Comments for Aaron Toponce https://pthree.org Linux. GNU. Freedom. Sun, 13 May 2018 18:21:35 +0000 hourly 1 https://wordpress.org/?v=5.0-alpha-43006 Comment on New Email Signature by Atwora https://pthree.org/2009/04/18/new-email-signature/#comment-274360 Sun, 13 May 2018 18:21:35 +0000 http://pthree.org/?p=1034#comment-274360 Just Watch out for common problem with too many links in footer. It is commonly forbid by mailboxes robots to accept messages with too many links. And many companies stil try to place as many links to their offers / social media / etc. in footer messages as possible. Resulting in landing into a spam folder...obviously 😀

]]>
Comment on Adblockers Aren't Part Of The Problem- People Are by Trochetutrochetam https://pthree.org/2016/11/30/adblockers-arent-part-of-the-problem-people-are/#comment-274358 Sun, 13 May 2018 16:56:10 +0000 https://pthree.org/?p=4766#comment-274358 Yep, totally agree with you. On my websites / portals / blogs I deliver ads that are not aggressive or dont follow users screen. If someone counts on generating income from such huge attack of advertising just after someone enters their website are far from earning anything.
Yet, most of webmasters doesn't seem to understand it. Needles to say, that many of suspicious ads like "congratz you won XXXX billion dollars" may have malicious software uploaded alongside page load. such website is right after marked as insecure and a webmaster goes even lower on search results.

]]>
Comment on Bitcoin Mining Rate and Waste by Dozwiedzenia https://pthree.org/2016/01/30/bitcoin-mining-rate-and-waste/#comment-274357 Sun, 13 May 2018 16:51:19 +0000 https://pthree.org/?p=4520#comment-274357 There was a time where mining bitcoins was a good choice. So probably having a good hardware and a good source of electricity (cheap I mean) it would be still possible to get some good source of coins in averade period of time.
The problem is with the banks, that are reluctant to accepting bitcoins

]]>
Comment on Use A Good Password Generator by Michal from hp.pl https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-274356 Sun, 13 May 2018 16:47:02 +0000 https://pthree.org/?p=4976#comment-274356 To be honest never thought about it this way. Reffering to WordPress sites, I used brute-force protection provided by premium extensions and a key weification tool, that forbid using weak passwords. Whats more I blocked countries known from their source of common attacks and developed a policy of auto-ban repeating offenders.

I'm programist but need to escalate the topic. Thanks!

]]>
Comment on What About Interoperability? by Hotelepremium https://pthree.org/2008/06/08/what-about-interoperability/#comment-274336 Thu, 10 May 2018 22:53:36 +0000 http://pthree.org/?p=595#comment-274336 Each day they develop better drives for save disk space. Have you tried SSD? Maybe you should also consider better compression for files?

]]>
Comment on Cocytus by VisitON https://pthree.org/2008/06/13/cocytus/#comment-274335 Thu, 10 May 2018 22:41:43 +0000 http://pthree.org/?p=609#comment-274335 Greek mythology is fascinating. Especially, that nowadays we quite miss the great and interesting stories from the past. It influences tourist and makes them come more often to greece.

]]>
Comment on Use A Good Password Generator by Michael https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-274252 Thu, 03 May 2018 14:49:41 +0000 https://pthree.org/?p=4976#comment-274252 How about adding keepass to your chart

]]>
Comment on Linux Kernel CSPRNG Performance by Craig https://pthree.org/2016/03/08/linux-kernel-csprng-performance/#comment-274214 Sun, 29 Apr 2018 20:35:51 +0000 https://pthree.org/?p=4606#comment-274214 I suggest GPG add a user settable variable to adjust calculation of entropy depletion per byte read from /dev/random. Instead of

ee = ee - #bytes_read

use

ee = ee - #bytes_read / k

where
-- k is a settable ratio (secure_bytes_out / bytes_in)
-- bytes_in is the number of bytes used to initialize the CSPRNG
-- secure_bytes_out is the number of (consecutive) output bytes which can be leaked before security is compromised.

Currently k is implicitly one (1), which is the smallest possible value. Safe if enforced, but impractical and unsafe as it leads to admins bypassing the entropy estimate throttle using rnd-tools and reading from /dev/urandom or /dev/hwrnd. It leaves an opening for Java malware to call "SecureRandom" (which reads /dev/random) in a tight loop. Much better to have k set to 1024 which would (1) throttle the tight snoop loop (2) prevent use of /dev/random while it was in an unsafe externally known state (3) allow most normal usage cases without hanging or resorting to rnd-tools (4) if hanging did occur, it would be unusual and alert admin to possibility of snooping.

"The boy who cried wolf" springs to mind.

]]>
Comment on Why A Dark Blog Theme? by IT https://pthree.org/2007/04/05/why-a-dark-blog-theme/#comment-274186 Sat, 28 Apr 2018 07:42:13 +0000 http://www.pthree.org/2007/04/05/why-a-dark-blog-theme/#comment-274186 How the time is changing, Before 10 years Dark theme now Soft and white,

]]>
Comment on Use A Good Password Generator by xeni https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-274156 Wed, 25 Apr 2018 07:08:14 +0000 https://pthree.org/?p=4976#comment-274156 The more random and mixed-up you make it, the harder it is for others to crack. Mind you, if your password is compromised, the password crackers will even take over your identity.

I wrote an article on Best Passwords to use
http://quotidianotips.com/passwords/

]]>
Comment on Use A Good Password Generator by Conor https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-274148 Mon, 23 Apr 2018 20:48:39 +0000 https://pthree.org/?p=4976#comment-274148 Thanks for taking the time to conduct this research and then share it with the community!

I see LastPass and Dashlane in the spreadsheet, but not 1Password or Keeper. Any chance you'd consider reviewing them and adding them to the spreadsheet?

]]>
Comment on Use A Good Password Generator by Adrien https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-274144 Mon, 23 Apr 2018 18:53:44 +0000 https://pthree.org/?p=4976#comment-274144 For Server vs. Client Generation, you can use something like uMatrix for Firefox, and disallow any XHR for the page. In this case, the JavaScript can do a lot, but not communicate with a remote server.
Unless there is some unknown avoidance method I'm not aware of.

]]>
Comment on Use A Good Password Generator by guest https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-274143 Mon, 23 Apr 2018 16:28:00 +0000 https://pthree.org/?p=4976#comment-274143 1. Block range not used IP and system processes with firewall.
2. Track own internet connection, for example from with own router.
And from own computer.
You will see tightness firewall and which process use your internet.
3. If you can, use gpg key, this is password but longer.
GPG key can be stolen, but password also. You can enable the system notification if the key is used. But to make sense, you need to protect the system from editing system files.
4. If you can, keep track of when your password is used. Because password and key does not give safety. Security gives only the address when it can only be yours and when nobody can use your computer for use your address.
For example:
When you write in chat,
someone may impersonate a friend.
When you call to friend on the phone,
even if someone else takes over the phone you will recognize him, in a voice. Because usually you know his voice very good and often also from real life. From chat, if this is not with video and sound, what you will see ? Tahoma or other font, which use 1 billion people or more ?

]]>
Comment on Let's Talk Password Hashing by mGalli https://pthree.org/2016/06/28/lets-talk-password-hashing/#comment-273495 Thu, 15 Feb 2018 18:04:15 +0000 https://pthree.org/?p=4699#comment-273495 There is an error on the description of Argon2 algorithms. The Argon2i is more suitable for key derivations AND password hashing.

Page 3, Our Solution section of Argon2: the memory-hard function for password hashing and other applications. Please check the documentation here https://password-hashing.net/argon2-specs.pdf

"Argon2i uses data-independent memory access, which is preferred for password hashing and-based key derivation"

]]>
Comment on ZFS Administration, Appendix C- Why You Should Use ECC RAM by Marvin Glenn https://pthree.org/2013/12/10/zfs-administration-appendix-c-why-you-should-use-ecc-ram/#comment-273320 Tue, 30 Jan 2018 06:20:48 +0000 https://pthree.org/?p=3352#comment-273320 Please see comment #4 by Ivar and let me echo his sentiment. When the extra bit is only taken as a parity bit for a byte, you can only detect a single bit error, but not correct it. ECC looks at a piece of data larger than a byte and considers it against more than one extra bit. From that, it can detect and often properly correct errors in memory. But calling it 'parity' should be avoided as 'parity' is only really an "error detection code", not an "error correction code".

]]>
Comment on Convert Text To Base-64 By Hand by Benjamin Danek https://pthree.org/2011/04/06/convert-text-to-base-64-by-hand/#comment-273281 Wed, 24 Jan 2018 05:45:19 +0000 http://pthree.org/?p=1862#comment-273281 Awesome post, I can't help but wonder. During step 3 what's the theory behind adding the padding zeros to the end of the binary string? How does this not change the value of the binary?

]]>
Comment on Weechat Relay With Let's Encrypt Certificates by Kevin Otte https://pthree.org/2016/05/20/weechat-relay-with-lets-encrypt-certificates/#comment-273272 Mon, 22 Jan 2018 17:13:24 +0000 https://pthree.org/?p=4658#comment-273272 Leave just the copying commands in a script and specify that as the --post-hook in certbot when obtaining the cert. It will only be run when a renewal happens. I have a call to prosodyctl to copy certs in mine. I'll probably be adding weechat into this now as well.

]]>
Comment on Ivy League Theme For Mutt by Madelinelorene https://pthree.org/2008/10/22/ivy-league-theme-for-mutt/#comment-273249 Fri, 19 Jan 2018 11:30:46 +0000 http://pthree.org/?p=699#comment-273249 hello..!
Cma is a professional credential that can be earned in the advanced management accounting and financial . Become a cma and explore better accounting career opportunities cma classes in dubai read more
Thaank you.

]]>
Comment on Setting Up A Global Tor Proxy on Android with Orbot by Reggy https://pthree.org/2015/08/27/setting-up-a-global-tor-proxy-on-android-with-orbot/#comment-273242 Thu, 18 Jan 2018 15:07:14 +0000 https://pthree.org/?p=4283#comment-273242 PLEASE!! PLEASE!!.....

]]>
Comment on Setting Up A Global Tor Proxy on Android with Orbot by Reggy https://pthree.org/2015/08/27/setting-up-a-global-tor-proxy-on-android-with-orbot/#comment-273241 Thu, 18 Jan 2018 15:05:57 +0000 https://pthree.org/?p=4283#comment-273241 Why did I connect the Orbot network, then "Congratulations you connected to Tor network", But yellow is not green, is it the same? or not fully anonymous and still need additional settings? PLEASE HELP !! 🙁

]]>
Comment on ZFS Administration, Part I- VDEVs by Abdollah https://pthree.org/2012/12/04/zfs-administration-part-i-vdevs/#comment-273179 Thu, 11 Jan 2018 12:06:15 +0000 http://pthree.org/?p=2584#comment-273179 Is possible to mirror two raidz(1-3) together?
for example 4 drive raidz1 with name of pool1 mirrored with another 4 drive raidz1 with name of pool2?

]]>
Comment on Setting Up A Global SSH Proxy on Android with ConnectBot and ProxyDroid by Aaron https://pthree.org/2015/08/26/setting-up-a-global-ssh-proxy-on-android-with-connectbot-and-proxydroid/#comment-272963 Wed, 13 Dec 2017 19:29:15 +0000 https://pthree.org/?p=4254#comment-272963 Thanks for this, ProxyDroid is what I needed. That Firefox plugin approach was giving me trouble.

]]>
Comment on Appropriate Use Of "kill -9 " by dubailife https://pthree.org/2012/08/14/appropriate-use-of-kill-9-pid/#comment-272851 Fri, 01 Dec 2017 15:29:07 +0000 http://pthree.org/?p=2004#comment-272851 VIP UAE Girls Find VIP Dubai escorts online today at bunnies listing. Enjoy the elite hot girls company

]]>
Comment on Let's Talk Password Hashing by RB https://pthree.org/2016/06/28/lets-talk-password-hashing/#comment-272850 Fri, 01 Dec 2017 08:13:03 +0000 https://pthree.org/?p=4699#comment-272850 I would love to hear the thoughts on using HMAC v/s these hash functions of a cost factor leading to .5 seconds for password verification. Sure there is a risk of HMAC key compromise, but those risks can be mitigated by rotating the HMAC key often. Also as this operations will be totally CPU bound, what is the cost for password hash creation and verification and computation power needed. There are other attack scenarios where an adversary can DOS the systems by sending multiple bad passwords. So many more compensatory controls need be thought through and built if we an organization decides to use high cost factor hash functions.

]]>
Comment on Weechat Relay With Let's Encrypt Certificates by K1NZ https://pthree.org/2016/05/20/weechat-relay-with-lets-encrypt-certificates/#comment-272527 Tue, 31 Oct 2017 18:00:46 +0000 https://pthree.org/?p=4658#comment-272527 Thanks for this guide! Also, I did nick:nick (using a colon instead of a period) in the chown command.

Alex, thanks for the tip! Only one issue. Weechat doesn't like the ! in your command. I added
echo '*/relay sslcertkey' >~/.weechat/weechat_fifo
to the end of my shell script that does the copying of the certificates so now everything happens automagically!

73,
Nick K1NZ

]]>
Comment on Manual Authenticated File Encryption With OpenSSL by Marcus https://pthree.org/2016/02/27/manual-authenticated-file-encryption-with-openssl/#comment-272289 Mon, 09 Oct 2017 10:42:05 +0000 https://pthree.org/?p=4582#comment-272289 It is much worse!!
I used aes-256-gcm to encrypt offline backups and that worked until after a "yum update" on a CentOS 7 system. Starting today it does not work and I cannot decrypt the offline backups.
The current (not working) openssl version is openssl-1.0.2k-8.el7.x86_64 while the previous (working) version is openssl-1.0.1e-60.el7_3.1.x86_64.

]]>
Comment on Time Based One Time Passwords - How It Works by Kevin Irías https://pthree.org/2014/04/15/time-based-one-time-passwords-how-it-works/#comment-272167 Mon, 02 Oct 2017 16:36:12 +0000 https://pthree.org/?p=3572#comment-272167 Thanks for the clear explanation. It is really useful to understand better how we can implement such a great algorythms without need of third party applications.

]]>
Comment on ZFS Administration, Part III- The ZFS Intent Log by Nawang Lama https://pthree.org/2012/12/06/zfs-administration-part-iii-the-zfs-intent-log/#comment-272070 Tue, 26 Sep 2017 16:12:27 +0000 http://pthree.org/?p=2592#comment-272070 Hi Aaron,
We are looking for some kind performance tunning in ZFS. So will you be able to help us to do so. If yes please mail me at nawang81@gmail.com or share me your email address.

]]>
Comment on More ZSH Prompt Love by Shellcat-Zero https://pthree.org/2009/10/14/more-zsh-prompt-love/#comment-272036 Sun, 24 Sep 2017 06:23:22 +0000 http://pthree.org/?p=1148#comment-272036 The VCS feature appears to be broken, I never get any version control information in the prompt when navigating through repositories.

]]>
Comment on Weechat Relay With Let's Encrypt Certificates by Alex https://pthree.org/2016/05/20/weechat-relay-with-lets-encrypt-certificates/#comment-272020 Fri, 22 Sep 2017 21:25:57 +0000 https://pthree.org/?p=4658#comment-272020 Hey! Firstly, thanks a lot of this! I was looking for this exactly and your post was great!

A suggestion for reloading would be to use the weechat fifo with something like:

echo '*/relay sslcertkey!' >~/.weechat/weechat_fifo

]]>
Comment on Password Attacks, Part I - The Brute Force Attack by Derrick https://pthree.org/2013/04/16/password-attacks-part-i-the-brute-force-attack/#comment-271996 Wed, 20 Sep 2017 12:29:42 +0000 http://pthree.org/?p=3038#comment-271996 "NIST approved SHA3 algorithms"

Isn't "NIST approving" the algorithm a blatant red flag?

]]>
Comment on Colorful Passphrases by Carlos Melero https://pthree.org/2017/09/15/colorful-passphrases/#comment-271962 Sun, 17 Sep 2017 02:25:05 +0000 https://pthree.org/?p=4872#comment-271962 Hi! I'm the author of UnicornPass, thank you for mentioning my extension!

Time to update my local copy of your generator 😛 I wonder if it will help me remember new passwords

]]>
Comment on Encrypted Mutt IMAP/SMTP Passwords by Chris Hilton https://pthree.org/2012/01/07/encrypted-mutt-imap-smtp-passwords/#comment-271885 Fri, 08 Sep 2017 15:34:07 +0000 http://pthree.org/?p=2183#comment-271885 Oops, that should have read:
cat <<EOF | gpg -r my_gpg_id -e -
set imap_pass="my_password"
set smtp_pass="my_password"
EOF

]]>
Comment on Encrypted Mutt IMAP/SMTP Passwords by Chris Hilton https://pthree.org/2012/01/07/encrypted-mutt-imap-smtp-passwords/#comment-271884 Fri, 08 Sep 2017 15:32:38 +0000 http://pthree.org/?p=2183#comment-271884 This keeps your password out of the filesystem:

cat <<EOF | gpg -r -e -
set imap_pass=""
set smtp_pass=""
EOF

Have a good day!

]]>
Comment on Analysis of RIPEMD-160 by Maxim https://pthree.org/2014/05/02/analysis-of-ripemd-160/#comment-271863 Tue, 05 Sep 2017 18:14:28 +0000 https://pthree.org/?p=3629#comment-271863 SHA-1 is broken... ))

]]>
Comment on ZFS Administration, Appendix C- Why You Should Use ECC RAM by Klaus https://pthree.org/2013/12/10/zfs-administration-appendix-c-why-you-should-use-ecc-ram/#comment-271767 Mon, 28 Aug 2017 16:21:18 +0000 https://pthree.org/?p=3352#comment-271767 @Daryl: The first DDR4 modules on the market had ECC. Non-ECC-DDR4-RAM appeared later on the market. That probably explains the (false) rumor that "DDR4 has better error handling than DDR3". Plus, there are numerous articles on the web which "prove" the increased reliability of DDR4-RAM (with ECC) by comparing it to DDR3-RAM...without ECC. Yep. Very funny.

I do not yet know how DDR4 compares to DDR3 regarding reliability. However, we do know that DDR3 was more reliable than DDR2-RAM. The Google report to which the article refers showed high error rates in DDR2-RAM. Note that at this time Google also did not replace RAM which began to show correctable errors - no wonder you see higher error rates when you decide to keep your failing RAM in use. Also note that Google used non-standard memory modules which were, according to the specs, incompatible with the mainboards (they worked in real life, of course, but possibly less reliably than standard modules).

Back to DDR4: DDR4-RAM can *optionally* have a "Write CRC" feature which can detect errors occurring on the bus when data is written to the RAM (the host could then retry the data transmission). However, this optional feature will, AFAIK, not be present on non-ECC-DDR4-RAM.

]]>
Comment on The Sheer Size of IPV6 by Fanyit https://pthree.org/2009/03/08/the-sheer-size-of-ipv6/#comment-271679 Wed, 23 Aug 2017 07:27:19 +0000 http://pthree.org/?p=973#comment-271679 ipv6 addresses are much better ip adress then ipv4

]]>
Comment on ZFS Administration, Part II- RAIDZ by xaoc https://pthree.org/2012/12/05/zfs-administration-part-ii-raidz/#comment-271668 Tue, 22 Aug 2017 09:04:19 +0000 http://pthree.org/?p=2590#comment-271668 I have strange situation and can't explain it . I will appreciate your comment on bellow setup:
zpool list
NAME SIZE ALLOC FREE EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT
test_3x3s 327T 1.11M 327T - 0% 0% 1.00x ONLINE -
dmadm@s1349014530:~$ sudo zpool status
pool: test_3x3s
state: ONLINE
scan: none requested
config:

NAME STATE READ WRITE CKSUM
test_3x3s ONLINE 0 0 0
raidz3-0 ONLINE 0 0 0
sdc ONLINE 0 0 0
sdd ONLINE 0 0 0
sde ONLINE 0 0 0
sdf ONLINE 0 0 0
sdg ONLINE 0 0 0
sdh ONLINE 0 0 0
sdi ONLINE 0 0 0
sdj ONLINE 0 0 0
sdk ONLINE 0 0 0
sdl ONLINE 0 0 0
sdm ONLINE 0 0 0
sdn ONLINE 0 0 0
raidz3-1 ONLINE 0 0 0
sdo ONLINE 0 0 0
sdp ONLINE 0 0 0
sdq ONLINE 0 0 0
sdr ONLINE 0 0 0
sds ONLINE 0 0 0
sdt ONLINE 0 0 0
sdu ONLINE 0 0 0
sdv ONLINE 0 0 0
sdw ONLINE 0 0 0
sdx ONLINE 0 0 0
sdy ONLINE 0 0 0
sdz ONLINE 0 0 0
raidz3-2 ONLINE 0 0 0
sdaa ONLINE 0 0 0
sdab ONLINE 0 0 0
sdac ONLINE 0 0 0
sdad ONLINE 0 0 0
sdae ONLINE 0 0 0
sdaf ONLINE 0 0 0
sdag ONLINE 0 0 0
sdah ONLINE 0 0 0
sdai ONLINE 0 0 0
sdaj ONLINE 0 0 0
sdak ONLINE 0 0 0
sdal ONLINE 0 0 0

errors: No known data errors
df -h
Filesystem Size Used Avail Use% Mounted on
udev 189G 0 189G 0% /dev
tmpfs 38G 850M 37G 3% /run
/dev/md0 103G 1.9G 96G 2% /
tmpfs 189G 0 189G 0% /dev/shm
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 189G 0 189G 0% /sys/fs/cgroup
tmpfs 38G 0 38G 0% /run/user/1002
test_3x3s 231T 256K 231T 1% /test_3x3s
##########################################################################################################
zpool list
NAME SIZE ALLOC FREE EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT
test_3x3s 326T 1.11M 326T - 0% 0% 1.00x ONLINE -
dmadm@s1349014530:~$ df -h
Filesystem Size Used Avail Use% Mounted on
udev 189G 0 189G 0% /dev
tmpfs 38G 858M 37G 3% /run
/dev/md0 103G 1.9G 96G 2% /
tmpfs 189G 0 189G 0% /dev/shm
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 189G 0 189G 0% /sys/fs/cgroup
tmpfs 38G 0 38G 0% /run/user/1002
test_3x3s 230T 256K 230T 1% /test_3x3s
zpool status
pool: test_3x3s
state: ONLINE
scan: none requested
config:

NAME STATE READ WRITE CKSUM
test_3x3s ONLINE 0 0 0
raidz3-0 ONLINE 0 0 0
sdc ONLINE 0 0 0
sdd ONLINE 0 0 0
sde ONLINE 0 0 0
sdf ONLINE 0 0 0
sdg ONLINE 0 0 0
sdh ONLINE 0 0 0
sdi ONLINE 0 0 0
sdj ONLINE 0 0 0
sdk ONLINE 0 0 0
sdl ONLINE 0 0 0
sdm ONLINE 0 0 0
sdn ONLINE 0 0 0
sdo ONLINE 0 0 0
sdp ONLINE 0 0 0
sdq ONLINE 0 0 0
sdr ONLINE 0 0 0
sds ONLINE 0 0 0
sdt ONLINE 0 0 0
raidz3-1 ONLINE 0 0 0
sdu ONLINE 0 0 0
sdv ONLINE 0 0 0
sdw ONLINE 0 0 0
sdx ONLINE 0 0 0
sdy ONLINE 0 0 0
sdz ONLINE 0 0 0
sdaa ONLINE 0 0 0
sdab ONLINE 0 0 0
sdac ONLINE 0 0 0
sdad ONLINE 0 0 0
sdae ONLINE 0 0 0
sdaf ONLINE 0 0 0
sdag ONLINE 0 0 0
sdah ONLINE 0 0 0
sdai ONLINE 0 0 0
sdaj ONLINE 0 0 0
sdak ONLINE 0 0 0
sdal ONLINE 0 0 0

In few words ... If I undesrtand it correctly:
2 VDEVs RAIDZ3 should use 6 disks for parity (3 for each VDEV)
3 VDEVs RAIDZ3 should use 9 disks for parity (3 for each VDEV)
And it is logical to have less usable space with 3 VDEVs compared with 2 VDEVs, but practicaly it seems that with 2 VDEVs configuration I have less usable space?

]]>
Comment on Hardware RNG Through an rtl-sdr Dongle by Christoffer https://pthree.org/2015/06/16/hardware-rng-through-an-rtl-sdr-dongle/#comment-271443 Wed, 09 Aug 2017 09:55:14 +0000 https://pthree.org/?p=4093#comment-271443 Thank you for this!

]]>
Comment on ZFS Administration, Part IV- The Adjustable Replacement Cache by asmo https://pthree.org/2012/12/07/zfs-administration-part-iv-the-adjustable-replacement-cache/#comment-271429 Mon, 07 Aug 2017 23:09:04 +0000 http://pthree.org/?p=2659#comment-271429 Supposed that there are two zpools on one machine, will there be two separate ARC in memory or will the ARC cache data from both pools?

]]>
Comment on Password Attacks, Part I - The Brute Force Attack by Mac McMeans https://pthree.org/2013/04/16/password-attacks-part-i-the-brute-force-attack/#comment-271167 Thu, 20 Jul 2017 13:31:06 +0000 http://pthree.org/?p=3038#comment-271167 Aaron, you use the term "search space" to describe the number calculated by:
95 * 95 * 95 * 95 * 95 * 95 * 95 * 95 = 95^8 = 6,634,204,312,890,625 passwords

I understand that to be "keyspace," the set of all possible permutations at a given length: 95^8. Whereas "search space" would be the total number of all possible permutations up to and including the given length: 95^1 + 95^2 + 95^3 + 95^4 + 95^5 + 95^6 + 95^7 + 95^8.

Please forgive my ignorance, and correct my understanding if I'm wrong.

]]>
Comment on Install ZFS on Debian GNU/Linux by CROW KNOWS https://pthree.org/2012/04/17/install-zfs-on-debian-gnulinux/#comment-271114 Mon, 17 Jul 2017 18:47:17 +0000 http://pthree.org/?p=2357#comment-271114 Many thanks for the outstanding ZFS write-up (it's still relevant in 2017)!

]]>
Comment on The Kidekin TRNG Hardware Random Number Generator by Vitalie Ciubotaru https://pthree.org/2015/06/20/the-kidekin-trng-hardware-random-number-generator/#comment-271011 Tue, 11 Jul 2017 16:41:24 +0000 https://pthree.org/?p=4117#comment-271011 Oops, I was wrong. Please disregard my previous comment.

]]>
Comment on The Kidekin TRNG Hardware Random Number Generator by Vitalie Ciubotaru https://pthree.org/2015/06/20/the-kidekin-trng-hardware-random-number-generator/#comment-271010 Tue, 11 Jul 2017 16:39:10 +0000 https://pthree.org/?p=4117#comment-271010 I guess, in this command

$ dd if=white.bmp of=entropy.kidekin bs=1 count=54 conv=notrunc

'if' and 'of' parameters need to be swapped.

]]>
Comment on Playing Card Ciphers by Pierre https://pthree.org/2014/09/15/playing-card-ciphers/#comment-270947 Thu, 06 Jul 2017 18:19:54 +0000 https://pthree.org/?p=3888#comment-270947 hello,

on the The Card-Chameleon Cipher page, in the greyed box, some examples tell that 25/26 red cards are the expected ones and so, 1/26 is not.

I may be dumb but how can only *one* card be wrong ?

]]>
Comment on ZFS Administration, Part X- Creating Filesystems by AS https://pthree.org/2012/12/17/zfs-administration-part-x-creating-filesystems/#comment-270867 Sat, 01 Jul 2017 14:13:27 +0000 http://pthree.org/?p=2849#comment-270867 Hello, I'd like to use ZFS for my desktop / workstation box.

I is there a way to tell ZFS where to place a dataset on the disks in a pool? AFAIK reading and writing is faster on the outer parts than on inner parts of a disk.

There is a tool that arranges files in a sequential order so that data is accessed "in a row". That speeds up the boot process or other scenarios like starting X loading the binaries, fonts, desktop theme, icons….
There is a tool that does this but it only works for EXT* file systems. It's named e4rat http://e4rat.sourceforge.net/ . Years ago I used a tool on windows which did both.

I am almost sure that both is possible with ZFS. Am I wrong?
Is there anything speaking against positioning a DS on the disks and making ZFS store data in a sequential order?

]]>
Comment on ZFS Administration, Part I- VDEVs by asmo https://pthree.org/2012/12/04/zfs-administration-part-i-vdevs/#comment-270819 Mon, 26 Jun 2017 23:27:07 +0000 http://pthree.org/?p=2584#comment-270819 Will a hot spare replace a SSD in a cache-VDEV as well? If so, how do I tell ZFS to use the hot spare only for disks in the "payload-VDEV"? These are named "tank" and "pool" above. Thanks in advance!

]]>
Comment on ZFS Administration, Part VIII- Zpool Best Practices and Caveats by Martin Zuther https://pthree.org/2012/12/13/zfs-administration-part-viii-zpool-best-practices-and-caveats/#comment-270805 Sun, 25 Jun 2017 21:45:39 +0000 http://pthree.org/?p=2782#comment-270805 Hi Aron,

thanks for the great ZFS tutorial! I do have a question though. Where does the following recommendation come from?

"Do not mix disk sizes [...] in a single VDEV. In fact, do not mix disk sizes [...] in your storage pool at all."

You can find it all over the net, but there seems to be no one who ever explains it or points to the ZFS documentation. I'd like to exchange a 2 TB disk for a 3 TB one in a two-mirrored-disk setting (utilising the "autoexpand" property) if that matters.

Martin

]]>
Comment on ZFS Administration, Appendix D- The True Cost Of Deduplication by asmo https://pthree.org/2013/12/18/zfs-administration-appendix-d-the-true-cost-of-deduplication/#comment-270727 Wed, 21 Jun 2017 20:03:09 +0000 https://pthree.org/?p=3365#comment-270727 Why is there such a big difference in "Determining RAM Needs" between "Counting Blocks" and "Rule of the Thumb"?

In the first example the ARC of a 2TB zpool should have an ARC size of 160GB RAM - that's 80GB per terabyte. As well that zpool occupies only 40% of the available space.
In the second example the 10TB zpool needs 200GB RAM - that's 20GB per terabyte. I guess this calculation based on the assumption that the pool contains ~40% payload data, isn't it?

So 80GB versus 20GB per terabyte - that's a difference of 4:1.

]]>
Comment on ZFS Administration, Part VIII- Zpool Best Practices and Caveats by asmo https://pthree.org/2012/12/13/zfs-administration-part-viii-zpool-best-practices-and-caveats/#comment-270717 Wed, 21 Jun 2017 17:18:33 +0000 http://pthree.org/?p=2782#comment-270717 @ pdwalker

I guess he ment that you can use /zpool when you created a pool without creating any datasets.

]]>