the addition of a Pi camera, meant the Pi could run for 8-10 hours with the recording quality lowered to 720p60 and no audio captured.

Rocket PI High Altitude Rocket

Slimline Pi, now with 40% less Pi.

Sadly, the first launch had its issues: the rocket suffered a system failure that resulted in the destruction of the micro SD during the Pegasus flight at BALLS 23, an experimental rocket launch event in the Blackrock desert, USA.

Rocket Pi High Altitude Rocket

Ruh-roh, Raggy…

Rockets Magazine managed to record the launch which shows the highlights mid-flight.

ROCKETS Mag Balls 23 James Dougherty Pegasus

James Dougherty Pegasus flight at Balls 23

However, the next launch was far more successful, with close friend Jimmy Franco launching Rocket-Pi within a Dominator 4 to record the following footage.

(This clip comes with a motion sickness warning!)

Dominator 4 L1355 – TCC 02/21/15

Jimmy Franco flies Dominator-4 at TCC’s February Launch (02/21/15 on an L1355.

So what was next?

Aside from a few issues with Windows when trying to upload the footage post-flight, the main gripe was the lack of audio.

Investing in a new Raspberry Pi, making sure to keep more of the original components intact, James also updated the board with a USB microphone, added a USB flash drive to eliminate the Windows issues, and replaced the SD card with a lower storage option, as the footage was now stored in the flash drive.

1/3 Scale Nike L3150 – TCC Nike Smoke Drag Race 06/20/15

Launch and recovery of 1/3 Scale Nike Smoke at Tripoli Central Californias June 20th Launch. The vehicle flight-ready weighed 30 lbs, L3150 produces 800lbs initial thrust so we had about 26.6 G’s (burnt time 1.1440 seconds). Max speed: Mach 1.2; Max Altitude, 8,837′ AGL (GPS).

In the meantime, as James has continued to work on the Rocket-Pi, updating the hardware and code, he’s managed to put the Pi through some vigorous testing. During the most recent flight in Blackrock, the Pi reached 48K MSL (48000 feet above sea level… wow), at a speed of up to Mach 1.8 (1381 miles per hour… double wow).

Rocket Pi High Altitude Rocket

But I AM flying! And from way up here you all look like little ants.

Moving on from the build, James aims to upgrade various features. One of the most exciting upgrades looks to be the migration of Rocket-Pi to the Pi Zero, the smaller size allowing for multiple units in one rocket… creating 360-degree coverage of the flight (yes please!).

More of the build information, coding, and flight documentation can be found at the RFS website.

The post Rocket Man appeared first on Raspberry Pi.

Security advisories for Monday

Post Syndicated from ris original http://lwn.net/Articles/694780/rss

Arch Linux has updated flashplugin (multiple vulnerabilities), gimp (use-after-free), and lib32-flashplugin (multiple vulnerabilities).

Debian has updated libgd2 (multiple vulnerabilities) and pidgin (multiple vulnerabilities).

Debian-LTS has updated binutils (multiple vulnerabilities), phpmyadmin (multiple vulnerabilities), and ruby-eventmachine (denial of service).

Fedora has updated gimp (F22:
use-after-free), httpd (F23: authentication
bypass), openjpeg2 (F23: multiple
vulnerabilities), perl (F22: code
execution), python (F23: denial of
service), python3 (F23: denial of service),
samba (F23: crypto downgrade), and sudo (F23; F22: race condition).

Gentoo has updated cacti
(multiple vulnerabilities), chromium
(multiple vulnerabilities), cups (code
execution), and gd (multiple vulnerabilities).

Friday’s security updates

Post Syndicated from n8willis original http://lwn.net/Articles/694622/rss

Debian has updated php5
(multiple vulnerabilities).

Debian-LTS has updated clamav (fix for previously released update) and drupal7 (privilege escalation).

Fedora has updated openjpeg2
(F24: multiple vulnerabilities) and sqlite (F24: information leak).

Mageia has updated graphicsmagick (M5: multiple vulnerabilities), pdfbox (M5: XML External Entity (XEE) attack), sqlite3 (M5: information leak:), thunderbird (M5: multiple vulnerabilities), and util-linux (M5: denial of service).

openSUSE has updated flash-player (13.1: multiple vulnerabilities), LibreOffice (Leap 42.1: multiple vulnerabilities), libvirt (13.2; Leap 42.1:
authentication bypass),
and xerces-c (13.2: multiple vulnerabilities).

Red Hat has updated atomic-openshift (RHOSE 3.2: information leak).

Ubuntu has updated ecryptfs-utils (15.10, 16.04: information
leak), kernel (14.04; 15.10: denial of service),
libarchive (12.04, 14.04, 15.10, 16.04: code execution), linux-lts-trusty (12.04: denial of service), linux-lts-utopic (14.04: denial of service), linux-lts-vivid (14.04: denial of service), linux-lts-wily (14.04: denial of service), and linux-raspi2 (15.10: denial of service).

Security advisories for Thursday

Post Syndicated from jake original http://lwn.net/Articles/694513/rss

Fedora has updated gnutls (F23:
certificate verification botch).

Gentoo has updated flash (many vulnerabilities).

openSUSE has updated flash-player
(13.2: many vulnerabilities) and kernel (42.1:
multiple vulnerabilities).

Red Hat has updated flash-plugin
(RHEL 5↦6: many vulnerabilities) and rh-nginx18-nginx (RHSC: multiple vulnerabilities).

SUSE has updated MozillaFirefox,
MozillaFirefox-branding-SLE, mozilla-nss
(SLE11: multiple vulnerabilities).

Security updates for Wednesday

Post Syndicated from ris original http://lwn.net/Articles/694371/rss

CentOS has updated kernel (C6:
privilege escalation).

Fedora has updated python (F24:
heap corruption), python3 (F24: heap corruption), and squid (F24; F23: multiple vulnerabilities).

Mageia has updated flash-player-plugin (multiple vulnerabilities).

Oracle has updated kernel (OL6: privilege escalation).

Red Hat has updated kernel
(RHEL7: denial of service) and kernel
(RHEL6: privilege escalation).

Scientific Linux has updated thunderbird (SL5,6,7: code execution).

Ubuntu has updated pidgin (15.10,
14.04, 12.04: multiple vulnerabilities).

Adobe, Microsoft Patch Critical Security Bugs

Post Syndicated from BrianKrebs original https://krebsonsecurity.com/2016/07/adobe-microsoft-patch-critical-security-bugs/

Adobe has pushed out a critical update to plug at least 52 security holes in its widely-used Flash Player browser plugin, and another update to patch holes in Adobe Reader. Separately, Microsoft released 11 security updates to fix vulnerabilities more than 40 flaws in Windows and related software.

brokenflash-aFirst off, if you have Adobe Flash Player installed and haven’t yet hobbled this insecure program so that it runs only when you want it to, you are playing with fire. It’s bad enough that hackers are constantly finding and exploiting zero-day flaws in Flash Player before Adobe even knows about the bugs.

The bigger issue is that Flash is an extremely powerful program that runs inside the browser, which means users can compromise their computer just by browsing to a hacked or malicious site that targets unpatched Flash flaws.

The smartest option is probably to ditch this insecure program once and for all and significantly increase the security of your system in the process. I’ve got more on that approach — as well as slightly less radical solutions — in A Month Without Adobe Flash Player.

If you choose to update, please do it today. The most recent versions of Flash should be available from this Flash distribution page or the Flash home page. Windows users who browse the Web with anything other than Internet Explorer may need to apply this patch twice, once with IE and again using the alternative browser (Firefox, Opera, e.g.). Chrome and IE should auto-install the latest Flash version on browser restart.

Happily, Adobe has delayed plans to stop distributing direct download links to its Flash Player program. The company had said it would decommission the direct download page on June 30, 2016, but the latest, patched Flash version 22.0.0.209 for Windows and Mac systems is still available there. The wording on the site has been changed to indicate the download links will be decommissioned “soon.”

Adobe’s advisory on the Flash flaws is here. The company also released a security update that addresses at least 30 security holes in Adobe Reader. The latest version of Reader for most Windows and Mac users is v. 15.017.20050.

brokenwindowsSix of the 11 patches Microsoft issued this month earned its most dire “critical” rating, which Microsoft assigns to software bugs that can be exploited to remotely commandeer vulnerable machines with little to no help from users, save from perhaps browsing to a hacked or malicious site.

In fact, most of the vulnerabilities Microsoft fixed this Patch Tuesday are in the company’s Web browsers — i.e., Internet Explorer (15 vulnerabilities) and its newer Edge browser (13 flaws). Both patches address numerous browse-and-get-owned issues.

Another critical patch from Redmond tackles problems in Microsoft Office that could be exploited through poisoned Office documents.

For further breakdown on the patches this month from Adobe and Microsoft, check out these blog posts from security vendors Qualys and Shavlik. And as ever, if you encounter any problems downloading or installing any of the updates mentioned above please leave a note about your experience in the comments below.

Programming your Pi Zero over USB

Post Syndicated from Liz Upton original https://www.raspberrypi.org/blog/programming-pi-zero-usb/

Here’s a really neat solution from the inestimable Dan “PiGlove, mind where you put the capitals” Aldred. If you’re not able to get to another screen or monitor, or if you’re on the move, this is a very tidy way to get set up.

Programming the Pi over USB

A comprehensive video covering how to set up your Raspberry Pi Zero so that you can access it via the USB port. Yes, plug it in to a USB port and you can use the command line or with a few tweaks a full graphical desktop.

This is a really comprehensive guide, taking you all the way from flashing an SD card, accessing your Pi Zero via Putty, installing VNC and setting up a graphical user interface, to running Minecraft. Dan’s a teacher, and this video is perfect for beginners; if you find it helpful, please let us know in the comments!

 

 

The post Programming your Pi Zero over USB appeared first on Raspberry Pi.

How Una Got Her Stolen Laptop Back

Post Syndicated from Andy Klein original https://www.backblaze.com/blog/how-una-found-her-stolen-laptop/

Lost Laptop World Map

Reading Peter’s post on getting your data ready for vacation travels, reminded me of a story we recently received from a Backblaze customer. Una’s laptop was stolen and then traveled the over multiple continents over the next year. Here’s Una’s story, in her own words, on how she got her laptop back. Enjoy.

Pulse Incident Number 10028192
(or: How Playing Computer Games Can Help You In Adulthood)

One day when I was eleven, my father arrived home with an object that looked like a briefcase made out of beige plastic. Upon lifting it, one realized it had the weight of, oh, around two elephants. It was an Ericsson ‘portable’ computer, one of the earliest prototypes of laptop. All my classmates had really cool and fashionable computer game consoles with amazing names like “Atari” and “Commodore”, beautifully vibrant colour displays, and joysticks. Our Ericsson had a display with two colours (orange and … dark orange), it used floppy discs that were actually floppy (remember those?), ran on DOS and had no hard drive (you had to load the operating system every single time you turned on the computer. Took around 10 minutes). I dearly loved this machine, however, and played each of the 6 games on it incessantly. One of these was “Where In The World Is Carmen Sandiego?” an educational game where a detective has to chase an archvillain around the world, using geographical and cultural references as clues to get to the next destination. Fast forward twenty years and…

It’s June 2013, I’m thirty years old, and I still love laptops. I live in Galway, Ireland; I’m a self-employed musician who works in a non-profit music school so the cash is tight, but I’ve splashed out on a Macbook Pro and I LOVE IT. I’m on a flight from Dublin to Dubai with a transfer in Turkey. I talk to the guy next to me, who has an Australian accent and mentions he’s going to Asia to research natural energy. A total hippy, I’m interested; we chat until the convo dwindles, I do some work on my laptop, and then I fall asleep.

At 11pm the plane lands in Turkey and we’re called off to transfer to a different flight. Groggy, I pick up my stuff and stumble down the stairs onto the tarmac. In the half-light beside the plane, in the queue for the bus to the terminal, I suddenly realize that I don’t have my laptop in my bag. Panicking, I immediately seek out the nearest staff member. “Please! I’ve left my laptop on the plane – I have to go back and get it!”

The guy says: “No. It’s not allowed. You must get on the bus, madam. The cabin crew will find it and put it in “Lost and Found” and send it to you.” I protest but I can tell he’s immovable. So I get on the bus, go into the terminal, get on another plane and fly to Dubai. The second I land I ring Turkish Air to confirm they’ve found my laptop. They haven’t. I pretty much stalk Turkish Air for the next two weeks to see if the laptop turns up, but to no avail. I travel back via the same airport (Ataturk International), and go around all three Lost and Found offices in the airport, but my laptop isn’t there amongst the hundreds of Kindles and iPads. I don’t understand.

As time drags on, the laptop doesn’t turn up. I report the theft in my local Garda station. The young Garda on duty is really lovely to me and gives me lots of empathy, but the fact that the laptop was stolen in airspace, in a foreign, non-EU country, does not bode well. I continue to stalk Turkish Airlines; they continue to stonewall me, so I get in touch with the Turkish Department for Consumer Affairs. I find a champion amongst them called Ece, who contacts Turkish Airlines and pleads on my behalf. Unfortunately they seem to have more stone walls in Turkey than there are in the entire of Co. Galway, and his pleas fall on deaf ears. Ece advises me I’ll have to bring Turkish Airlines to court to get any compensation, which I suspect will cost more time and money than the laptop is realistically worth. In a firstworld way, I’m devastated – this object was a massive financial outlay for me, a really valuable tool for my work. I try to appreciate the good things – Ece and the Garda Sharon have done their absolute best to help me, my pal Jerry has loaned me a laptop to tide me over the interim – and then I suck it up, say goodbye to the last of my savings, and buy a new computer.

I start installing the applications and files I need for my business. I subscribe to an online backup service, Backblaze, whereby every time I’m online my files are uploaded to the cloud. I’m logging in to Backblaze to recover all my files when I see a button I’ve never noticed before labelled “Locate My Computer”. I catch a breath. Not even daring to hope, I click on it… and it tells me that Backblaze keeps a record of my computer’s location every time it’s online, and can give me the IP address my laptop has been using to get online. The records show my laptop has been online since the theft!! Not only that, but Backblaze has continued to back up files, so I can see all files the thief has created on my computer. My laptop has last been online in, of all the places, Thailand. And when I look at the new files saved on my computer, I find Word documents about solar power. It all clicks. It was the plane passenger beside me who had stolen my laptop, and he is so clueless he’s continued to use it under my login, not realizing this makes him trackable every time he connects to the internet.

I keep the ‘Locate My Computer” function turned on, so I’m consistently monitoring the thief’s whereabouts, and start the chapter of my life titled “The Sleep Deprivation and The Phonebill”. I try ringing the police service in Thailand (GMT +7 hours) multiple times. To say this is ineffective is an understatement; the language barrier is insurmountable. I contact the Irish embassy in Bangkok – oh, wait, that doesn’t exist. I try a consulate, who is lovely but has very limited powers, and while waiting for them to get back to me I email two Malaysian buddies asking them if they know anyone who can help me navigate the language barrier. I’m just put in touch with this lovely pal-of-a-pal called Tupps who’s going to help me when… I check Backblaze and find out that my laptop had started going online in East Timor. Bye bye, Thailand.

I’m so wrecked trying to communicate with the Thai bureaucracy I decide to play the waiting game for a while. I suspect East Timor will be even more of an international diplomacy challenge, so let’s see if the thief is going to stay there for a while before I attempt a move, right? I check Backblaze around once a week for a month, but then the thief stops all activity – I’m worried. I think he’s realized I can track him and has stopped using my login, or has just thrown the laptop away. Reason kicks in, and I begin to talk myself into stopping my crazy international stalking project. But then, when I least expect it, I strike informational GOLD. In December, the thief checks in for a flight from Bali to Perth and saves his online check-in to the computer desktop. I get his name, address, phone number, and email address, plus flight number and flight time and date.

I have numerous fantasies about my next move. How about I ring up the police in Australia, they immediately believe my story and do my every bidding, and then the thief is met at Arrivals by the police, put into handcuffs and marched immediately to jail? Or maybe I should somehow use the media to tell the truth about this guy’s behaviour and give him a good dose of public humiliation? Should I try my own version of restorative justice, contact the thief directly and appeal to his better nature? Or, the most tempting of all, should I get my Australian-dwelling cousin to call on him and bash his face in? … This last option, to be honest, is the outcome I want the most, but Emmett’s actually on the other side of the Australian continent, so it’s a big ask, not to mention the ever-so-slightly scary consequences for both Emmett and myself if we’re convicted… ! (And, my conscience cries weakly from the depths, it’s just the teensiest bit immoral.) Christmas is nuts, and I’m just so torn and ignorant about course of action to take I … do nothing.

One morning in the grey light of early February I finally decide what to do. Although it’s the longest shot in the history of long shots, I will ring the Australian police force about a laptop belonging to a girl from the other side of the world, which was stolen in airspace, in yet another country in the world. I use Google to figure out the nearest Australian police station to the thief’s address. I set my alarm for 4am Irish time, I ring Rockhampton Station, Queensland, and explain the situation to a lovely lady called Danielle. Danielle is very kind and understanding but, unsurprisingly, doesn’t hold out much hope that they can do anything. I’m not Australian, the crime didn’t happen in Australia, there’s questions of jurisdiction, etc. etc. I follow up, out of sheer irrational compulsion rather than with the real hope of an answer, with an email 6 weeks later. There’s no response. I finally admit to myself the laptop is gone. Ever since he’s gone to Australia the thief has copped on and stopped using my login, anyway. I unsubscribe my stolen laptop from Backblaze and try to console myself with the thought that at least I did my best.

And then, completely out of the blue, on May 28th 2014, I get an email from a Senior Constable called Kain Brown. Kain tells me that he has executed a search warrant at a residence in Rockhampton and has my laptop!! He has found it!!! I am stunned. He quickly gets to brass tacks and explains my two options: I can press charges, but it’s extremely unlikely to result in a conviction, and even if it did, the thief would probably only be charged with a $200 fine – and in this situation, it could take years to get my laptop back. If I don’t press charges, the laptop will be kept for 3 months as unclaimed property, and then returned to me. It’s a no-brainer; I decide not to press charges. I wait, and wait, and three months later, on the 22nd September 2014, I get an email from Kain telling me that he can finally release the laptop to me.

Naively, I think my tale is at the “Happy Ever After” stage. I dance a jig around the kitchen table, and read my subsequent email from a “Property Officer” of Rockhampton Station, John Broszat. He has researched how to send the laptop back to me … and my jig is suddenly halted. My particular model of laptop has a lithium battery built into the casing which can only be removed by an expert, and it’s illegal to transport a lithium battery by air freight. So the only option for getting the laptop back, whole and functioning, is via “Sea Mail” – which takes three to four months to get to Ireland. This blows my mind. I can’t quite believe that in this day and age, we can send people to space, a media file across the world in an instant, but that transporting a physical object from one side of the globe to another still takes … a third of a year! It’s been almost a year and a half since my laptop was stolen. I shudder to think of what will happen on its final journey via Sea Mail – knowing my luck, the ship will probably be blown off course and it’ll arrive in the Bahamas.

Fortunately, John is empathetic, and willing to think outside the box. Do I know anyone who will be travelling from Australia to Ireland via plane who would take my laptop in their hand luggage? Well, there’s one tiny silver lining to the recession: half of Craughwell village has a child living in Australia. I ask around on Facebook and find out that my neighbour’s daughter is living in Australia and coming home for Christmas. John Broszat is wonderfully cooperative and mails my laptop to Maroubra Police Station for collection by the gorgeous Laura Gibbons. Laura collects it and brings it home in her flight hand luggage, and finally, FINALLY, on the 23rd of December 2014, 19 months after it’s been stolen, I get my hands on my precious laptop again.

I gingerly take the laptop out of the fashionable paper carrier bag in which Laura has transported it. I set the laptop on the table, and examine it. The casing is slightly more dented than it was, but except for that it’s in one piece. Hoping against hope, I open up the screen, press the ‘on’ button and… the lights flash and the computer turns on!!! The casing is dented, there’s a couple of insalubrious pictures on the hard drive I won’t mention, but it has been dragged from Turkey to Thailand to East Timor to Indonesia to Australia, and IT STILL WORKS. It even still has the original charger accompanying it. Still in shock that this machine is on, I begin to go through the hard drive. Of course, it’s radically different – the thief has deleted all my files, changed the display picture, downloaded his own files and applications. I’m curious: What sort of person steals other people’s laptops? How do they think, organize their lives, what’s going through their minds? I’ve seen most of the thief’s files before from stalking him via the Backblaze back-up service, and they’re not particularly interesting or informative about the guy on a personal level. But then I see a file I haven’t seen before, “ free ebook.pdf ”. I click on it, and it opens. I shake my head in disbelief. The one new file that the thief has downloaded onto my computer is the book “How To Win Friends And Influence People”.

A few weeks later, a new friend and I kiss for the first time. He’s a graphic designer from London. Five months later, he moves over to Ireland to be with me. We’re talking about what stuff he needs to bring when he’s moving and he says “I’m really worried; my desktop computer is huge. I mean, I have no idea how I’m going to bring it over.” Smiling, I say “I have a spare laptop that might suit you…”

[Editor: The moral of the story is make sure your data is backed up before you go on vacation.]

The post How Una Got Her Stolen Laptop Back appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

How to Backup Your Data on Vacation

Post Syndicated from Peter Cohen original https://www.backblaze.com/blog/backup-data-vacation/

backblaze-coffee-shop-backup-vacation

With Independence Day weekend now in our rear view mirrors, it’s high summer in the United States and time for many of us to take well-deserved vacation time. These days, we take our work with us when we’re out of the office, and that’s often when catastrophe strikes. How can you make sure that your most essential information is backed up when you’re traveling? Let’s take a look.

Backup before you leave

An ounce of prevention is worth a pound of cure, and nowhere is that more true than when it comes to backing up your gear before you hit the road. Before you take off for your vacation, take some time to run a local backup on whatever devices you’ll be taking with you. If you’re planning to take a Mac or PC laptop on the road while you’re vacationing, make sure to backup the contents of their hard drives before you take off.

Worst case, you’ll only lose what you’ve worked on since you went on vacation. Backing up provides you with a baseline to recover from in the event of a catastrophe, so you’ll only need to rebuild or restore the files you worked on while you were on the road – certainly better than starting from square one again.

You should back up your mobile devices, too, whether it’s using built-in features like iCloud Backup on the iPhone, third-party apps, or using your computer to back up the contents of a tethered phone or tablet. If anything happens to the device while you’re away, you’ll be able to restore the data.

If you haven’t given your computer’s backup much thought, we’d suggest starting with what we call the 3-2-1 Backup Strategy. This calls for three copies of your data, in all: The original and a backup you keep locally are the two you have on-hand. Then there’s an offsite backup that keeps your data safe even if something happens to both the computer and the local backup. It’s the best way we know of to make sure your data is safe. (Three copies, two local, one remote – 3-2-1!)

Use the Cloud

Of course, we’ll tell you that Backblaze should be an essential part of your backup strategy when you’re on the road. If you’re connected to the Internet using the Wi-Fi at your hotel or hotspot, Backblaze will automatically backup your computer securely to our data center.

If you’re concerned about bandwidth usage while you’re traveling and you don’t want your laptop to run down its battery backing up, you can pause your Backblaze backup. What’s more, you can customize Backblaze’s performance settings (we provide separate instructions for Mac and Windows users), including a checkbox that keeps Backblaze from running down your battery.

backblaze-throttle-prefs

There are lots of cloud storage and sync services that can help you keep copies of essential data regardless of where you are. Dropbox is enormously popular, as are services like iCloud Drive, Google Drive and Microsoft OneDrive.

As long as you take appropriate precautions, like encrypting or password-protecting particularly sensitive documents (Backblaze handles encryption for you), putting copies of these documents in trusted cloud services will provide you with another route to access your information if you need it. Just make sure to keep these documents up to date so they remain useful to you.

Backup to removable storage

Some computers come equipped with built-in SD card readers that you can use to offload files. Apple’s MacBook Pro is a great example. What’s more, many companies make USB-based SD card readers. Then there are USB thumbdrives, which you can get for free at some trade shows, at drug stores, dollar stores, and various bargain bins around the Internet. Either of these solutions are helpful if you want to back up files from your computer or “sneakernet” them somewhere really quickly.

I wouldn’t depend on removable flash storage as your only backup (remember, 3-2-1). But USB thumbdrives and SD cards have taken the place of the old floppy disk and other removable storage systems. We at Backblaze even offer USB thumbdrives as a way to physically restore files when you can’t or don’t want to download them, and a hard drive is just too big.

Android devices support the use of removable flash storage. Many Android phones come with microSD card slots built in, which can be used to backup or transfer files. Others can be made to work with regular USB thumbdrives using the right connector cable.

If you’re an iPhone user, your options are a bit more limited, but you’re not stuck without a way to backup or move files when the phone gets full.

iXpand_Flash_Drive_angle

There are a few specialized devices for iOS users that can help. Take the iXpand Flash Drive from SanDisk, for example: This Lightning interface-equipped gadget plugs into your iPhone. With the help of a free app you can download from the App Store the iXpand backs up your iOS device’s photos and lets you transfer to a Mac or PC. You can delete images from your iPhone once they’re backed up to make more space. Leef’s iBridge, the Hyper iStick, and the Adam iKlips work similarly.

Hopefully we’ve given you some helpful suggestions to back up your info before you hit the road this summer. Keeping your data safe means one less thing to worry about when you’re trying to have a good time!

The post How to Backup Your Data on Vacation appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Slackware 14.2

Post Syndicated from ris original http://lwn.net/Articles/693216/rss

Slackware Linux Project has announced the release
of Slackware version 14.2. “Slackware 14.2 brings many updates and enhancements, among which
you’ll find two of the most advanced desktop environments available
today: Xfce 4.12.1, a fast and lightweight but visually appealing and
easy to use desktop environment, and KDE 4.14.21 (KDE 4.14.3 with
kdelibs-4.14.21) a stable release of the 4.14.x series of the award-
winning KDE desktop environment. These desktops utilize eudev, udisks,
and udisks2, and many of the specifications from freedesktop.org which
allow the system administrator to grant use of various hardware devices
according to users’ group membership so that they will be able to use
items such as USB flash sticks, USB cameras that appear like USB storage,
portable hard drives, CD and DVD media, MP3 players, and more, all
without requiring sudo, the mount or umount command. Just plug and play.
Slackware’s desktop should be suitable for any level of Linux
experience.
” See the release notes for
more details.

Cloud Storage on a Budget. B2 launches with support, integrations, an SLA, and more

Post Syndicated from Andy Klein original https://www.backblaze.com/blog/budget-cloud-storage/

Backblaze B2 Cloud Storage 1.0

Backblaze B2 Cloud Storage 1.0 is out of Beta and available for organizations large and small to reliably, yet inexpensively, store their data in the cloud. B2 not only provides cloud storage at 1/4th the cost of leading providers, it also comes with a 99.9% Service Level Agreement (SLA), free and premium support options, and a growing list of partners who have created integrations to sync, backup, or archive data to the B2 cloud.

B2 – built on a foundation of technological innovation

The Backblaze B2 beta was announced last September, and the response was immediate and enormous as over 15,000 developers, IT personnel, and other interested parties signed up to be part of our closed beta program. In December, Backblaze opened the beta to the public, and another 15,000 users joined in. All-in-all, a great starting point.

In reality, the foundation for B2 goes back much further than last September. It starts nearly seven years ago when we introduced the world to our Backblaze Storage Pod in our “Petabytes on a Budget” post. Out of our own need to deliver unlimited cloud backup for just $5/month to the market, we designed and built a different kind of cloud storage server that was high density and amazingly low cost.

Since then, we’ve continued to innovate by; delivering Storage Pods 2, 3, 4, 4.5, 5, and now Storage Pod 6 with 60 drives, introducing highly scalable storage with Backblaze Vaults, writing our own Reed-Solomon erasure coding library, designing our own load balancing, and more.

These innovations are part of what has enabled Backblaze to store over 250 petabytes of data and helped us recover over 12 billion files. This is the foundation on which Backblaze B2 Cloud Storage 1.0 is built.

Integrations for the SMB and the Enterprise

The number of integrations with B2 grows daily as companies discover how easy it is to build Backblaze B2 Cloud Storage into their products and services. These companies know that by providing B2 as a cloud storage option, they are dramatically lowering the cost of cloud storage for their customers and in turn encouraging potential customers to choose their solution.

“I was pleased by how elegant and simple, yet powerful the Backblaze B2 developers interface (API) is.…The biggest open issue remaining – and a quite happy problem indeed – is to figure out new and exciting ways to leverage that power for cool new features in the future for NeoFinder on both Mac and iOS platforms.” Norbert M. Doerner, developer of NeoFinder.

Here are a few of the B2 integrations to date.

Synology NAS – Sync and Save

Synology Network Attached Storage (NAS) users will be able to use the Cloud Sync feature on their Synology NAS system to sync folders on their Synology NAS device with Backblaze B2 Cloud Storage. Once they’ve installed the 2.1.0 Cloud Sync package to their system, they can select Backblaze B2 as their cloud destination and begin saving up to 75% in storage costs versus other providers. Here a quick video on how easy it is to set this up:

Many individual and SMB Synology NAS users will find this integration allows them to easily take the critical files they have centralized and stored on their NAS device and sync them with Backblaze B2. In addition, B2 alerts can be set at specific storage limits to ensure a customer stays within budget while having the peace of mind that their critical data is stored off-site. Start here to learn more about the Synology NAS / Backblaze B2 integration.

Cloudberry – Windows Server Backup to Backblaze B2

CloudBerry Lab provides cloud-based backup and file management services to small and mid-sized businesses (SMBs). Backblaze B2 is integrated with the CloudBerry Backup for Windows Servers, with B2 support for CloudBerry Explorer and the CloudBerry Managed Backup Service coming soon. Using Backup for Windows Server, data from the a Windows Server is encrypted and then backed up by CloudBerry to B2. When needed, data is decrypted and restored through CloudBerry. Here’s how easy it is to get started.

An early adopter of this solution was Girl Scouts San Diego who replaced their daily incremental LTO tape backups with a combination of CloudBerry and B2. Previously, LTO tapes were left onsite until the weekly pickup, now their data is off-site within minutes. In addition, the files within the incremental snapshots can be easily accessed and quickly restored as needed.

For small and medium-sized businesses, CloudBerry can be a one-stop solution for data backup. By choosing Backblaze B2 Cloud Storage as the destination for Windows Servers, customers can store more data for the same amount of money with no compromise in speed or reliability. For example, B2 charges $0.005/GB/month and Microsoft Azure charges $0.022/GB/month for data storage. That’s means you can store over 4 times the data with B2 for the same the cost as using Microsoft Azure. Start here to learn more about the CloudBerry / B2 integration.

Cubix – Archived media at your fingertips

Cubix, from the Ortana Media Group, is a highly configurable, scalable, and very cost effective software platform providing an efficient means of controlling and monitoring media workflow. This includes post production, broadcast and play-out, archiving, and more. Backblaze B2 is integrated in Cubix as a storage destination for a customer’s digital assets. Cubix defines storage rules and can automatically route the assets to the appropriate storage media/location. B2 is most appropriate for the archival of media data and provides significant cost savings over both on-premise and off-premise LTO tape set-ups.

“B2 is a real game changer for our industry. We are pleased to be the first Media Asset Management system to integrate and deploy B2.”
James Gibson, Founder and CEO, Ortana Media Group.

Cubix works with companies of all sizes in the Media and Entertainment industry that continually generate large amounts of digital content that needs to be saved during the different stages of a given project. Traditionally, companies have spent significant capital on LTO tape systems to save this data because it was “cheap”. However, missing data, late restores, and high operational costs plague the process. The Cubix / Backblaze B2 integration can reduce or even eliminate the need for LTO tape, by storing digital assets in B2 cloud for only $0.005/GB/month, while still making these assets readily available when needed. Start here to learn more about the Cubix / Backblaze B2 integration.

OpenIO – Hybrid cloud storage

OpenIO is designed for organizations that need scalable, easy to use, and cost-effective data and object storage. OpenIO and B2 integrate smartly for organizations that manage terabytes or petabytes of data and wish to significantly reduce their data storage costs by intelligently managing the location of where their data is stored. Many organizations archive large amounts of data using LTO tape systems that are costly, slow, and are known to be unreliable. Enabling Backblaze B2 as a destination within OpenIO for archived data, provides off-site storage that is easily accessible, fast to retrieve, and overall less expensive than LTO tape systems. Here’s an overview of how OpenIO and B2 work together.

The integration of OpenIO and B2 allows customers to easily set up and manage their own hybrid cloud for data storage. To start, OpenIO manages new data as it is stored locally on private cloud storage devices, where it stays until it meets the transfer and routing criteria being managed by OpenIO. Data which is designated for archive or warm storage can be automatically routed and stored in the B2 cloud. There it can still be easily and quickly accessed as needed, even though it is stored off-site, at a significant savings in storage costs. Start here to learn more about the OpenIO / Backblaze B2 integration.

For a complete list of partners, please check out our integrations page. You can also check out GitHub for B2 wrappers and other B2 related utilities and tools.

New B2 features and functionality

Here are some of the features we added to B2 for the 1.0 release:

  • A Service Level Agreement (SLA) for 99.9% uptime each month.
  • Large file support via the API, dramatically improving uploads and downloads of individual files over 100MB in size.
  • The ability for a user to prepare a Snapshot file up to 3.5TB in size and have it encrypted and placed on a USB hard drive and FedEx’d to the user. The cost is $189.00 for this service, and the user gets to keep the hard drive.
  • The ability for the user to prepare a smaller Snapshot file up to 110GB in size and have it encrypted and placed on a USB flash drive and FedEx’d to the user. The cost is $99.00 for this service, and the user gets to keep the flash drive.
  • Upgraded the B2 Command Line Tool to include “Sync” which will sync target folders between a PC or Mac and B2 when the command is run.
  • 10TB maximum file size for uploading/downloading, twice the size of other services.
  • Snapshot files up to 10TB in size.
  • Restructured our load balancing to improve B2 performance, along with speeding up everything else as well.

Backblaze B2 Cloud Storage is just $0.005/GB/month for data storage with the first 10GB being free each month. There is no cost to upload your data – we will not charge you transaction fees or network charges – free means free. It only costs $0.05/GB to download your data, with the first 1GB per day being free. There are small transaction fees for accessing and downloading your data. Please review our cloud storage pricing page for a complete list of fees.

Backblaze B2 support packages

All Backblaze B2 customers receive Mega Support for free when they sign up for B2. They can upgrade their support package as noted below. All B2 product support is provided by Backblaze employees located in the US.

Mega Support – For customers using the free tier of B2 services that do not have a credit card on file.

  • Email Support 9:00am to 5:00pm Pacific Time
  • 2 business day response (target)
  • Free access to all public web resources: product documentation, sample code, knowledge base, etc.

Giga Support – For customers using the free tier of B2 service that have a valid credit card on file that could be charged.

  • Mega Support plus the following
  • 1 business day response (target)

Tera Support – For business customers that are paying for the B2 service.

  • Giga Support plus the following
  • 2 business hour response (target) for all inquires
  • 2 named customer contacts for access to this tier of service

Peta Support – For business customers that are paying for the B2 service.

  • Tera Support plus the following
  • Access to an “outside of business hours” phone number for critical availability issues
  • 2 hour response (target) for all inquires
  • 5 named customer contacts for access to this tier of service

The Tera and Peta levels are paid plans. Please visit our B2 Support page for pricing information.

B2 service levels

To be useful, cloud-based solution need to available. That’s obvious, but what exactly do cloud companies promise regarding availability? In the case of Backblaze B2, our Service Level Agreement (SLA) is to be 99.9% available over the course of a month. This is comparable to Amazon S3, Microsoft Azure and others, and exceeds Google Nearline, Glacier and similar others that are not restore-ready services.

To meet this service level, we first designed a system that is “available”. For example, creating our own Reed-Solomon erasure coding for our Backblaze Vault architecture to achieve 99.999999% durability. It also requires that we have “redundant everything”, to use the technical term. The second part of meeting our SLA is to instrument the B2 system so we can test and monitor it continuously. To test B2 we use an internally designed program known as “Canary” which runs through all the B2 API calls once a minute and records the results. This information, along with data scraped from our server and database systems, is captured and organized by Prometheus and turned into actionable metrics and graphs by Grafana. We’ll cover this a bit more in a future post.

Ready, go

The B2 project started on a white board a couple of years ago as we discussed ways to leverage our ability to store data for less than anybody out there. A lot of smart people worked really hard to create a system that was easy to use, reliable, and inexpensive – design goals that are often at odds with each other. So go ahead, give B2 a try. There’s an API, CLI, and a Web GUI so that anyone can use it and the first 10GB of storage is free – B2 is waiting.

Deciding to Build B2 B2 Decision List

The post Cloud Storage on a Budget. B2 launches with support, integrations, an SLA, and more appeared first on Backblaze Blog | The Life of a Cloud Backup Company.

Graphical fidelity is ruining video games

Post Syndicated from Eevee original https://eev.ee/blog/2016/06/22/graphical-fidelity-is-ruining-video-games/

I’m almost 30, so I have to start practicing being crotchety.

Okay, maybe not all video games, but something curious has definitely happened here. Please bear with me for a moment.

Discovering Doom

Surprise! This is about Doom again.

Last month, I sat down and played through the first episode of Doom 1 for the first time. Yep, the first time. I’ve mentioned before that I was introduced to Doom a bit late, and mostly via Doom 2. I’m familiar with a decent bit of Doom 1, but I’d never gotten around to actually playing through any of it.

I might be almost unique in playing Doom 1 for the first time decades after it came out, while already being familiar with the series overall. I didn’t experience Doom 1 only in contrast to modern games, but in contrast to later games using the same engine.

It was very interesting to experience Romero’s design sense in one big chunk, rather than sprinkled around as it is in Doom 2. Come to think of it, Doom 1’s first episode is the only contiguous block of official Doom maps to have any serious consistency: it sticks to a single dominant theme and expands gradually in complexity as you play through it. Episodes 2 and 3, as well of most of Doom 2, are dominated by Sandy Petersen’s more haphazard and bizarre style. Episode 4 and Final Doom, if you care to count them, are effectively just map packs.

It was also painfully obvious just how new this kind of game was. I’ve heard Romero stress the importance of contrast in floor height (among other things) so many times, and yet Doom 1 is almost comically flat. There’s the occasional lift or staircase, sure, but the spaces generally feel like they’re focused around a single floor height with the occasional variation. Remember, floor height was a new thing — id had just finished making Wolfenstein 3D, where the floor and ceiling were completely flat and untextured.

The game was also clearly designed for people who had never played this kind of game. There was much more ammo than I could possibly carry; I left multiple shell boxes behind on every map. The levels were almost comically easy, even on UV, and I’m not particularly good at shooters. It was a very stark contrast to when I played partway through The Plutonia Experiment a few years ago and had to rely heavily on quicksaving.

Seeing Doom 1 from a Doom 2 perspective got me thinking about how design sensibilities in shooters have morphed over time. And then I realized something: I haven’t enjoyed an FPS since Quake 2.

Or… hang on. That’s not true. I enjoy Splatoon (except when I lose). I loved the Metroid Prime series. I played Team Fortress 2 for quite a while.

On the other hand, I found Half-Life 2 a little boring, I lost interest in Doom 3 before even reaching Hell, and I bailed on Quake 4 right around the extremely hammy spoiler plot thing. I loved Fallout, but I couldn’t stand Fallout 3. Uncharted is pretty to watch, but looks incredibly tedious to play. I never cared about Halo. I don’t understand the appeal of Counterstrike or Call of Duty.

If I made a collage of screenshots of these two sets of games, you’d probably spot the pattern pretty quickly. It seems I can’t stand games with realistic graphics.

I have a theory about this.

The rise of realism

Quake introduced the world to “true” 3D — an environment made out of arbitrary shapes, not just floors and walls. (I’m sure there were other true-3D games before it, but I challenge you to name one off the top of your head.)

Before Quake, games couldn’t even simulate a two-story building, which ruled out most realistic architecture. Walls that slid sideways were virtually unique to Hexen (and, for some reason, the much earlier Wolfenstein 3D). So level designers built slightly more abstract spaces instead. Consider this iconic room from the very beginning of Doom’s E1M1.

What is this room? This is supposed to be a base of some kind, but who would build this room just to store a single armored vest? Up a flight of stairs, on a dedicated platform, and framed by glowing pillars? This is completely ridiculous.

But nobody thinks like that, and even the people who do, don’t really care too much. It’s a room with a clear design idea and a clear gameplay purpose: to house the green armor. It doesn’t matter that this would never be a real part of a base. The game exists in its own universe, and it establishes early on that these are the rules of that universe. Sometimes a fancy room exists just to give the player a thing.

At the same time, the room still resembles a base. I can take for granted, in the back of my head, that someone deliberately placed this armor here for storage. It’s off the critical path, too, so it doesn’t quit feel like it was left specifically for me to pick up. The world is designed for the player, but it doesn’t feel that way — the environment implies, however vaguely, that other stuff is going on here.


Fast forward twenty years. Graphics and physics technology have vastly improved, to the point that we can now roughly approximate a realistic aesthetic in real-time. A great many games thus strive to do exactly that.

And that… seems like a shame. The better a game emulates reality, the less of a style it has. I can’t even tell Call of Duty and Battlefield apart.

That’s fine, though, right? It’s just an aesthetic thing. It doesn’t really affect the game.

It totally affects the game

Everything looks the same

Realism” generally means “ludicrous amounts of detail” — even moreso if the environments are already partially-destroyed, which is a fairly common trope I’ll be touching on a lot here.

When everything is highly-detailed, screenshots may look very good, but gameplay suffers because the player can no longer tell what’s important. The tendency for everything to have a thick coating of sepia certainly doesn’t help.

Look at that Call of Duty screenshot again. What in this screenshot is actually important? What here matters to you as a player? As far as I can tell, the only critical objects are:

  • Your current weapon

That’s it. The rocks and grass and billboards and vehicles and Hollywood sign might look very nice (by which I mean, “look like those things look”), but they aren’t important to the game at all. This might as well be a completely empty hallway.

To be fair, I haven’t played the game, so for all I know there’s a compelling reason to collect traffic cones. Otherwise, this screenshot is 100% noise. Everything in it serves only to emphasize that you’re in a realistic environment.

Don’t get me wrong, setting the scene is important, but something has been missed here. Detail catches the eye, and this screenshot is nothing but detail. None of it is relevant. If there were ammo lying around, would you even be able to find it?

Ah, but then, modern realistic games either do away with ammo pickups entirely or make them glow so you can tell they’re there. You know, for the realism.

(Speaking of glowing: something I always found ridiculous was how utterly bland the imp fireballs look in Doom 3 and 4. We have these amazing lighting engines, and the best we can do for a fireball is a solid pale orange circle? How do modern fireballs look less interesting than a Doom 1 fireball sprite?)

Even Fallout 2 bugged me a little with this; the world was full of shelves and containers, but it seemed almost all of them were completely empty. Fallout 1 had tons of loot waiting to be swiped from shelves, but someone must’ve decided that was a little silly and cut down on it in Fallout 2. So then, what’s the point of having so many shelves? They encourage the player to explore, then offer no reward whatsoever most of the time.

Environments are boring and static

Fallout 3 went right off the rails, filling the world with tons of (gray) detail, none of which I could interact with. I was barely finished with the first settlement before I gave up on the game because of how empty it felt. Everywhere was detailed as though it were equally important, but most of it was static decorations. From what I’ve seen, Fallout 4 is even worse.

Our graphical capabilities have improved much faster than our ability to actually simulate all the junk we’re putting on the screen. Hey, there’s a car! Can I get in it? Can I drive it? No, I can only bump into an awkwardly-shaped collision box drawn around it. So what’s the point of having a car, an object that — in the real world — I’m accustomed to being able to use?

And yet… a game that has nothing to do with driving a car doesn’t need you to be able to drive a car. Games are games, not perfect simulations of reality. They have rules, a goal, and a set of things the player is able to do. There’s no reason to make the player able to do everything if it has no bearing on what the game’s about.

This puts “realistic” games in an awkward position. How do they solve it?

One good example that comes to mind is Portal, which was rendered realistically, but managed to develop a style from the limited palette it used in the actual play areas. It didn’t matter that you couldn’t interact with the world in any way other than portaling walls and lifting cubes, because for the vast majority of the game, you only encountered walls and cubes! Even the “behind the scenes” parts at the end were mostly architecture, not objects, and I’m not particularly bothered that I can’t interact with a large rusty pipe.

The standouts were the handful of offices you managed to finagle your way into, which were of course full of files and computers and other desktop detritus. Everything in an office is — necessarily! — something a human can meaningfully interact with, but the most you can do in Portal is drop a coffee cup on the floor. It’s all the more infuriating if you consider that the plot might have been explained by the information in those files or on those computers. Portal 2 was in fact a little worse about this, as you spent much more time outside of the controlled test areas.

I think Left 4 Dead may have also avoided this problem by forcing the players to be moving constantly — you don’t notice that you can’t get in a car if you’re running for your life. The only time the players can really rest is in a safe house, which are generally full of objects the players can pick up and use.

Progression feels linear and prescripted

Ah, but the main draw of Portal is one of my favorite properties of games: you could manipulate the environment itself. It’s the whole point of the game, even. And it seems to be conspicuously missing from many modern “realistic” games, partly because real environments are just static, but also in large part because… of the graphics!

Rendering a very complex scene is hard, so modern map formats do a whole lot of computing stuff ahead of time. (For similar reasons, albeit more primitive ones, vanilla Doom can’t move walls sideways.) Having any of the environment actually move or change is thus harder, so it tends to be reserved for fancy cutscenes when you press the button that lets you progress. And because grandiose environmental changes aren’t very realistic, that button often just opens a door or blows something up.

It feels hamfisted, like someone carefully set it all up just for me. Obviously someone did, but the last thing I want is to be reminded of that. I’m reminded very strongly of Half-Life 2, which felt like one very long corridor punctuated by the occasional overt physics puzzle. Contrast with Doom, where there are buttons all over the place and they just do things without drawing any particular attention to the results. Mystery switches are sometimes a problem, but for better or worse, Doom’s switches always feel like something I’m doing to the game, rather than the game waiting for me to come along so it can do some preordained song and dance.

I miss switches. Real switches, not touchscreens. Big chunky switches that take up half a wall.

It’s not just the switches, though. Several of Romero’s maps from episode 1 are shaped like a “horseshoe”, which more or less means that you can see the exit from the beginning (across some open plaza). More importantly, the enemies at the exit can see you, and will be shooting at you for much of the level.

That gives you choices, even within the limited vocabulary of Doom. Do you risk wasting ammo trying to take them out from a distance, or do you just dodge their shots all throughout the level? It’s up to you! You get to decide how to play the game, naturally, without choosing from a How Do You Want To Play The Game menu. Hell, Doom has entire speedrun categories focused around combat — Tyson for only using the fist and pistol, pacifist for never attacking a monster at all.

You don’t see a lot of that any more. Rendering an entire large area in a polygon-obsessed game is, of course, probably not going to happen — whereas the Doom engine can handle it just fine. I’ll also hazard a guess and say that having too much enemy AI going at once and/or rendering too many highly-detailed enemies at once is too intensive. Or perhaps balancing and testing multiple paths is too complicated.

Or it might be the same tendency I see in modding scenes: the instinct to obsessively control the player’s experience, to come up with a perfectly-crafted gameplay concept and then force the player to go through it exactly as it was conceived. Even Doom 4, from what I can see, has a shocking amount of “oh no the doors are locked, kill all the monsters to unlock them!” nonsense. Why do you feel the need to force the player to shoot the monsters? Isn’t that the whole point of the game? Either the player wants to do it and the railroading is pointless, or the player doesn’t want to do it and you’re making the game actively worse for them!

Something that struck me in Doom’s E1M7 was that, at a certain point, you run back across half the level and there are just straggler monsters all over the place. They all came out of closets when you picked up something, of course, but they also milled around while waiting for you to find them. They weren’t carefully scripted to teleport around you in a fixed pattern when you showed up; they were allowed to behave however they want, following the rules of the game.

Whatever the cause, something has been lost. The entire point of games is that they’re an interactive medium — the player has some input, too.

Exploration is discouraged

I haven’t played through too many recent single-player shooters, but I get the feeling that branching paths (true nonlinearity) and sprawling secrets have become less popular too. I’ve seen a good few people specifically praise Doom 4 for having them, so I assume the status quo is to… not.

That’s particularly sad off the back of Doom episode 1, which has sprawling secrets that often feel like an entire hidden part of the base. In several levels, merely getting outside qualifies as a secret. There are secrets within secrets. There are locked doors inside secrets. It’s great.

And these are real secrets, not three hidden coins in a level and you need to find so many of them to unlock more levels. The rewards are heaps of resources, not a fixed list of easter eggs to collect. Sometimes they’re not telegraphed at all; sometimes you need to do something strange to open them. Doom has a secret you open by walking up to one of two pillars with a heart on it. Doom 2 has a secret you open by run-jumping onto a light fixture, and another you open by “using” a torch and shooting some eyes in the wall.

I miss these, too. Finding one can be a serious advantage, and you can feel genuinely clever for figuring them out, yet at the same time you’re not permanently missing out on anything if you don’t find them all.

I can imagine why these might not be so common any more. If decorating an area is expensive and complicated, you’re not going to want to build large areas off the critical path. In Doom, though, you can make a little closet containing a powerup in about twenty seconds.

More crucially, many of the Doom secrets require the player to notice a detail that’s out of place — and that’s much easier to set up in a simple world like Doom. In a realistic world where every square inch is filled with clutter, how could anyone possibly notice a detail out of place? How can a designer lay any subtle hints at all, when even the core gameplay elements have to glow for anyone to pick them out from background noise?

This might be the biggest drawback to extreme detail: it ultimately teaches the player to ignore the detail, because very little of it is ever worth exploring. After running into enough invisible walls, you’re going to give up on straying from the beaten path.

We wind up with a world where players are trained to look for whatever glows, and completely ignore everything else. At which point… why are we even bothering?

There are no surprises

Realistic” graphics mean a “realistic” world, and let’s face it, the real world can be a little dull. That’s why we invented video games, right?

Doom has a very clear design vocabulary. Here are some demons. They throw stuff at you; don’t get hit by it. Here are some guns, which you can all hold at once, because those are the rules. Also here’s a glowing floating sphere that gives you a lot of health.

What is a megasphere, anyway? Does it matter? It’s a thing in the game with very clearly-defined rules. It’s good; pick it up.

You can’t do that in a “realistic” game. (Or maybe you can, but we seem to be trying to avoid it.) You can’t just pick up a pair of stereoscopic glasses to inexplicably get night vision for 30 seconds; you need to have some night-vision goggles with batteries and it’s a whole thing. You can’t pick up health kits that heal you; you have to be wearing regenerative power armor and pick up energy cells. Even Doom 4 seems to be uncomfortable leaving brightly flashing keycards lying around — instead you retrieve them from the corpses of people wearing correspondingly-colored armor.

Everything needs an explanation, which vastly reduces the chances of finding anything too surprising or new.

I’m told that Call of Duty is the most popular vidya among the millenials, so I went to look at its weapons:

  • Gun
  • Fast gun
  • Long gun
  • Different gun

How exciting! If you click through each of those gun categories, you can even see the list of unintelligible gun model numbers, which are exactly what gets me excited about a game.

I wonder if those model numbers are real or not. I’m not sure which would be worse.

Get off my lawn

So my problem is that striving for realism is incredibly boring and counter-productive. I don’t even understand the appeal; if I wanted reality, I could look out my window.

Realism” actively sabotages games. I can judge Doom or Mario or Metroid or whatever as independent universes with their own rules, because that’s what they are. A game that’s trying to mirror reality, I can only compare to reality — and it’ll be a very pale imitation.

It comes down to internal consistency. Doom and Team Fortress 2 and Portal and Splatoon and whatever else are pretty upfront about what they’re offering: you have a gun, you can shoot it, also you can run around and maybe press some buttons if you’re lucky. That’s exactly what you get. It’s right there on the box, even.

Then I load Fallout 3, and it tries to look like the real world, and it does a big song and dance asking me for my stats “in-world”, and it tries to imply I can roam this world and do anything I want and forge my own destiny. Then I get into the game, and it turns out I can pretty much just shoot, pick from dialogue trees, and make the occasional hamfisted moral choice. The gameplay doesn’t live up to what the environment tried to promise. The controls don’t even live up to what the environment tried to promise.

The great irony is that “realism” is harshly limiting, even as it grows ever more expensive and elaborate. I’m reminded of the Fat Man in Fallout 3, the gun that launches “mini nukes”. If that weapon had been in Fallout 1 or 2, I probably wouldn’t think twice about it. But in the attempted “realistic” world of Fallout 3, I have to judge it as though it were trying to be a real thing — because it is! — and that makes it sound completely ridiculous.

(It may sound like I’m picking on Fallout 3 a lot here, but to its credit, it actually had enough stuff going on that it stands out to me. I barely remember anything about Doom 3 or Quake 4, and when I think of Half-Life 2 I mostly imagine indistinct crumbling hallways or a grungy river that never ends.)

I’ve never felt this way about series that ignored realism and went for their own art style. Pikmin 3 looks very nice, but I never once felt that I ought to be able to do anything other than direct Pikmin around. Metroid Prime looks great too and has some “realistic” touches, but it still has a very distinct aesthetic, and it manages to do everything important with a relatively small vocabulary — even plentiful secrets.

I just don’t understand the game industry (and game culture)’s fanatical obsession with realistic graphics. They make games worse. It’s entirely possible to have an art style other than “get a lot of unpaid interns to model photos of rocks”, even for a mind-numbingly bland army man simulator. Please feel free to experiment a little more. I would love to see more weird and abstract worlds that follow their own rules and drag you down the rabbit hole with them.

Security advisories for Monday

Post Syndicated from ris original http://lwn.net/Articles/692021/rss

Arch Linux has updated flashplugin (multiple vulnerabilities), glibc (denial of service), lib32-flashplugin (multiple vulnerabilities), lib32-glibc (denial of service), and wget (code execution).

Debian has updated libxslt (three
vulnerabilities).

Debian-LTS has updated firefox-esr (multiple vulnerabilities) and horizon (cross-site scripting).

Fedora has updated expat (F23:
multiple vulnerabilities), GraphicsMagick (F23; F22:
multiple vulnerabilities), iperf3 (F23; F22:
denial of service), sudo (F22: information
leak), and wget (F22: code execution).

Gentoo has updated dhcpcd (denial of service), ffmpeg (multiple vulnerabilities), flash-player (multiple vulnerabilities), and php (multiple vulnerabilities).

openSUSE has updated Chromium (SPH for SLE12; Leap42.1; 13.2: multiple vulnerabilities),
flash-player (13.2; 13.1: multiple vulnerabilities), and poppler (Leap42.1: code execution).

Scientific Linux has updated ImageMagick (SL6,7: multiple vulnerabilities).

Friday’s security updates

Post Syndicated from n8willis original http://lwn.net/Articles/691814/rss

CentOS has updated firefox (C6; C5; C7: multiple vulnerabilities) and imagemagick (C6; C7:
multiple vulnerabilities).

Debian has updated drupal7
(privilege escalation).

Debian-LTS has updated imagemagick (buffer overflow) and kernel (multiple vulnerabilities).

Gentoo has updated nginx
(multiple vulnerabilities) and spice
(multiple vulnerabilities).

Mageia has updated expat
(M5: multiple vulnerabilities), flash-player-plugin (M5: multiple vulnerabilities), and virtualbox (M5: unspecified vulnerability).

openSUSE has updated wireshark (13.2, Leap 42.1: multiple vulnerabilities).

Oracle has updated ImageMagick (O7; O6:
multiple vulnerabilities).

Red Hat has updated flash-plugin (RHEL 5,6: multiple
vulnerabilities) and imagemagick (RHEL
6,7: multiple vulnerabilities).

Scientific Linux has updated firefox (SL 5,6,7: multiple vulnerabilities), kernel (SL6: multiple vulnerabilities), ntp (SL 6,7: multiple vulnerabilities), spice-server (SL6: multiple vulnerabilities), squid (SL6: multiple vulnerabilities), and squid34 (SL6: multiple vulnerabilities).

SUSE has updated ImageMagick
(SLE11: command execution), libxml2
(SLE11: multiple vulnerabilities), and ntp (SLE11: multiple vulnerabilities).

Adobe Update Plugs Flash Player Zero-Day

Post Syndicated from BrianKrebs original https://krebsonsecurity.com/2016/06/adobe-update-plugs-flash-player-zero-day/

Adobe on Thursday issued a critical update for its ubiquitous Flash Player software that fixes three dozen security holes in the widely-used browser plugin, including at least one vulnerability that is already being exploited for use in targeted attacks.

brokenflash-aThe latest update brings Flash to v. 22.0.0.192 for Windows and Mac users alike. If you have Flash installed, you should update, hobble or remove Flash as soon as possible.

The smartest option is probably to ditch the program once and for all and significantly increase the security of your system in the process. I’ve got more on that approach (as well as slightly less radical solutions ) in A Month Without Adobe Flash Player.

If you choose to update, please do it today. The most recent versions of Flash should be available from this Flash distribution page or the Flash home page. Windows users who browse the Web with anything other than Internet Explorer may need to apply this patch twice, once with IE and again using the alternative browser (Firefox, Opera, e.g.). Chrome and IE should auto-install the latest Flash version on browser restart (I had to manually check for updates in Chrome an restart the browser to get the latest Flash version).

For some reason that probably has nothing to do with security, Adobe has decided to stop distributing direct links to its Flash Player software. According to the company’s Flash distribution page, on June 30, 2016 Adobe will decommission direct links to various Flash Player downloads. This will essentially force Flash users to update the program using its built-in automatic updates feature (which sometimes takes days to notice a new security update is available), or to install the program from the company’s Flash Home page — a download that currently bundles McAfee Security Scan Plus and a product called True Key by Intel Security.

Anything that makes it less likely users will update Flash seems like a bad idea, especially when we’re talking about a program that often needs security fixes more than once a month.

Microsoft Patches Dozens of Security Holes

Post Syndicated from BrianKrebs original https://krebsonsecurity.com/2016/06/microsoft-patches-dozens-of-security-holes/

Microsoft today released updates to address more than three dozen security holes in Windows and related software. Meanwhile, Adobe — which normally releases fixes for its ubiquitous Flash Player alongside Microsoft’s monthly Patch Tuesday cycle — said it’s putting off today’s expected Flash patch until the end of this week so it can address an unpatched Flash vulnerability that already is being exploited in active attacks.

brokenwindowsYes, that’s right it’s once again Patch Tuesday, better known to mere mortals as the second Tuesday of each month. Microsoft isn’t kidding around this particular Tuesday — pushing out 16 patch bundles to address at least 44 security flaws across Windows and related software.

The usual suspects earn “critical” ratings: Internet Explorer (IE), Edge (the new, improved IE), and Microsoft Office. Critical is Microsoft’s term for a flaw that allows the attacker to remotely take control over the victim’s machine without help from the victim, save for perhaps getting him to visit a booby-trapped Web site or load a poisoned ad in IE or Edge.

Windows home users aren’t the only ones who get to have all the fun: There’s plenty enough in today’s Microsoft patch batch to sow dread in any Windows system administrator, including patches that fix serious security holes in Windows SMB Server, Microsoft’s DNS Server, and Exchange Server.

I’ll put up a note later this week whenever Adobe releases the Flash update. For now, Kaspersky has more on the Flash vulnerability and its apparent use in active espionage attacks. As ever, if you experience any issues after applying any of today’s updates, please drop a note about it in the comments below.

Other resources: Takes from the SANS Internet Storm CenterQualys and Shavlik.