So there's a lot of people sounding off on the HORRIBLE CONSEQUENCES of the net neutrality vote today, and I want to just drop some real-world knowledge on y'all so you don't sound like morons.
What the end of Net Neutrality DOES NOT mean
- "Now Twitter is going to start charging you a dollar per DM!"
Twitter could do that under the old rules. The endpoint can set whatever policy it wants.
- "You're not going to be able to see some content on your favorite website!"
Nope, doesn't mean that either. Again, that's an endpoint issue: The site decides what content you receive.
- "Nothing bad is going to happen!"
Really, you sweet summer child? You think this is just about traffic shaping to manage network congestion? News flash: It's NOT (your ISP can do that already).
What this is about is opening up a vast, untapped area of premium-service charges. In the long history of deregulating things and trusting companies not to fuck the customer "Nothing Bad Happened!" has never been the outcome. Don't expect a Christmas Miracle here folks - we ARE going to get fucked, it's just a question of when and whether there will be any lube.
So what DOES the end of Net Neutrality mean?
Basically it means the internet is about to suck as much as Cable TV does.
- Time Warner Cable can have a contract with Microsoft to favor Bing as their search engine
They may throttle Google to dial-up speeds so each page of results takes 3-5 seconds to load, or simply block all access to it.
If you prefer Google or DuckDuckGo don't worry: You can buy the Premium Search package for an extra $19.95/month.
- Comcast can have a contract with Breitbart to favor them over other news sites
Want to read the New York Times online? 56K speed.
Oh, you're going to Breitbart? Your bandwidth limits no longer apply - FULL THROTTLE FIREHOSE BABY!
- Cablevision is losing revenue because you're all going to Hulu and Netflix rather than using their On-Demand service
No problem – Easy Fix! Just tweak the traffic shaping and those pesky customers have enough bandwidth to view their Netflix listings, but streaming video isn't going to happen. It's OK you can get the same shows right from your cable box for only $2.99 per episode.
- Backbone providers can enter into these sorts of deals too
Your ISP is a small local business. They've got an OC-3 direct to a Level3 POP, and they've sworn up and down that they won't fuck with your traffic, so you're fine right? Nope: Level3 might fuck with theirs. Amazon is paying them a premium to prioritize their traffic over Walmart's, so one giant retail octopus is nice and speedy, and the other… not so much.
- Ads and Tracking? AbsoFUCKINGlutely!
You like using OpenDNS or Google's public DNS? Nah fam, you want AdNS - your ISP's proprietary DNS that redirects every NXDOMAIN to this great ad company that is paying us $0.25 per impression. SO much better than being told "That domain does not exist" – instead you'll get free spyware. Or you can pay your ISP $24.99/month for the ability to use other DNS servers.
(ISPs have been doing this ad shit on their DNS servers for years, but now they can block your access to the competition.)
- Get your news from podcasts? Not anymore bud.
Because providers aren't required to treat all content equally anymore you might find your favorite podcasts blocked.
SSL will save us though right: They don't know WHICH podcast I'm downloading from that hosting platform! OK fine smartass: That whole platform is blocked unless you spend $49.95/month for our Podcast Plan. (This is an effective way of strangling new media and independent voices.)
- Run your own infrastructure? Life might start sucking for you… well sucking harder.
The Internet as we know it is based on the premise that all traffic is treated (mostly) the same, but that's no longer required. You may find that your connection to a customer is slow, and it's going to be difficult to pin down why: Is your ISP throttling it, or your customer's ISP, or is it a real network issue?
There's a lot more, but I'm writing this on my lunch break, so you'll have to be happy with what you got.
…and that's not a joke, it's how your design meetings should be starting.
A few days ago on Twitter someone asked a seemingly innocent question: "I'm writing a post on the failure of Stored Procedures as a platform. What, in your view, were the reasons they didn't work out?"
A lot of reasons were given: "They're hard to test" (They're not - your unit tests should be testing your database.), "They're not in git" (They should be - If they arent your revision control process is fucked because your database isn't controlled), "They're fundamentally unreadable and require exponentially more tacit knowledge aka are awful for new devs to understand" (They're not "fundamentally" anything, and if they're documented well any competent developer should be able to understand them), "They encourage silos where DBAs say no." (This is a people problem: Your process doesn't facilitate understanding between your DBAs and the rest of your team).
Continue reading "A developer, a sysadmin, and a DBA walk into a conference room…"
Some folks even came up with what I would argue are good reasons, like "Badly written stored procedures don't scale well" (which is true: If your stored procedures involve lots of processing overhead the DB server becomes a processing bottleneck, which is a Bad Thing), and "It's an additional moving part in the system" (generally something to avoid, unless that moving part is the simplest solution to a problem).
I was all set to have a friendly difference of opinion on this issue until I saw this blog post, which starts out great and quickly goes off the rails into the weeds and starts eating slugs with the DevOps "we don't need no stinkin' sysadmin/DBA" children.
So now you get a rant about why you still need a Developer, a Sysadmin, and a DBA.
Back in April some jackass promised that there would be a follow-up post about migrating bsd-box.net to use the LetsEncrypt CA.
Oh right, that was me.
As usual life interfered, but here's the followup: The bsd-box.net server has been replaced with a shiny new machine, LetsEncrypt is still my CA of choice for this system, and a bunch of other things have changed. More below the jump.
Continue reading "A new server, and a few more words about LetsEncrypt."
Most if not all readers of my blog are probably aware of the Lets Encrypt project, which officially exited Beta this month.
For those of you not familiar with it, the basic premise is "It's the goddamn 21st century, and there is no reason every website shouldn't be available over HTTPS. We're giving away certificates for free, and giving you an automated tool to acquire and renew them. You have no more excuses!"
Most of you also know I was originally quite skeptical of this project: I'm not a huge fan of trusting third-party programs with my cryptography, and I like to ensure that I'm maintaining control of the impotant bits (like private keys) at all times. The final implementation however appears to be well-designed and reasonably secure, enough so that I have used it for this year's certificate renewal on bsd-box.net.
Continue reading "A few words about Lets Encrypt"
What follows is a brief description of the Lets Encrypt process on FreeBSD: Its successes, its failures, and some thiings I may be submitting patches for in the near future.
Tom Limoncelli (yes, that Tom) recently wrote a blog post that came to my attention by way of Twitter in which he lamented his bank's scheduled downtime and the implications of routine "weekend work" in terms of an organization's respect for the time and work-life balance of its sysadmin staff.
This was posted the "Rants" section of his blog and is obvisouly ment to be taken as slightly tongue-in-cheek alongside the idea that every sysadmin in geekdom's creation would really rather be watching the Star Wars movie, but it's broadly representative of an attitude I've seen emerging more and more in our profession: That sysadmin work should be viewed as a 9-to-5 gig. I in turn ranted a little bit about that on Twitter, but I think it merits following up with a longer form discussion, so let's have a blog post before the end of the year!
Continue reading "The Problem of the 9-to-5 Sysadmin"