March 26, 2009 at 1:20 am
Comments posted to this topic are about the item The Need for Tape
March 26, 2009 at 3:28 am
At the risk of sparking a flame war about tape, why did you have to choose tape as the medium for backup in your title?
March 26, 2009 at 7:02 am
GDI, at the risk of sounding ignorant, which I am, what do you think would have been a better title? Are you thinking of another storage medium? (Just questions, not accusations).
Some where I once say a chinese proverb that went "Pale ink better than good memory". Kinda hits the point on a couple of levels.
<><
Livin' down on the cube farm. Left, left, then a right.
March 26, 2009 at 7:32 am
The issue isn't about backups, it's about security and how this happened and who did it ... we should burn them at the stake :w00t:
March 26, 2009 at 7:48 am
One advantage for tape is it's a proven technology at this point. The flaws in it are well known, and pretty easy to compensate for.
- Gus "GSquared", RSVP, OODA, MAP, NMVP, FAQ, SAT, SQL, DNA, RNA, UOI, IOU, AM, PM, AD, BC, BCE, USA, UN, CF, ROFL, LOL, ETC
Property of The Thread
"Nobody knows the age of the human race, but everyone agrees it's old enough to know better." - Anon
March 26, 2009 at 8:03 am
nasoto (3/26/2009)
The issue isn't about backups, it's about security and how this happened and who did it ... we should burn them at the stake :w00t:
No, it's about Data Integrity which is why most enterprises have off-line, off-site backup tapes. After all, what did this hacker do that a fire or a software bug couldn't have done?
[font="Times New Roman"]-- RBarryYoung[/font], [font="Times New Roman"] (302)375-0451[/font] blog: MovingSQL.com, Twitter: @RBarryYoung[font="Arial Black"]
Proactive Performance Solutions, Inc. [/font][font="Verdana"] "Performance is our middle name."[/font]
March 26, 2009 at 8:16 am
Now that's just malicious and nasty. ... this is just vandalism. It serves no purpose. It's likely no one even knows it was "M@M@sB0Y" or some other hacker, so there's no fame, and it disrupts people who just want to converse with colleagues.
I'll bet the hacker who did this posted the "feat" on one of the many hacker websites where they like to brag about these things.
March 26, 2009 at 8:28 am
misdirected youths. they should be testing their mettle against something more interesting and worthwhile, like pulling data out of Chinese Military Defense systems or something.
Defacing/attacking a community website? Pointless at best.
March 26, 2009 at 8:42 am
A need for tape? Why would anyone question that? All good disaster recovery plans use tape for offline and offsite storage. The disaster recovery needs to be documented. It should also be practiced at least yearly. I have yet to see a disaster recovery plan that didn't use tape.
Backing up to attached disks is fine for quick restore but those units need to be backed up to tape and stored offsite.
March 26, 2009 at 8:46 am
There was a case (I think back in the late 90's) where a disgruntled IT director took the backups (tapes and removable drives) and erased them all, and then planted a worm that each morning he had to disable. Apparently no one really cared for this person at the Architecture firm where he worked and finally, he was fired. The day after his firing people came in, turned on their machines and were informed some maintenance needed to be run - in fact, it was the worm that ran and formatted every hard drive in the company. This fellow was easily traced of course, arrested and if I recall correctly, he got four years in prison. Sadly, the company went out of business within a year and though they did pursue damages, there was really nothing they were going to get from this guy.
Tape backups are fine, and yes, a good idea. But the reality is that anything that can built, can be un-built, or in short, hacked. Anyone in the IT field who does not believe this lives in a fantasy world. Its documented that even the Pentagon and NSA computers have been hacked at times.
What we need are much more stringent legal avenues to meet this problem. This is just the sad reality of it. There are going to be hackers who want fame amongst other hackers, and there are going to be those who see their jobs in IT as their own private Kingdoms and God help anyone who challenges them. We cannot avoid this - its human nature in some devious and partially devious people.
But if you knew that you would spend say 20 or 30 years in jail for such behavior, wouldn't that at least help deter this kind of thing? I think so, and I don't see any other way to address the problem.
March 26, 2009 at 9:04 am
My boss once asked me how we can stop hackers from attempting to hack our Web site. We get the most hack attempts during the night when the other side of the world is awake and we are sleeping.
My response to him "Either get all of these losers gainfully employed or at least help them 'get a life'.":cool:
March 26, 2009 at 9:24 am
blandry (3/26/2009)
What we need are much more stringent legal avenues to meet this problem. This is just the sad reality of it.
Here, here. Let some of these kids dig ditches or pound nails as a punishment for a year.
March 26, 2009 at 9:32 am
Tape allows for a disconnected medium that isn't active. Moving to disk, often means that you have a process there. you could make this offsite, and offline, but then you are connecting some of the time, which is when a hacker (or more likely, insider) can attack.
If you move to tape, and physically remove tapes from machines, you have a layer of protection in the physical act.
this is less a hacker concern, and more a disgruntled employee concern. A good reason to have someone else other than the admin handle tapes. Even at a small company, I used to do the backups, but we had a secretary handle the tapes. Granted, I could have stopped backups, but we did perform a restore from tape periodically and the secretary got the tape from the offsite company, so I would have a limited window to do damage.
March 26, 2009 at 9:59 am
Steve Jones - Editor (3/26/2009)
blandry (3/26/2009)
What we need are much more stringent legal avenues to meet this problem. This is just the sad reality of it.Here, here. Let some of these kids dig ditches or pound nails as a punishment for a year.
That's all fine an dandy in the case of the disaffected youth concept. The reality however seems to be very different, since there is an increasing amount of such incidents which are government-sponsored (from certain countries in Asia and the Middle East in particular) or, tolerated by said government swhen used to neutralize threats to the local economy, or - just not prosecutable in said coutries. Just look at the published events during the US presidential elections (From China, Niger, North Korea just to cite a few), and it becomes fairly clear that you can't expect that legal channels will tackle this beast.
Once again - our dogged attachment to open networks/open lines of communication leaves us with no other option than making sure that a. we are protected as best we can in our online systems and b. that we maintain a certain set of offline systems or backups to account for those incidents where a breach occurs.
----------------------------------------------------------------------------------
Your lack of planning does not constitute an emergency on my part...unless you're my manager...or a director and above...or a really loud-spoken end-user..All right - what was my emergency again?
March 26, 2009 at 10:05 am
Steve Jones - Editor (3/26/2009)[hrTape allows for a disconnected medium that isn't active. Moving to disk, often means that you have a process there. you could make this offsite, and offline, but then you are connecting some of the time, which is when a hacker (or more likely, insider) can attack.
If you move to tape, and physically remove tapes from machines, you have a layer of protection in the physical act.
this is less a hacker concern, and more a disgruntled employee concern. A good reason to have someone else other than the admin handle tapes. Even at a small company, I used to do the backups, but we had a secretary handle the tapes. Granted, I could have stopped backups, but we did perform a restore from tape periodically and the secretary got the tape from the offsite company, so I would have a limited window to do damage.
With relation to backups, there is no difference between disk and tape, only that disk is far faster. This equates to less connected time.
I'd never go back to tape if I have a choice about it. Hot swap SCSI was difficult, but USB has turned the issue around. I've been backing up to removeable HD's for 5+ years now, and no regrets.
Viewing 15 posts - 1 through 15 (of 32 total)
You must be logged in to reply to this topic. Login to reply