Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Xen Master [C&C warning]



On 06/05/2015 01:30 PM, Stephen J. Turnbull wrote:
I don't think there are any.  Xen is not for dummies (that's why
VirtualBox exists).  You're not a dummy, but if you're not willing to
invest the time to Grokken der Jargonisch, perhaps it's time to hire a
subcontractor, or take on a (limited stake?) partner.
Yeah, I don't think I'm a dummy, either, but the guys who put together the Xen Wiki write in the same "organized" way those cats on You Tube chase after laser pointer dots, running around trying to catch the shiny and ignoring the lines on the floor. There is no hierarchical organization to the text that starts from an overall picture and follows logic flow down through specific decision levels. And they don't seem to feel as though it is necessary to use regular English to do it (just so we all know what kewl smart guys they are). I'd _really_ benefit from a logic map, at the very least, and a crib sheet of which names are call functions / activities and which are separate add-on programs / routines. It's like someone picked up all of the paper on the table, smooshed it into one big ball, then posted the ball.

  > 1.  Which files to download.
  > 2.  How to configure them.

This is nontrivial if security is a concern.
Security is ... and it is one of those things that will probably be cited as a major reason Windows versions after WIN 7 will get pulled from / not installed on a greater number of government-owned PCs (not just in the US, but a lot of the allied nations). M$ has become one of the new needy, exchanging your agreement to let them do more background data collection on your activities for access to features. Hardening tricks that used to just work now cause all sorts of video, memory, and device call errors that are just too big a PITA to chase with every recompile and "upgrade" (sic) -- compounded by the fact that someone has programmed in a 5-second post-then-erase timer for error messages and rendered them un-copyable (so you have to commit the same error 5~10 times to write down the complete address of the error, and some errors change address with every commit). The knowledge pool for workarounds isn't growing as fast as it has with other rollouts and I am not the only one concerned by the fact that backward compatibility of proven solutions seems to be severely compromised -- at least, so far. That's not going to fly with any number of organizations, even in the new non-NSA wiretapping future.

So far, I really feel as though I am computing while not wearing pants when I use the Windows 10 IP. Windows 10 is, so far, the equivalent of driving around the neighborhood in a car with a rusted out muffler, the windows rolled down, and ZZ Top playing at 11. Strangely enough, I am going nowhere near any site I can normally go to in one of my other, older O/S machines out of fear of being followed. Project Spartan is pretty, but doesn't provide enough proof that it is protecting your privacy ... nor can I find anything that assures me that using a different browser doesn't prevent the O/S from phoning home information that PS appears to be gathering, anyway.

Plus, Build 10130, running on a barenaked WIN 7 upgrade with no non-commercial privacy software installed, is doing a fine job of throwing the same mess of memory and video errors the previous ones were doing with assistance from me. I had to turn off PAE/NX and 3D video just to stop the screen from flickering and rewriting every second. But, the VirtualBox 16:9 video driver crashes after about three minutes and reverts to 4:3 choices. Tinkering with the Host setup provides no joy.

So ... my questions about changing virtualization options.

  > 3.  How to set up a guest / convert a .vdi.
  > 4.  How to make the contents of the guest seamlessly integrate as a
  > separate desktop within my Debian host environment.

No, you don't want to do that ...
Actually, you can pretty much make a Windows guest a clickable desktop that is secure enough for non-Top Secret (or non-higher) data exchange just using standard, off-the-shelf hardening tools. It's the more secure stuff that causes problems ... and more and more information is being rated more secure, which is also contributing to more non-accounting PCs being ordered without WIN installed.

  > 5.  Whether the whole concept of "host" and "guest" is appropriate or
  > are Jessie and Windows BOTH guests of the base kernel.

... because any desktop should be a guest.  The host (ring 0) should
be as minimal as possible.
Cue Louis Armstrong singing "What a Wonderful World."  Yes.  Agree. Want.

  > ... and in English, if Sir pleases.

∲ (L dx + M dy) = ∬(∂M/∂x - ∂L/∂y) dx dy
Really? This is your best shot? Page 14 of the Goldman-Sachs "100 Ways to Amuse a First-Year Trader" book? How derivative.

er ... sorry, just thinking out loud in my native language. ;-)
Guamanian?

  > Windows 10 Preview is throwing VirtualBox curves faster than Oracle can
  > fix them.

Do you have good reason to believe that Xen can bat against Windows
like Ichiro does?  If not, maybe you're better off waiting for Oracle
(or do you actually already have customers who matter who insist on a
preview version of Windows? are you sure you want them? -- I know you
know your business, but again, are you sure you want customers who
want reliability, security, and insist on a preview version of
Windows?!)
Yes ... and, No ... but I read it on the Internet, and a Really Smart Guy suggested looking into it. And Xen is reputed to be Way More Secure against currently known problems than VirtualBox.

Plus, I haven't had a chance to use the Home Empiricism set I got for Christmas and saw an opportunity.

Clients are not demanding anything ... yet, but that's because their IT guys won't let them run through the halls with scissors until the new scissors covers are designed, 3-D printed down in the IT Department, and rolled out to all users. But, it's Windows 10. It's new. it's shiny and middle managers will demand to be upgraded on 25 July. The servers won't change (Thank d.o.G); it's the access interface that will. There need to be adults conversant in the new toy's operations and prepared to handle the fallout.

  > And, given the QUEMM hack issues I keep reading have not yet been
  > fixed, I guess it's time to think about the meaning of the word
  > "alternatives."

I agree.  But that doesn't mean any of the alternatives are better,
let alone "good".
That's why there are crash test dummies. And, maybe, why I sometimes resemble one.

--
CL


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links