Storage

Level1Techs explains a few things about storage. Worth a look.

Advertisements

Nintendo’s Marriage

Nintendo was the first one among the gaming console companies to enforce strict quality and content controls on games for their platform. Perhaps they saw what happened to other manufacturers that had a more promiscuous approach. When 9 out of 10 games are terrible, people start thinking that there’s something wrong with the platform.

Apple took the same approach with the iPhone. Initially banning 3rd party apps completely, and suggesting that 3rd parties create specially crafted HTML pages just for iPhone. It did not take long before this rule was relaxed, but at least Apple kept some control of their platform by having all apps go through a (shallow) vetting procedure, and ultimately having the ability to pull the app entirely.

In the IP video industry, the VMS companies used to demand that people selling the software were certified. The two primary reasons were that a) it produced a decent revenue, and b) idiots selling your software may tarnish your reputation through no fault of the manufacturer.

Prior to IP video cameras, most installations were pretty straightforward. The challenges were in getting the right coverage, pulling the cables neatly and mounting the cameras properly. Any old electrician understood that when you connected the coax camera to “input 1”, the video from that camera would emerge on the corresponding spot on the monitor. If something happened, you’d eject the tapes, push in some new ones, and that was it.

Getting an IP video infrastructure set up properly is an entirely different ballgame. You still have to pull cables, and mount cameras, but on top of that, you have to deal with a whole host of new problems. You have to keep the OS up-to-date, you have to keep the camera firmware up-to-date, you have to verify that security protocols are adhered to (no “123456” passwords), and if something happens, you have to navigate an often confusing and complex UI that offers 3 different ways to get your footage out of the system. Most of these tasks are trivial to maintain for people who are used to the quirks and understand the meaning of every term, but the majority do not.

If you’re dealing with larger installations, you’re often trying to integrate the VMS with existing equipment, and sometimes you’re asked to make it fit within existing IT policies, which makes things an order of magnitude more interesting. You’re also dealing with people in a position of authority, that arbitrarily demand various things (some possible, some not, some that make sense, some that do not).

As a consultant, I advise people against things I think are counter-productive, unfeasible or impossible. If they still insist on going down some rabbit hole, I will happily go there, knowing that they are paying by the hour. But not everyone is fortunate enough to make that trade.

You could say that I am a kind of prostitute; Naturally, I want repeat clients, so unless the services requested are too crazy, I’ll oblige. I am not offended by any suggestion, but I reserve the right to just say no.

In many cases, though, it’s more like a marriage. And just like in a marriage,. the vendor and the partner must establish and maintain trust between one-another. Without trust, the marriage will not last long, or it will be a long nightmare for both parties. Trust is not limited to “not, technically, lying” (as opposed to straight up lying), it’s also about sharing expectations, plans, ideas, and being honest about what can’t and what won’t happen.

Good marriages also seem to include some sort of equal give and take between the partners; you do the dishes, I’ll do the laundry.

And this is where marriages get tricky. If I mess up the laundry every single time, break the dishes when I try to fill the washing machine, cause water damage to the floors when I mop, then we need to divide the tasks so that I take on tasks that I am qualified to take on. But what if I am not really good at any task? Or at least, not good at any relevant task? Or, perhaps I am confident that I am cooking a mean mac and cheese, but the reality is that it is bland and mushy and gives people constipation.

In a relationship that is too lopsided, one partner will eventually get fed up and leave. And it’s hard for me, then, to gauge whether the mac and cheese is truly terrible, or if it was just something mean and offensive the ex-wife threw in my face. I may, tragically, not learn a single thing from this endeavor.

id-100100980

And so you may encounter people who disables the storage drive through the windows disk manager, and then complain about poor performance. They may not understand how networks work, and demand changes that are time-consuming but will never improve the performance. Naturally, they will complain when they realize this to be true. They may consistently provide false, misleading information regarding behavior and version numbers, and fail (intentionally?) to provide the diagnostic logs to support their claims, and so on. They’re breaking the dishes, shrinking your favorite shirt, and causing water damage.

In those situations, there’s nothing wrong with sitting down, looking each other deep in the eyes, and agree to part ways. Rather than staying in an abusive relationship where backstabbing and offensive slurs are the order of the day.

Nintendo and Apple carefully vetted who they married; setting up strict requirements for those who were allowed into the walled garden. You had to prove that you were a good match, and that you wouldn’t tarnish the reputation of either of them. If you can’t find a good match, then give up, it’s always better to abstain than to settle.

Today, it is not in vogue to be such a snob. Promiscuity is all the rage. Have thousands of connections with semi-random people on social media is the norm. Getting into bed with every conceivable partner is a virtue.

And perhaps that’s why there’s so much shit out there today.

 

 

GDPR

IANAL

When EU makes laws (or any government entity, really), it’s a trial and error process. Traffic laws are simple. If you’re allowed to drive at 50 km/h, then driving 49 km/h is OK, driving 51 km/h is not. Social laws are much more complex. Tax law has become a massive pile of spaghetti filled with bugs that allow some entities to pay very little, and other entities to pay a lot.

The General Data Protection Regulation is an attempt to protect the privacy of citizens of the EU. Companies are not allowed to covertly collect massive amounts of information about people; they must inform the user, and they must delete personal information if asked to do so.

From the EU’s FAQ on the topic, you can find this passage

What constitutes personal data?
Any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.

Added emphasis.

It seems to me that EU is thinking about companies like Facebook, Google and just about every other company that collects massive amounts of data about their users.

Most video surveillance systems are not capable of tracking people around the store, let alone recognize the same user as they visit the store on different days. Naturally, if you have this wonderful technology deployed, and you are actually identifying people in the feed, I believe that you might have to take a much closer look at GDPR and start posting notes and ask for consent (in clear language).

As I understand it, if regular video surveillance is in effect, you need to post information about this (you already are), and probably be able to document your retention policies if anyone asks.

Granted, if you start building cases about people, where you are collecting clips and images, then you def. need consent.

Adding a bit of Gaussian blur to the faces of people (when displayed in the client) is simply irrelevant in relation to GDPR. If you are storing the information, you have to inform and get consent.

I harbor no illusions that slick salespeople won’t try to use these new laws as a way to sell more snake-oil. I am also pretty certain that you’ll hear unverified anecdotes about companies that were fined because they did not blur the faces in the viewer application.

So, post a sign that says “video is recorded and kept for 30 days” and you’re good. But you have to actually abide by it. If you perform analytics (poor you), track people, correlate purchases and arrival times to POS readouts, then you have to post that too.

In Denmark, they’ve already announced that because this is such a complicated issue (mostly due to charlatans spreading FUD), they will be very lenient with non-compliance unless it is an intentional violation of the rules (e.g. a standard VMS running a 2 week loop in a store is not going to be fined for not posting a consent form at the door).

 

 

Video Database Replication

Video Surveillance Databases are special. They are written to constantly, they are rarely read from, and the index is very simple (just a timestamp as the key). There’s no reason – really – to use anything fancy, certainly not SQL server.

I recently saw a marketing blurb for an expensive and cumbersome storage system that integrated to a VMS. It touted that the VMS had a “proprietary database highly optimized for video storage”. I guess “it uses the file system” did not sound fancy enough.

The entertaining puffery was uncovered as I was looking into the feasibility of geo-redundancy for a partner. Basically, they were looking for a fully mirrored backup system: If the primary site was to vanish, the backup site would take over, with all recorded data being readily available.

Database replication is nothing new; but typical database replication systems assume that you have a much higher outbound throughput than inbound. You may have a database with 2 million records, and if you add 1000 records per day, you’ll need those new records to propagate to the replication sets in your cluster – challenging, but a problem that has been solved a thousand times.

Video data is very different; its a constant torrent of data streaming into the system, and once in a while someone pulls out a few records to look at an incident. If the database uses the file system for its blocks, it’s almost trivial to provide replication. Just make sure the directory on the backup site looks identical to the one on the primary. This can be done with a simple rsync on Linux.

Another option is to use the Distributed Replicated Block Device (DRBD). This (Linux) tool allows you to create a drive that is mirrored 1:1 across a network. In other words, as files are written or changed, the exact same thing will happen on the backup drive. A Windows version appears to exist as well.

Surely, a better solution is to have the VMS be able to determine what files are most valuable, and push them to the remote site first. It might even chose to not mirror files that provide no value (zero motion files for example), or send a pruned version of the files to the backup system.

Depending on the sensitivity of the data, a customer might chose to extend/replicate their storage to the cloud. The problem here is that the upstream bandwidth is often limited, and thus in those cases a prioritization of the data is certainly needed.

Happy replicating…

 

 

My Bitcoin Problem

I didn’t get enough of them…. ?tulip-fever-movie-poster-e1505608260306

Back in the good old days, Hikvision NVRs part of an exploit that was used to mine Bitcoin, naturally, that was back when Bitcoin was used primarily to buy heroin and weapons via the darknet. Today, though, everyone and their dog is buying bitcoin like it was pets.com shares ca 2001,  and the hardware needed to mine coins today is a million times more powerful than a cheapo NVR.

First things first; why do we need “currency”. I think it’s worth revisiting the purpose, before moving on. Basically, “currency” is a promise, that someone (anyone) will “return the favor” down the line. In other words, I mow your lawn, and you give me an IOU, which I trade for some eggs at with the local farmer. The farmer then trades the IOU for getting picket fence painted by you (you then tear up the IOU).

Instead of crude IOU’s, we convert the work done into units of currency, which we then exchange. Mowing a lawn may be worth 10 units while doing the dishes is worth 5. In the sweet old days, the US had many different currencies, pretty much one per state. They served the same purpose. To allow someone to trade a cow for some pigs and eggs, some labor for food, food for labor and so on.

But pray tell, what politician, and what banker would not love to be able to issue IOUs in return for favors, without actually ever returning them?

Since politicians and bankers run the show, naturally, the concept got corrupted. Politicians and banks started issuing IOUs left and right, which basically defrauded you of your work. When you mowed the lawn on Monday, you would expect that you could exchange the IOU for a lawn mowing on Friday, but with politicians producing mountains of IOUs, you suddenly find that the sweat off your brow on Monday only paid for half the work on Friday.

This is classic inflation.

By the same token, it would be one hell of an annoyance if you mow my lawn on Monday, and now, to repay you, I would have to not only mow your damn lawn, but also paint your fence on Friday.

This is classic deflation.

What you want is a stable, and fair currency. That work you do on Monday can be exchanged for an equal amount of work on Friday.

You can then wrap layers of complexity around it, but at its core, the idea is that money is a store of work, and that store should be stable.  The idea that we “need 2% inflation” is utter nonsense. In a democracy, the government can introduce a tax on cash equivalent holdings if the voters so desire. This would be more manageable and precise than senile old farts in central banks trying to “manage inflation” by purchasing bonds and stock, with the predictable side effect that it props up sick and useless companies. The idea that you can get work done by just shuffling some papers around is an abomination in my book.

Bitcoin is an attempt at creating a currency that can’t be manipulated by (presumably corrupt or incompetent) politicians and bankers, but I think they’ve gone far, far away from that idea.

The people who are engaging in bitcoin speculation are not doing it because they want a fair and stable store of work (having discarded traditional fiat currency as being unstable and subject to manipulation). Instead, they do it, because, in the speculative frenzy, bitcoin is highly deflationary. You can get a thousand lawns mowed on Friday for the lawn you mowed on Monday. As a “stable currency”, Bitcoin has utterly failed. And we’re not even discussing the transaction issues (200K back-logged transactions, and a max of 2000 transactions every 10 minutes).

This happens because bitcoin is not a currency at all. It’s a simply the object underpinning a speculative bubble. And as it happens with all bubbles, there are people who will say “you don’t understand why this is brilliant, you see… ” and then a stream of illogical half-truths and speculation follows. People share stories about how they paid $100 for a cup of coffee 12 months ago when they used bitcoin to pay for it. But a cup of coffee in dollars cost about the same as it did 12 months ago, so while the dollar is being devalued by very mild inflation, and thus a much more stable store of work, bitcoin is promising free lunches for everyone.

People, for the most part, take part in this orgy with the expectation that at some point, they will settle the score for real currency – real dollars. Very few (and I happen to know one) will keep them “forever” on principle alone.

Furthermore, I don’t see any reason why the Bitcoin administrators wouldn’t just increase the self-imposed 21 million coin limit to 210 million of 2.1 billion coins. They already decided to create a new version, called Bitcoin Cash that essentially doubled the amount of bitcoin. That and the 1300 other cryptocurrencies out there makes it hard for me to buy into the idea that there is a “finite number of coins”. Not only that, to increase transaction speed to something useful, they are going to abandon the blockchain security, opening up for all sorts of manipulation (not unlike naked short selling of stock etc.)

And let’s not forget that before Nixon, the civilized world agreed to peg currencies to gold (a universal currency that could not be forged). In 1973, Nixon removed the peg from the US dollar and since then the number of dollars has exploded, and the value has dropped dramatically. In other words, what was a sure thing pre-1973, was suddenly not a sure thing.

This is not investing advice. You might buy bitcoin (or other crypto-“currencies”) today, and make 100% over the next few weeks. You might also lose it all. I would not be surprised by either.

 

Net Neutrality

You can’t be against net neutrality, and, at the same time, understand how the Internet works.

There is no additional cost to the IPS to offer access to obscure sites; it’s not like a cable package where the cable provider pays a fee to carry some niche channel that no-one watches.

Basically, net neutrality means that the ISP has to keep the queues fair; there are no VIP lanes on the Internet. Everyone gets in the same line, and are processed on a first come, first served basis. This is fundamentally fair. The business class traveler may be angered by the inability to buy his way to the front of the line (at the expense of everyone else), but that’s just tough titties.

It’s clear that not everyone has the same speed on the Internet; I live in an area where the owners association decided against having fiber installed, so I have a shitty (but sufficient) 20/2Mbit ADSL connection. My friend across the bridge, in Sweden, has a 100/100Mbit at half the cost. But that has nothing to do with net neutrality.

If my friend wants to access my server, my upstream channel is limited to 2 Mbit per second. This is by my choice, I can choose to host my server somewhere else, I could try to get a better link and so on, but basically, I decide for myself who, and how much I want to offer. There are sites that will flat out refuse to serve data to certain visitors, and that’s their prerogative.

However, with net neutrality removed, my site may get throttled or artificially bottlenecked to the point where people just quit visiting my site. I would have to deal with several ISP’s and possibly have to pay them a fee to remove the cap. If the site is not commercial* I may not have the funds to do that. I may not be aware that an ISP is throttling my site into oblivion, or even be offered an option to remove the cap.

Clearly, ending net neutrality is not the end of the world. Guatemala and Morroco are two examples of countries w/o net neutrality. In Morroco, the ISPs decided to block Skype, since it was competing with their (more profitable) voice service, so that might give you a hint of what’s to come. They did complain to the King when the ISPs went too far though.

Naturally, fast access to Facebook LinkedIn and Snapchat might be cheaper, and probably all you care about if you’re against NN.

With cloud-based IP video surveillance starting to become viable, this might prove to be another, unpredictable cost of the system. Some ISPs already take issue with you hosting a web server via your retail connection. And they go out of their way to make it difficult for you to do so: Changing your IP address every 4 hours and so on. This is to push you into a more expensive “business plan”, where they simply disable the script that changes your IP. I think it is safe to assume that if you’re streaming 30 MBit/s 24/7 to an Amazon data center, the ISP will eventually find a way to make you pay. And pay dearly. Once you’ve hooked your entire IP video surveillance system into the cloud, what are you going to do? Switch to another ISP? #yeahright

I guess the problem is that the ISP business model used to be to sell the same bandwidth 100 times over. Now that people are actually using the bandwidth, that model falls apart, and the ISPs need other means to make sweet sweet moolah. And that’s their nature and duty. But why cheer them on?

*In the early days, commercial activity on the Internet was banned.

 

HomeKit Flaw

https://9to5mac.com/2017/12/07/homekit-vulnerability/

Does this vulnerability shipping mean you shouldn’t trust HomeKit or smart home products going forward? The reality is bugs in software happen. They always have and pending any breakthrough in software development methods, they likely always will. The same is true for physical hardware which can be flawed and need to be recalled. The difference is software can be fixed over-the-air without a full recall.*

*Unless it’s a Chinese IP camera, then all “mistakes” are deliberate backdoors put in place by the government.