Disqus - Latest Comments for krishnan

Re: Google Docs snipes at Office with .docx, .xlsx format uploads

krishnan — Mon, 01 Jun 2009 20:41:16 -0000

I thought Zoho Office Suite offered this function since long back.

Re: How I made over $2 million with this blog (Scripting News)

krishnan — Wed, 11 Feb 2009 13:31:30 -0000

Great post Dave.

Re: What If Your Model Is Wrong?

fredwilson — Mon, 12 Jan 2009 08:31:19 -0000

Maybe they go do public service for four years instead

Re: What If Your Model Is Wrong?

krishnan — Mon, 12 Jan 2009 01:16:07 -0000

Fred, I am not sure if this is a good suggestion. Going to college is not just to learn quantum mechanics or Algorithms. It is an experience that shapes a person to who he/she is and how he/she can face the world in the future. I hope you come up with a better answer to Frank's question. How is your suggestion different from home schooling where parents teach christianity and creationism? We cannot remove college experience and still expect the person to have an all round development. My 2 cents.

Re: The cloud isn’t for everyone

krishnan — Tue, 14 Oct 2008 00:48:24 -0000

I want to point out that your non portability argument is not valid. Amazon's AMI is just a compressed version of the root file system which you setup in your local machine. If you are making an AMI for a virtual appliance based on a specific web app, you are creating that environment using the linux file system of your favorite distro + app and then compressing it to reduce bandwidth usage. This compressed version is called an AMI. There is nothing to stop you from using the uncompressed version with another provider. This argument is totally meaningless. Plus, your arguments about security and control applies without any changes to the traditional hosting models too. Claiming it as a cloud based issue is just an attempt to sow seeds of distrust in the minds of people (Isn't it called fear mongering?).

As far your argument about performance is concerned, you haven't provided the specs of traditional server and the servers used in the cloud. In the absence of specs, the comparison could be like that of comparing apples to oranges.

This article appears like an article with agenda. I am sorry for being blunt. This is not an objective analysis.

Re: The fix is on? iPhone 2.1 software out tomorrow.

parislemon — Thu, 11 Sep 2008 22:11:05 -0000

ha ha yeah he could mean that too...

Re: The fix is on? iPhone 2.1 software out tomorrow.

krishnan — Thu, 11 Sep 2008 22:06:26 -0000

By "for most customers", does he mean that the battery life will be screwed up for jailbroken phones? :-)

Re: Initial thoughts on the Palin nomination (Scripting News)

krishnan — Fri, 29 Aug 2008 23:00:34 -0000

Just check out Twitter for "Little Known Facts" meme and see how many Hillary voters are happily participating in it. Well, it will be time consuming for you but you will get the point in there.

Re: Computer forensics & cloud computing

andrewbadera — Fri, 29 Aug 2008 03:48:13 -0000

As dacort notes, that's not the point, though cleanup is only half the reason. You can now create a host for malicious purposes, essentially out of thin air, and have no _need_ to compromise it -- it's there, available for your use, and darn close to untraceable.

Re: Computer forensics & cloud computing

dacort — Thu, 28 Aug 2008 23:16:20 -0000

I think what he's saying is that the cloud doesn't make it easier to compromise, it makes it easier to clean up your tracks _after_ a compromise if you're an attacker.

If you break into a system, one of the things you're going to try to do is erase your tracks. There are several interesting attack vectors here, namely:
1: You can wipe your tracks by simply bringing the system down. No system logs. No hard drives to wipe. Just pop the instance and you're done. Forensics is significantly more difficult if there's no physical system to analyze.
2: I'm personally a little concerned with all the pre-built images out there. How many of them have old SSH versions on them that make them vulnerable on bootup? What procedures do people have in place to update the AMI's? Yes, this needs to be addressed on physical servers as well, but are people forgetting about security with the set and forget nature of EC2?
3: Let's say I find a box is vulnerable to something, but the admin bounces it every x hours for whatever reason. Then I have a reliable host that my tracks will be wiped from every x hours.

Definitely some interesting points here.

Re: Computer forensics & cloud computing

krishnan — Thu, 28 Aug 2008 21:09:33 -0000

From a purely security POV, it doesn't matter between a physical server sitting in a data center or a virtual server on the cloud. Can you show me how cloud makes it easy to compromise?

Re: Computer forensics & cloud computing

andrewbadera — Thu, 28 Aug 2008 18:09:43 -0000

Difference being, with a traditional server, there's a physical server, there's the physical connection to a service provider, it's not easy to blow everything away, then 12 hours later boom have a completely new server built and in place and connected to or admin'd from a new location. Yes, you can find vulnerable machines and root them, but the cloud makes a server more ephemeral, and the entire process much more convenient. You're eliminating the logistics of a physical server. Which is, of course, a lot of the cloud's business value to begin with.

Re: Computer forensics & cloud computing

krishnan — Thu, 28 Aug 2008 18:05:42 -0000

Sure. Thatz the case with traditional servers too. We have to be responsible about the security of the server right from maintaining the software up to date to following safer security procedures like checking the MD5SUM of the software we download. I will soon be posting about these kinda memes floating around in the tech blogosphere (in a new blog on cloud computing which will be launched soon). I will send the link your way then. I can assure you that all the vulnerability issues pointed out in the cloud computing realm is true in the traditional hosting realm too. Adding EBS to the server is as easy as mounting a backup drive we have in traditional servers. With services like Rightscale, this will happen with a few clicks on your browser.

Re: Computer forensics & cloud computing

andrewbadera — Thu, 28 Aug 2008 17:59:21 -0000

But that presumes that you're a responsible image owner. You have to opt in to using EBS rather than transient AMI storage. Say someone with malicious intent is running the image -- it's easily toasted.

Re: Computer forensics & cloud computing

krishnan — Thu, 28 Aug 2008 17:57:14 -0000

Andrew, this is not the case. EC2 has now released EBS, which is the persistent storage for EC2 instances. Also, you can backup snapshots to S3 from EBS with ease. Even if the instance shuts down, you can still keep all the logs and any trace left by crackers (along with several snapshot backups). In fact, this makes forensics much easier than the traditional web hosting because backup snapshots will help you identify timeline better than traditional servers.

Re: Gmail fails; that Google Gears integration can’t come soon enough

krishnan — Mon, 11 Aug 2008 17:42:59 -0000

Imap access works for me

Re: Is your web service open source?

krishnan — Sat, 09 Aug 2008 02:28:08 -0000

I have dealt with this question many times in my blog. The bottom line is that Tim doesn't get opensource at all. He sees it from a totally narrow POV as a licensing platform and/or business model. I was planning to respond to his post based on OSCON talk but inertia kept me from doing it. Opensource is kind of a philosophical platform with openness being its defining "property". We don't have to worry about the literal constructs of do we have to use GPL on web services blah blah blah. I see Open APIs, Open Architectures, etc. as a by product of "opensource platform". Even though I agree with his conclusion of open architecture in his post/talk, his arguments to take the discussion to that result is weak and, in a way, wrong. His argument that diversity in the hardware platform as the reason for the very existence of opensource is incredibly stupid. Opensource would have existed even if we were struck with just the x86 systems. He should understand that the very basis for open source movement is the idea of knowledge sharing that came from science and open apis, open architecture, open data, open publishing, etc are just the evolution of the idea of openness which Richard Stallman borrowed from academia. Tim's claims like "Opensource has no future in SaaS" or the slightly evolved statement like "Opensource doesn't matter, it is the open APIs and open architecture that matters in the web services world" is the case of narrow point of view. Also, I have shown in many of my blog posts why opensource, as defined in a narrow domain of licensing, also matters in the web services era. Tim's insistence on this topic appears to be meaningless when seen from a broader view of open source as a platform.

Re: Protests over Verizon deal with 1938media

AGORACOM — Tue, 08 Jul 2008 09:08:41 -0000

Krishnan, freedom of speech absolutely gives each one of us the right to insult others. We just have to live with the consequences.

In this case (and this video) I think Loren was foolish and out of line - but I fully support his right to do so.

Regards,
George

Re: I Requested That Verizon Drop Their Deal With 1938media

krishnan — Tue, 08 Jul 2008 02:37:58 -0000

I am totally with you Corvida. Loren and people who justify his nonsense take the freedom of speech idea to an extreme. With freedom of speech comes the huge responsibility and if people don't exercise this responsibility, they should face the consequences. I am sure Loren knows about it and he may or may not care about it. The sad part is the attitude of a group in the tech community who encourage such nonsense. If we have to take the arguments of people like Allen Stern, then Freedom to hold guns will imply freedom to shoot anyone. Freedom of speech doesn't mean freedom to insult people. Period.

Re: Protests over Verizon deal with 1938media

krishnan — Tue, 08 Jul 2008 02:32:57 -0000

I agree with the freedom of speech argument. But, with that freedom, comes a huge responsibility. If people fail in that responsibility, they should face the consequences. Freedom to hold gun doesn't mean freedom to shoot others. Similarly, freedom of speech doesn't mean freedom to insult others. I am disappointed with your line of argument.

Re: Can You Build A Business On Browser Extensions?

krishnan — Sun, 06 Jul 2008 15:03:11 -0000

Also, one of the extensions where I see lot of potential for building a business model is feedly.

Re: The Big Switch

krishnan — Tue, 10 Jun 2008 17:52:49 -0000

Congrats again Deepak. Waiting for more posts related to cloud computing in this space.

Re: Do You Want In On Live Mesh?

krishnan — Sat, 26 Apr 2008 01:34:15 -0000

Hi Sarah,

Remember the debate on Twitter the other day? I think that itself should be a good reason for you to send an invite to me. You can then convince me on Live Mesh :-). If you think this is a valid reason, send one to live (at) krishworld (dot) com :-)

Re: Continuing thoughts on innovation models

krishnan — Wed, 23 Apr 2008 16:52:21 -0000

I completely agree with you on that. It needs a complete revamp to reduce the friction between academia and industry.

Re: Continuing thoughts on innovation models

mndoci — Wed, 23 Apr 2008 16:48:16 -0000

Krish

Completely agree with you actually. Reward does not have to be monetary in an academic context. However, the models that enable what you suggest need a serious refresh