What To Do If Linux Sneaks Onto Your Network

BrentN writes: "Network World is running an article on how IT managers should deal with Linux "sneaking in" to their networks, or more precisely, being surreptitiously installed on workstations on their network. Opinions of the IT managers they interview range from 'Reformat the hard drive and fire the person who installed that renegade operating system' to 'Don't ask, don't tell.' The article's author (rightly) points out that this is probably an unstoppable phenomenon."

Flamebait!

[ArchieBunker]

Yet it somehow got modded up to insightful. I wonder how many pro win2k stories you'll see, none around here. Yeah feel free to mod this down to offtopic, I don't care.

If someone installed Linux on my network

[rikkards]

If someone installed Linux (which I would seriously doubt since they are all lawyers who wouldn't even know where to start) I would definitely congratulate them but inform them that they are on their own. I know how to admin Linux it's just that I have enough work with NT :)

I'm with stupid

[Calamari+Indigo]

In this context, it is a typo.

I suppose I'll have to explain "context" to you as well.

Gawd I'll be glad when your parents get home and unplug their computer.

Re:I'm with stupid

[Calamari+Indigo]

Declaring victory and retreating is always an interesting ploy.

Most people will see right through it, but it's always a pleasure to see a Golden Oldie now and again.

Bring 'em down from the inside!

[dark_panda]

At my work, everything is Windows 98 and NT. The only exceptions are our Netware servers and the AS/400 that handles records and such. Everything, from DNS servers to mail servers, are all Microsoft.

So it was until I was hired 2.5 years ago, at which point I commandeered a slightly below average machine (P166, 24 MB of RAM) and installed linux. (RH 5.2 at the time.) I just wanted something stable to use for my workstation and something to play with and waste time.

The boss wasn't really concerned 'cause he trusts me, so I got to keep the rogue OS installed when it was discovered. (A co-worker tried the same thing with SuSE and had to dump it for some reason -- a shame.)

After a few months, the boss wanted that machine back into regular service, WinNT and all. So I came up with a nefarious plan -- I set up apache and made the thing into a web server, serving a tech support FAQ for the labs I worked in. (I was a student support tech at a university, you see.)

Now the system had been transformed from my simple toy/workstation to a server that students could use for help. It became indispensible and is still running to this day. The boss and a few of his cronies were impressed with the fact that in 2 years, it has only crashed once and only been rebooted, like, 8 times.

Word got around work how seriously stable linux was and I was offered another job -- setting up linux and unix servers for the entire system there. What started off as a toy suddenly became a phenomenon at work. Recently, I've set up:

• a helpdesk system using MySQL, apache, PHP4 and IRM, a GPL'd helpdesk/tracking package. Gross cost of the system was $0, compared with the $20,000 for a package they were considering (for 2 seats!).
• slash on another system for the students and faculty to use.
• two weeks ago, I set up a Red Hat 6.2 box with apache/PHP4 on it for the frickin' web development department. These are the guys who are paid to know how set up servers and stuff on their own and they couldn't figure out how to get apache to compile.
• this past week, I set up OpenBSD on a box which starting next week will take over for the WinNT DNS piece of crap they currently have running.

There's even talk of replacing their Exchange servers with some linux SMTPs, but that won't be my concern as I'm moving away.

The morale of the story is, businesses don't use linux because they assume because it is free and because it isn't Microsoft, it isn't worth their time. At my work, I showed them differently. My new boss is so impressed with linux and now OpenBSD that it's all he can talk about with his colleages. What was a predominantly WinNT environment has, over the past 2 years, slowly become more and more free, with many of their Internet servers making the jump from the crash-weekly NT to linux. None of the servers I've set up for them have crashed yet, and they simply cannot believe it, considering they didn't have to fork out big $$$ to Microsoft for any of the software, including the web servers, OS, etc, RDMBS, etc.

Show the management what it can do. Show them it's stable, affordable, reliable, roboust. I did, and it impressed the hell out them.

J

Re:Bring 'em down from the inside!

[fizban]

The morale of the story is, businesses don't use linux because they assume because it is free and because it isn't Microsoft, it isn't worth their time.

Actually, I believe the MAIN reason most businesses don't install Linux is because they aren't running servers. They're running client software for their marketing folks, their sales force, their customer care department, their upper management, etc. And these people are mainly dealing with word processing, spreadsheet and financial software that, frankly, are much better and easier to deal with on a Windows or Macintosh environment. Plus, most of these folks might sometimes take their work home with them to their personal machines, which most likely are also Windows and Mac systems. Linux just isn't ready for this group of users yet.

Setting up Linux system for a business USUALLY only makes sense if the business is in need of a low-cost alternative for some sort of server-based solution (except for e-mail servers, since most business are running Outlook as their e-mail client and might as well run an Exchange server to ease the integration). But then again, many businesses would rather run a Sun or HP Unix server for support and scalability reasons.

Now, I like Linux and think it's a great, viable alternative for SOME purposes, but most businesses don't need or want alternatives, because what they're using works great for what they require.
----
Lyell Haynes

Re:Bring 'em down from the inside!

[ErikZ]

I see a lot of posts with people whining about IT.
Mod the above UP! No matter what you do in life, you'll get farther by walking the walk, instead of talking the talk.

Later
Erik Z

Re:Bring 'em down from the inside!

[atrus]

Well, thanks for using IRM :)

The IT anti-world.

[Ektanoor]

Well funny to see this article. Here we have the INVERSE of this... If we get anyone sneaking NT or Win00 servers then he may get a hot time with us... Windows servers are not allowed for major network task. Choose Linux, Solaris, BSD, Novell or the Hell. M$ is OUTTA HERE!

This is done for these reasons:
There are some piracy issues around here and we don't wanna take even the slightest risk of supporting a pirated platform, specially after the dumb M$ sneak-under-your-desk-for-pirate-soft campaign in Moscow.

We have a quite long experience with M$ platform soft. On servers the results were from bad to catasthrophic. The only thing we managed to do with such systems was to create small one-task servers for a very specific range of problems and conditions. Our specifics demand that servers should carry several tasks, generally process some terabytes per week and serve a few thousands of users. That is impossible to achieve under an M$ environment.

There is also the financial aspect. We have highly qualified experts. The TCO for *NIX soft is nothing to be compared with Windows. M$ support is frankly miserable here. Windows workstation support is the heaviest cost we have here. Our practical experience has shown that the support for NT reaches 10-60 hours week in a network of 70 machines and needs 2-3 people tied in their seats. On Linux it is an amazing 4 hour/week and requires only one person who doesn't need to stay 'round the clock in his place.

And, to end the financial aspect, we had a case when we paid Microsoft for nothing, just because they force OEMs to bundle soft in their machines. Probably only 10%-15% of this soft is really used here. The rest was humanitarian help from us to Bill Gates...

Re:The Next Microsoft Ad

[Calamari+Indigo]

I think I found your problem.

You need a new website.

Re:From an IT Management standpoint

[RollingThunder]

I fail to see how this is the fault of EITHER samba or NT. In fact, you even said it yourself - "a bad Samba configuration". I've read trough that portion to see about replacing NT PDC's with Samba PDC's, and it sure as hell can't happen on it's own. Somebody made a mistake. Slap his wrist, tell him to think twice the next time, and move on.

Re:It's not that we hate Linux...

I've recently worked in a large government setting, and although I work in health and not IT, I have come to rely heavily on IT support.

This restrictive application of operating system is a pain, but is warranted.

In our location, there was around 2000 computers, and a user base of around 4000 - most of whom had trouble right justifying a paragraph in word.

We had a total of 15 people in IT to support this, and >50% were not MCSE qualified or had equivalent experience. This meant delays in fixing routine problems, and on top of this was a policy straight jacked that denied even the local IT people with qualifications from doing certain things.

Put simply, they could not support anything that isn't NT. Is this a good thing? Probably not - but that's all the money and people we get.

Your post has been the most enlightening and detailed response yet.

I run linux at home and have had unparalleled stability and flexibility from it running on old hardware, but I'm not an organisation the size of the one I described.

NT/MSWindows has an element of idiot proofing that can be done, and you can lock out things that most users may try to do. Sure, it crashes at bad times, but I haven't yet seen a user inadvertently destroy an NT workstation installation, which needed someone in IT to re-install.

The other very important thing that noone has mentioned yet, is

• asset tracking

.

I've only seen asset tracking software for windows. The compaqs that we run at work could be monitored that way. I'd imagine that linux doesn't yet speak these proprietary protocols, and organisations would need new policies and procedures to ensure their staff aren't stealing or swapping memory, processors or hard-disks from their work machines.

Stuff to think about.

Most of the issues are for *large* organisations. And if the American school system is anything like Australia, then you may have a couple of IT pros managing a Schools region of maybe 20 schools, and the day to day management of the school network is usually a secondary job of a regular teacher. Monkey training for these types should keep things running on a day to day basis, and the Regional IT manager needs the monkeys to speak the same language. Hence policy constraints.

I hope we will see more use of open source and open standards in corporate IT in the future. I'm convinced its one of the few things likely to improved the quality and productivity of business.

Who cares? I prefer an educated user

[I_redwolf]

I'm a network admin for a large corporation and if anyone installed Linux on their box I could care less. As long as it doesn't cause problems for me (what problems could it possibly cause). Not only that but it shows the mindset the user who does so (installs linux) has. Thats a plus for me; IMHO an educated user is better than an ignorant one. It means I don't have to set up the users email or have them bug me about how their internet isn't working or something of the sort. Infact if all the users on the network were as educated I'd probably be out of a job but at least there'd be no more "It's not working" to listen to.

--Cheers

Re:Did you actually read his post?

[Jonathan]

This should be obvious by now, from what I've covered above, but I'll say it again. It's not yours. You didn't pay for it, you didn't install it, you don't maintain it. The computer belongs to the company, and the company can do with it whatever it wants. How is it you don't understand this?

In some cases this is the case, in others not. For example, in universities, the machines that researchers use are in fact purchased with the researcher's grant money -- not university money. And the people using the computers -- the professors, postdocs, and grad students, generally know far more about computers than the typical community college graduate IT drone. If these researchers want to use Linux, they have probably have a damn good reason for it. The IT people, like the secretaries and the janitors, are only there to support the researchers, but for some reason IT people tend to forget their place in the scheme of things.

Re:Help! Our corporate server is mutating into a

[Black+Parrot]

> ... no, into a rabbit, ... no into a frog, no into an elephant!

... no -- gasp! -- into a stable system that runs on cheaper hardware!

Where's the phone?!? Quick! I need to call my stock broker!

Re:Security and Local Root

[Todd+Knarr]

But do you apply the same rules to the Windows boxes, by denying local administrative access to users? It's the same thing, someone with local admin access on a Windows box ( which pretty much means all Win95/98 boxes, unfortunately ) can run rogue servers including DNS and NIS and IIS and the like exactly as they could with root on a Unix box. It's not the OS, it's the access. I've got local admin access on the NT box I have at work ( bad thing, but for various reasons nobody ever took it away ), and you don't even want to think about some of the things I'd probably be able to do ( rogue PDC, anyone? ).

And BTW, you can't rsh root-to-root automatically if the target machine is properly set up. My systems are set up to automatically refuse rsh access from root on other boxes. You want to do that, you use SSH instead with it's better access controls ( also applied on the target box, not the source ).

Re:It's not that we hate Linux...

[meldroc]

What many people don't realize is the troubles that most IT staff have to go through to maintain sanity in a typical company network. Many sysadmins I've met are responsible for keeping hundreds or thousands of machines on speaking terms with each other and the rest of the internet, within corporate policies, and ready to do work at all times. To do this, he uses scripts and other automated tools, and makes assumptions about how each machine is set up - it has the Company's OS, applications, network settings and security measures installed. Unauthorized OS's and applications break these scripts and tools, cause mayhem in the networks and drive sysadmins completely insane.

When some schmuck decides to install something unauthorized on his machine for gits and shiggles, he risks not only his own time and money, but he may be putting the entire network at risk. A misconfigured machine could break entire networks and cost the company thousands of dollars before it is fixed. When this happens, don't be surprised when the BOFH sysadmin rises up in righteous anger and takes his furious vengence upon the luser.

Some sysadmins do make allowances for staffers such as programmers to install Linux and other software on "sandbox systems". Presumably, there is a business need for this software, and it won't fight with present software. They always make it clear that if the software breaks, it is the user's problem to solve, not IT's, and if it causes problems for others, the user is expected to pull the plug and find a solution immediately.

The Next Microsoft Ad

[Cryptosporidium]

Fade in on IT Department..

A computer starts beeping and the operator looks at it with shock. He stands up and runs over to his supervisor to whisper a few words.

The supervisor runs toward the middle of the room and gets everyone attention..

"Break out the NT CDs! Bring our Exchange server online! Get those Bill Borgs out here in five minutes!"

There is a dramatic pause as the supervisor mutters in a low, gravelly voice.

"Someone's installing Linux on the network."

Re:The Next Microsoft Ad

[Calamari+Indigo]

IE?

In your dreams, Mr Gates.

Re:The Next Microsoft Ad

[Cryptosporidium]

you are the same kinda person that thinks user friendly is funny. it isn't.

How ironic. I'm a regular User Friendly reader. Maybe our humor just runs along different lines. No need to be so harsh about it.

Re:The Next Microsoft Ad

[11223]

Yo - I browse slashdot from public access terminals, and so I use IE. I'd rather not attempt to use Netscape on Windows. (Ugh.)

At home, I use NetPositive.

Re:The FUD grows....

[Black+Parrot]

> Why does this war of words have to continue?

Presumably, Network World is worried about what's going to happen when a well-heeled advertiser goes the way of the Itanic.

Re:I'm disappointed

[Chemical+Serenity]

However, if someone comes along and installs their own Linux distro suddenly you've got someone other than the admins with root privileges on at least one machine in the network. Hello, nmap. Hello, packet sniffers. Yes, you can encrypt everything to death, but it's better to keep prying eyes from ever seeing the sensitive data in the first place.

Hello, anyone with a laptop taken to work on any given day.

The idea of 'keeping prying eyes from seeing the data' and enforcing that idea with draconian IT rules is ludicrous. Anyone who wants to see that data will be able to. If internal security is that big an issue, you've got WAY more problems than if linux is 'sneaking in', and probably need to do retinal identification to enter the workplace as it is. For the vast majority of COMMON workplaces though, it's real hard to enforce security-through-obscurity when people have physical access to the hardware.

Typically, companies with "very very strict rules" are those ones who's upper echelons are so totally in the pocket of some major vendor that they swallow EVERY bit of crap, no matter how outrageous, that is in that vendor's interest. If vendor says "Don't let any other operating systems on your network, it could destroy everything!" many policy makers are too ignorant/lazy/busy to know otherwise, and simply make that law. I'm not aware of any IT department who has a CTO/CIO who knows more about details than his/her subordinates.

Companies with FLEXIBLE arrangements are the ones who demonstrate at least some knowledge in what's going on, and a willingness to pad their bottom line through the optimizations and research (unpaid) of employees... or at least, it's a hallmark of a CTO/CIO who realizes that better answers come from employees than from vendors. True, sometimes these things fall down and go boom, but that sort of thing happens even with the most seasoned professional or group.

Any company living in fear of 'rogue OSes destroying the world' suffers from a lack of robust IS planning and needs an overhaul far more than it needs gestapo policies.

--
rickf@transpect.SPAM-B-GONE.net (remove the SPAM-B-GONE bit)

But who are you going to call?

[KnightStalker]

"We sat down with them and agreed that they could use their Linux box as long as our phone didn't ring when they had critical problems," Maday says. "So far, we haven't heard one thing from them since the meeting we had a few months ago."

I don't think there's any comment necessary on this one...

Re:But who are you going to call?

[TheCarp]

I have to agree..and frontline tech support SUCKS.

The only thing that made my job bearable was that I spent alot of time in medical research labs working, and I get off on that sort of thing. I think the researchers liked me cuz I had some clue as to what they were doing and showed interest :).
(that and I would give them the straight talk on my own department I was quite used to answering the greeting "Your department sucks" with "Yes we do, but since im here you want me to look at the problem?")

I have found that in front level support you get 2 types. The first is people like I was - very clued and very skilled, just not enough work experience and stuff to land a better job. The second are complete idiots who know how to navigate windows and "run installsheild" better than most users.

The first type does it for a year or two and moves on. The second type stays there forever (this is espcially true at helpdesks). If the first type doesn't leave after a year or two, then they get lots of crap dumped on them and eventually have a breakdown and get fired - then recover and move on.

The worker shortage doesn't make this better. There is too much work and too few people. Its no wonder that things like "ghost" are seen as a god send. When you have a 24 hour turn around time policy, but real turn around is more like 4-5 days because of shear call volume - its not like you have the time to devote to really solving problems.

I litterally worked where 7 people or so doing desktop support for several thousand machines. Spanning 3-4 types of supported PC hardware (the standard had changed a few times over the years) 2 main OSs (Windows 3.1 and Win95 - the Win95 rollout was still going on in 1999 when I left) PLUS macintoshes (which got a lesser level of support due to myself and one other tech being the ONLY mac experienced techs)

-Steve

Re:But who are you going to call?

[T-Ranger]

Workstations should be disposable. If you have inportant data, save it on the server.

There are enough places around that have a policy of ghosting computers on a regular basis that this is not screwed up.

Re ghosting takes all of 5 seconds of effort and 5 minutes of time. Ghost plus something like ZENworks means that there is zero time supporting desktop configurations: "helpdesk, whats your problem?" "[something that indicates a misconfiguration" " ok, insert that disk labeled ghost, reboot, and get coffee." Problem solved.

Re:But who are you going to call?

[Col.+Panic]

That one file, huh? What kind of file was it? Is anything else missing? Admins don't want to dick around with a machine someone decided to delete a file from just to find out another is missing five minutes later.

You don't really save your important files on the local drive, do you? Please tell me you save them on the network where they are backed up nightly. Please?

Re:But who are you going to call?

[SClitheroe]

But that's the whole point of corporate computing..Nobody should be saving important projects on their local drive. User data belongs up on servers with RAID redundancy and nightly, offsite backups.

Giving users local control over machines guarantees that things like missing files are going to occur...

Re:But who are you going to call?

[SuperQ]

umm, i think you are being a bit picky. this is talking about lazy admins not repairing computers, just blowing away the whole system and re-installing.. the point of the argument is that sometimes supporting yourself in an IT situation is better than calling your IT department.. i've seen some IT people with a serious lack of skills of any kind.

Re:But who are you going to call?

[bonzoesc]

First: It was a toolbar file.

Second: I work at a high school, in an engineering technology class where all the dumb football players and stupid skaters and ninth-graders end up, and if you give students access to the network server, you're going to have all sorts of problems with porn, games, napster, e.t.c. By limiting network access through the simple means of taking the cords away, access is effectively controlled. However, when the incompetent boob running the IT shows up, things like this happen.

Tell me what makes you so afraid
Of all those people you say you hate

Re:But who are you going to call?

[MrNixon]

Sorry. I think there is.

If someone has the technical expertise to install and setup/configure a new operating system (it does NOT matter what OS it is) onto their machine, then I think that it follows that they can troubleshoot it, and find/fix problems on said machine.

Re:But who are you going to call?

[bonzoesc]

Cool it psycho - I'm a student who hates the policies too.

Tell me what makes you so afraid
Of all those people you say you hate

Re:But who are you going to call?

[ncc74656]

umm, i think you are being a bit picky. this is talking about lazy admins not repairing computers, just blowing away the whole system and re-installing..

Is it necessarily laziness, or is it a matter of getting a (l)user up and going again as soon as possible? Yes, if you can figure out what's going on and actually fix the problem in 15 minutes, that's all well and good. If something has been done to the machine, though, that will take more than that to hunt down and repair, you're better off spending 5 minutes running Ghost and 10 minutes redetecting hardware than spending half an hour or more on something that might not be fixable anyway. Bean-counters tend to only care that their stuff works; they don't care much about how, as long as their "precious" downtime is minimized.

If you think about it, it's not too different than the approach we take nowadays to fixing hardware. When's the last time you did component-level repair on a motherboard or an add-in card? It's usually faster and cheaper to R^2 (remove and replace) it than to find the part that failed. (Only time I've fixed a motherboard was when I plugged the wrong type of USB cable in and blew the fuse feeding power to the keyboard port. I had already swapped the customer's motherboard out, but figured out the problem on my own time and got the board working again, more for sh*ts and grins than anything else.)

Re:But who are you going to call?

[mikem2002]

I used to work at a place like that! What fun it was to ghost and re-ghost. That was the "standard".

That's why I quickly moved on to REAL company!

Mike Maday

mikem2002@madays.net

Re:But who are you going to call?

Am I the only one who read that and thought, "that's an IT group that doesn't want to keep their jobs?"

As is, there is an "IT shortage" in this country. We've all meet the IT guys who's solution is to reinstall windows with the "standard install" or do some such fuckery. The guy usually doesn't come across like he picked a lot up in high school and he's certainly not a Rhodes scollar, he's a guy who knows how to navigate a few windows apps and run installshield. This is a gross generalization but it's been my experience at IBM, Sun, Storage Tek, and the few other places I've worked. There are always some better IT guys but par isn't somebody you want touching your machine (doubly so if you do devleopment on it, I nearly got in to a fist fight at IBM with some twit who was going to format and reinstall my NT box because it was the only way to make sure it was "y2k ready.") The way I see it, we have a shortage so they are taking anybody who can get through a win98 install, CS or IS degree is optional, actually knowning what your doing isn't a factor. That can't last. It's only a matter of time before those people are seen as people who aren't bringing anything to the table. Here you have entire IT organizations turning work away, instead of figuring out what the needs are for their enterprise they turn them away! You know work isn't always supposed to be easy and they aren't supposed to pay big bucks for a job that anyone can do. It reminds me of the guys who make a living working on an assembly line doing a job that a robot can do faster and more cost effectively who are then shocked to hear that they may have to change jobs or lose their job.

Re:But who are you going to call?

[Evil+Grinn]

We've all meet the IT guys who's solution is to reinstall windows with the "standard install" or do some such fuckery. The guy usually doesn't come across like he picked a lot up in high school and he's certainly not a Rhodes scollar, he's a guy who knows how to navigate a few windows apps and run installshield.

Well, having been one of these guys, I can tell you that you have a point. That job is a sort of purgatory for technies who want to be somewhere else but have to pay their dues.

Re:But who are you going to call?

[bonzoesc]

Do you know what the IT guy where I work does when a machine gets messed up and would require troubleshooting?

"Uh oh! AutoCAD is missing a file!"
"What are you going to do? Copy that one file off of one of the 31 other computers running AutoCAD in here?"
"No, I think I'll re-ghost the machine from some old disk image I have hanging around. I assume nobody saves their important project on this computer."

Tell me what makes you so afraid
Of all those people you say you hate

The most dangerous end-users

[MeowMeow+Jones]

Aren't the ones who know what they're doing. And they're not the ones who don't know what they're doing (although they suck alot of time)

They're the ones who think they know what they're doing. There are plenty of people out there (and even here on /.) that think they're the shit because they can install RedHat (really not trying to slam redhat here) off of a bootable CD, or they can extract an Apache RPM and now they know how to run a web server, or they know how to 'program' in perl. Or the guy who used to program Z80 assembly and needs direct access to your SQL Server. These are the people with the most potential to screw things up.

And judging the general responses here, alot of /.'ers are going to loose alot of credibility/ respect with the company and coworkers when they get busted and start ranting about M$ Windoze/Bill Gates/Closed Source. Fair or not, it will happen.

I didn't think iw was so serious

[jzuska]

I have routinely put Linux on my work machine. I dont use windows and never have. I think this is outrageous that someone could be fired for installing an OS on a computer. I work under IT, and I'm a System Administrator, I dont want NT on my desktop and I dont need it. I have always been given 2 machines to work with, an NT box and a Solaris workstation. And as always the first thing I do is put linux on the NT box.

Re:I didn't think iw was so serious

[M@T]

While the situation in the article was not as clear-cut as the example I used, the fact remains that if a company (or its Admins) has a definitive stance against running Linux on their networks the n you have an obligation to abide by that stance as an employee of the company.

If you don't like it you can quit (or face dismissal for breaching their guidelines)

A large number of slashdotters have voiced their discust at any company that looks to firing an employee for installing Linux... thats bullshit. It's their money and their gear. You get paid to do a job the way they want you to do it, and the only alternative is to convince them that your way should be their way - if they disagree you've got a choice to make.

Re:I didn't think iw was so serious

[M@T]

I think this is outrageous that someone could be fired for installing an OS on a computer.

Woah! It's their equipment, their product, their company, their money and their job that you are being paid to do.

If a company explicitly states that Linux is not to be deployed on their networks, then Linux is not to be deployed on their networks until such time as you convince them otherwise. If someone deliberately and knowingly ingores it, they do so at their own risk - the possible consequence, as with most other company policies, is that you get fired for violating it. What is your problem with that?

Re:I didn't think iw was so serious

[mindstrm]

Uhh.. but that's just it. Systems administrator gets to CHOOSE what they use.

Office workers are TOLD what they will use. If they decide they don't 'like' it, and want to do it their own way.. then they *could* get fired, just as if they hauled their desk outside and brought in their own vibrating chair, and worked on the floor from a cushion.

The PC (and software) , in many cases, is a tool provided by the company to do your job.

Isn't GUI like "Newbie" not "Geek"?

[Felinoid]

>You may not use Windows 2000. I use it all the time. I like it. I like Linux as well, but Linux has a LONG way to go before it even touches the usability in the GUI department for me.

GUIs aren't very useful at all.
There isn't much point in doing something in a GUI when the command line dose it better.

Microsoft has given itself a bad image. Selling Windows NT, CE and 9X under the same product name "Windows". Selling NT as a server when it's better off as a home os.. Selling 9x as a current Os when it's just Dos redone. Doing CE at all..

Insulting media by answering questions it dosn't like with "You don't understand Windows". This of course begs the question "If technology experts don't understand Windows how 'User friendly' can it posably be?"

Win 2K may be a great product but Microsoft has a horrific reputation and you don't want to do busness with someone who's got a track record like Microsofts

Linux on my computer at work

[bigstupid]

After 3 years as the IT Manager at my company, the powers that be "promoted" me to Marketing and Communications Manager (I think they did this because I was perceived to be the only one who knew who to use a publishing application).

Anyway, I had been running Linux back in the computer room on my PC making use of Cheops, VNC and some other apps for administering the network of legacy Windows machines.

After my move to the general cubicle population, I took my Linux box with me. I use VMware for the "must have" applications. The drones now in the IT department are (the best I can describe it) afraid of Linux. They like to feel that their MS certifications are good for something.

IT now takes a sort of "mad scientist" view of me and my lone Linux desktop machine, though they allow me to run it. Obviously I do my own tech support.

I think that many IT departments are concerned that people being productive with Linux will result in general management asking them why a lot of money was wasted on inferior MS software.

it's not just linux

[clovis]

"Destroy their servers and fire them," says Jeff Shapiro, director of technology for the Kingsport, Tenn., public schools.

Hey, if your network's virginity is so precious, install switches and turn on port security.

I have to laugh anyway, I was a teacher for a while, and the idea of an IT person getting anyone fired about anything in a public school system is beyond belief. Even the lunchroom ladies are laughing at this one.

On the other hand, I'm working in a hospital now-a-days. We have had someone more than once (doctors have unlimited self-funding) setup something unauthorized on the network with some poor choices that randomly killed access to something else that was mission-critical.
So now other doctors couldn't get to lab results, patient histories, etc. This is a Very Bad Thing.

The people who pay the IT managers' bosses' salaries did not _ask_ if it can be prevented from from happening again.

It's not Linux that's the problem. For everyone that got hurt with samba's NT pdc hijacking, there was someone that got buggered when an unauthorized WIN2000 server went up and tried to take over the network.

The problem isn't Linux or NT or "the unknown" per se, but rather risk assesment. If you are responsible in any way, when faced with making decisions you have to ask:
1)What does the organization gain from this?
2)What's the worst that can happen?

1) Having a policy of letting anyone setup their own servers is ludicrous. This is something that IT MUST be in charge of. If someone is smart enough to discover a way that Linux/BSD/AmigaDos can make the company run better, then they should understand Linux/etc well enough to make a formal presentation of the specific solution and its benefits. Most people can't do this because, frankly, they do not understand either Linux, WINNT, or Win95 well enough to explain it to someone else. This also means they don't understand it well enough to install or support it except in the most superficial way. Why should IT have to drop what they're doing to figure it out for you? And even if it's a great idea, some things can't go on the general network _today_ because the bandwidth isn't there - consider what a Napster infestation can do to your bandwidth

2)You figure it out next time you're in a hospital bed.

Re:Sneaking, dealing, slithering

[titus-g]

or..

What if Mozart could only use the triangle?

What if Van Gogh only had watercolour?

You let people use what they are happy with, they do more...

Running a server/gateway/network is not about what your clients use to connect.

I'd relegate this to 'News of The Weird' for nerds... href

Not again..

[tuomoks]

Proves something - nothing changes.. This has been the attitude of "so called" IS, IT, network, whatever.. managers for 30 years I have been working with computers. They always seem to be against any changes - so just punch your paper tapes or cards - we feel safe that way.. I'm sorry - it just doesn't work - and if their network is so weak that some isolated user systems ( Linux or any ) can cause problems they really have other and much worse problems..

Re:Linux in academic environment

[Roy+Ward]

I should perhaps have been clearer:

* This only applies to machines that have been assigned to particular people or projects - the undergraduate students are stuch with windows. I was actually talking about staff, not students.

* When someone leaves, their machine will be reverted back to the default and reassigned to someone else.

* All the servers etc. have software installed and maintained by tech support.

So we don't have the problem that you are describing.

ARRRRGGHHHHHHH!!!!

[GeneralEmergency]

I work in a large aerospace corporation and with 15 years of IT experience under my belt and I can tell you that Deni Connor is COMPLETELY missing the signifigance of the central event in this piece. The backdoor introduction of "un-approved" tools and solutions is a SURE-FIRE sign that your IT organization has become overly bureaucratic, slow, indolent, expensive, close-minded and, worst of all, afraid of change.

When these events happen, you should be FALLING all over yourselves trying to understand how you have FAILED your internal IT CUSTOMER.

One last thing...If I were on the Kingsport school board I'd send Shapiro packing so fast, he wouldn't have time to say "Linux".

"A microprocessor... is a terrible thing to waste." --

Re:ARRRRGGHHHHHHH!!!!

[ErikZ]

One last thing...If I were on the Kingsport school board I'd send Shapiro packing so fast, he wouldn't have time to say "Linux".

Boy, it sounds like it's been a while since you've been in a high school. An authority that crushes ANY challenge to it's power pretty much sums up what I remember. Shapiro is probably going to get a raise and start giving lectures on 'How to ferret out dissidents and crush them for maximum psychological effectiveness'

Erik Z

Re:It's not your computer

[TheCarp]

While I agree that it is the companies computer and their right - I still think its stupid.

People work differently. People who like linux and work best in linux, might not work well in windows.

Its like telling a person how to decorate their cubical walls. Sure - certain things would be very inapropriate (like say playboy centerfolds), and its the companies cubical. However - setting rigid standards and forcing people to work under them is just goin gto make the workplace less enjoyable of a place to be.

Making the place less enjoyable will just make people want to work elsewhere. Work already isn't fun, at least give a person the ability to "personalize" the place a little bit.

Now, if their use of linux interfeared with actual work and made it so they couldn't do their job - then certainly the company needs to step in.

However, if they can support the machine themselves, and they can get their job done - then why should it matter at all? I don't know about others but I am all for letting people do what they want - as long as they can get the job done then leave the details up to them.

As for IT support - its simple. You just need a policy that says "This is what we support. This is standard. Diviate from it at your own risk - we will not fix it for you."

--Steve

Not a Haiku!

[Art+Tatum]

It's good to see you branching out, 575! What's next, epic poetry in hexameter?

Re:Limerick

[575]

Why fear linux in companies?

[x-empt]

Afraid of security ? All those Win9x machines that are not able to cope with one linux box that is able to spoof a server, undetected?

Linux is nothing to fear, IF the user that uses it knows what he/she is doing and can handle the system efficiently and still uses the network's file system to store work on. (For central location and backup reasons)

Is there any objections to actually implementing linux for the users that know what they are doing?

nope

[NuclearArchaeologist]

Who needs to read that clueless crap?

Re:Limerick

[575]

The humble poet,
Smiling at the compliment:
"You've just seen the start!"

Re:Of course

[SpamapS]

This would not be hypocricy. Hypocricy would be if we said "The horrors! The insanity!" and then went back to work on our Windows 2000 workstations.

We're all Linux users, and we know that Windows 2000 is a horror, and was developed under insane conditions.

Also, an all Linux workstation environment is one that has Free software on it. The person who snuck in Windows 2000 probably has done so in violation of their license agreement. If its installed on company time, on company equipment, that means liability for the company.

The bottom line is that these are not compatible situations. They cannot, and should not, even be compared.

many IT people are also murderers

hi you

i can sympathize with you, i work at a college here in town. last year i installed THE SEVENTH GUEST on my office pc and an it person came in and bitched at me and i said no, i need seventh guest, it enhances my productivity. he removed it and i told him to go stuff himself. well i went out in the parking lot after work and my TIRES had been SLASHED. there was a note on my windshield and it said "i'll give you seven GUESSES who did this."

well a couple months later i installed WINAMP so i could listen to ricky martin mp3s, i didn't actually download the mp3s at work, i burned them to floppys and brought them in. well i got the same lecture again and i said to go to hell and when i got home my house had been broken into and my three little kitties were DEAD. strangled by my it manager.

well now they're at it again, i installed LAME so that i could play galaga on lunch hour and they lectured me again, i defended my rights again, and i came home and my wife was missing, with a note from the it department saying don't install anything if you want her back. now this actually doesn't bother me as much as the kitties but my company CANNOT be allow to kidnap people. also winter is coming soon and i will need my wife around to shovel the driveway.

so i general i (george) think it is great to stick up for your rights but realize that many if not MOST of these departments are pure evil and would slaughter their own mothers to keep the network pure.

-gbd

Re:Admissions of Linux reliability

[TheCarp]

Well

it eaither says something for linux's stability or the intelligence of the users.

It has been my experience that Users who KNOW that their machines are not supported, and have been TOLD not to call, are just as likely to call when they have a problem as any other user.

They don't usually stop calling until after they have been completely unsuccessful getting help 3 or 4 times, and even after telling lies about what they are running to get support.

-Steve
-Steve

Re:I'm disappointed

[Wakko+Warner]

Why the hell are you running a shitty unswitched network anyway?

- A.P.

--
* CmdrTaco is an idiot.

Re:'unstoppable phenomena'

[TheCarp]

I agree - sorta.

For servers - mission critical stuff - basically anything that users use and you provide. Yes.

I am a debian developer. I use debian at home. My work DESKTOP is a Debian Box. However - noone else uses debian where I work. When I had to install a linux server - I used redhat.

I hate redhat myself - can't stand it. It gets in my way and I think its a horrid system. However - I am not the only admin. Others need to be able to admin the system - so I installed redhat on it.

However like I said, if its a desktop machine thats used 99.9% of the time by one single user - let them install what they want. As long as the job can get done.

Not following standards and procedures on a server that many admins need to be able to fix is definitly evil and deserves to get one fired. Not following standards on a desktop box - I chaulk that up to personal preference.

(however - I do hope to sell some of my co-workers on debian and see if I can't get us to start moving to debian boxen)

-Steve

Re:IT people are assholes.

[Col.+Panic]

I think your shop is a little different from the one referenced in the prior post. Your IT Hitler (Godwin's law BTW) may very well be just that.

In a "regular office" the IT department is there to make sure the entire organization is able to work via their computers. That organization is often HUGE and is composed of a bunch of business people who don't know their computer from their butt.

Advanced users and programmers are treated differently in my organization since they display something special: competence. Anytime testing is necessary these people are the ones who we ask to test it, with our help. And although all programs not developed in-house must be approved by IT, there is a clear channel to request such installations. Users can always make a case with management for why they need a program; so what is stopping you?

Why You're wrong....

[ACKarma_Whore]

You're a karma whore. Do you want to have sex with Rob Malda?

Tell me, does buttsex really hurt you ass that much? I've only given, never recieved.

Re:Of course

[pb]

Yeah, well, that says a lot about Slashdot, but it also says a lot about the nerd population and demographic as well.

Personally, I have *yet* to find GUIs "usable" in the first place, and I try to keep them as stripped-down as possible. If I find a powerful and useful metaphor that helps me out a lot from the GUI camp, I'll let you know, but so far, I'm not impressed, and I'll continue to program with a text editor, toss files around on a shell, and read my e-mail in text mode...

As for Windows 2000, I haven't used it much, but it sounds like a different set of trade-offs were taken in producing it, and it's getting closer to Unix. They must have made it more stable than '98, since they broke some games and applications that were probably using some buggy stuff in the first place.

Hopefully they'll clean up the API enough to make those apps fast *and* stable eventually, and maybe one day, they'll even keep track of their libraries correctly, or implement some real hard or soft links (i.e. at the filesystem level)! Until then, I'll continue to use Linux.
---
pb Reply or e-mail; don't vaguely moderate.

Overall Productivity

[Milican]

Alright, if Linux makes everyones job easier then I believe it is the right tool for the trade. If IT doesn't want it on their network because they aren't "in the know" then they need to be fired for not knowing their job. Pretty damn simple. If you're business is computers, how to deploy software, etc.. and you have no clue about other OSes besides Windows then you as an IT professional are ill equiped to benifit your company and you need to be fired. This goes for other OSes as well including BSD and MacOS.

JOhn

Re:Have to agree

[MrBogus]

There was litterally a policy "If you can't fix it in 15 mins, escalate the problem"

Do you why they have this policy? Because they know how much people get paid, how much the insurance and lighting and floorspace costs, lost productity costs due to IT issues, and what the work backlog looks like.

The fact is that the price of managing a corporate network is about 15% software licencing, 15% hardware costs, and 70% labor costs. If it takes 2 hours to fix someone's Pentium, the sad fact is that it would have been cheaper to just throw it away and drop a brand new $800 Celeron box on the person's desk.

Back in my sysadmin days, I was a decent troubleshooter. Yeah, I enjoy it too. I also had pride, I hated to admit defeat, but there was one thing I learned -- There is no such thing as 15 minute problem -- If you can fix it in 15 minutes, it really wasn't a problem to begin with. I also did most of my sysadmin work as a contractor, so I could hear the cash register bell ringing in my head while I was dinking with this stuff.

Files do not magically disappear from an AutoCAD setup. Finding the real problem and CHKDSKing to hell is probably going to take far longer than an FDISK and image dump. One place I worked had a sign in the technicians cage that read Thou Shall Not Open the Case. One of the smartest places I ever worked.

Re:Why are all IS guys fat?

[Wakko+Warner]

SCENE: Shapiro is in a bar, chatting up a pair of rather attractive chicks, who don't seem to be taking much notice of him.

SHAPIRO: Heh, so, anyway, Trixie, anyway I says to the guy, I says, "You have installed Red Hat on your Optiplex. Prepare to FACE MY WRAFTH!" And then I whipped out my Windows 98 bootable CD and wiped his crappy installation clean off his hard drive. Then I told his boss on him. He's in for a heapin' helpin' of trouble come Monday morning!

TRIXIE: You smell like armpit.

TRIXIE'S FRIEND MARCIA: Good God, did you bathe in sweat this morning?

SHAPIRO: So, what say? Wanna go back to my van and screw?

TRIXIE knees SHAPIRO in the GONADS. MARCIA laughs to herself. TRIXIE and MARCIA leave with A LEET LINUX SYSADMIN.

---------- END

- A.P.

--
* CmdrTaco is an idiot.

a story

[nabucco]

I was a UNIX SA at an Internet startup that shall not be named. One of the DBAs installed Red Hat without telling anyone. Since the DBA was in IT, he was on a less locked down subnet than the lusers. Most significantly, POP/IMAP was open on it. I should point out that not only didn't I control the firewall at that point, but the firewall was a political football in a company whose SA's and developers were at war with each other. A skript kiddie hacked in, and used our network to DoS someone (it was IRC-related as I recall). The skript kiddie's history file showed his lack of command of UNIX, which made it all the more ironic he hacked in.

If you're going to sneak Linux onto your networks, do it right. Most SA's don't give a fsck, as long as you using Linux or BSD doesn't give them a headache.

Re:Clueless Management

[killalldash9]

Where I work, if they caught me installing Office 2000 on my machine, they'd fire me for being an idiot. Oh, by the way-- did I mention I run Linux at work? :)

Installing an Unauthorized ANYTHING is bad!

[Travoltus]

Some folks don't understand the chaos that occurs when you sneak whole servers onto the network that are unaccounted for.

I hate to break off from my usual Linux advocacy at all costs here, but like the doctor should be the final arbiter of what treatment you receive (over the insurance company's opinions), the IT department should be the final arbiters of what goes on a network (despite the will of the programmerS).

If the programmers have other ideas, take it to the IT department or the CIO, etc. It's called the chain of command.

Bringing anything in uninvited - especially something as major as a server - becomes an issue of trust. Do you realize that 'sneaking' is 100% bad corporate work policy?

========================
63,000 bugs in the code, 63,000 bugs,
ya get 1 whacked with a service pack,

Re:How to make a killing on banner ads

[Mathieu+Lu]

Write a gratuitously inflammatory story about Linux and submit it to Slashdot. Make sure your servers can take the load, though.

Install JunkBuster. It's very efficient to remove web annoyances (useless cookies and banner adds)

Under Debian, just "apt-get install junkbuster" and tell Mozilla/Netscape to use localhost:5865 as a proxy. :)

Re:Limerick

[Felinoid]

My mind pictures someone being fired for installing a Solarus box on a network run on an unstable offbrand Unix.
(I'm thinking of some of the 1980s Unix titles that were available for dirt cheap and cracker friendly.. not any current title.. hay they may comeback if the market looks good and people start up the mem "Unix = reliable" allways some jerk willing to throw out a lemmon to scam mindless drones)

Asset Tracking...

[wumingzi]

Not knowing what your particular Asset Tracking software does, I'd be hard pressed to make a blanket statement like "Oh, yeah, Linux can do that".

However, if I can spec out an idiot tool:

* Monitors physical disk spec
* Monitors connectivity to the net (don't want
machines walking off completely)
* Tracks quantity of RAM inside of system
* Tracks software installed
* Reports back to a manager system with routine hourly/ daily reports on system status.
* Pages admin in the event of an "incident" (i.e. a machine with no users logged in mysteriously going offline at 3 a.m.)

I see UCD-snmp, Tripwire, and a few hundred lines of Perl code.

Integration time? About two to three weeks.
(I'd say 48 hours and lots of coffee, but since I'm in IT and not development, I get rewarded for being conservative)

j.

Working for you

[Col.+Panic]

That is correct - IT works for everyone in the organization - from the mailroom clerk to the CEO. I don't consider it DEmoting, though

I don't see the problem...

[borzwazie]

I'm a Linux user. But as a sysadmin, would I allow people outside of my group to be configuring and changing my network topology without permission? Would I let users set up their own domains, outside my control, but within my support? NEVER. I'd probably reprimand or fire anyone working under me for changing network topology without my say-so.

That being said, if those same people could prove to me that a new configuration (software, hardware, whatever) would improve the network without a negative impact, well I'd be sure to at least consider it. You have to take into consideration:

* Existing topology, is it compatible?
* Existing staff, what is their experience? Can they support this?

Many of our upper level managers have suggested we move from Solaris to a Windows environment. Lord knows MS salepeople sure have.

What is the real cost of this upgrade? Don't forget that TRAINING your personnel, or hiring new personnel is part of this cost. What if people leave because of the change? Lost productivity training new people equals LOTS of lost revenue.

That's what you have to prove to managers.

Re:"Reformat their hard drives"

[Coolfish]

IS departments should support the engineers, not the other way around!

Absolutely. I can't stand how most IS/IT depts think they are "King of the world" and think it's a major pain in the ass for them to have to work with you. They feel that it's their systems, and they should have full control of them. Okay, right to an extent, but some of 'em tend to lose tract of their actual goals - to support the end user so that he or she can do what needs to be done for their job! They are in SUPPORT positions, not there to rule all things computer related!

Even worse when they try to pass off their job onto you, cuz they know you can figure it out. One IT guy asked me if i knew how to program, and i'm like "sure, what language?" and he's like "MSDOS batch files". Hrm.

Where's the money ?

[DVega]

I'd donate $10,000 to the FSF if Linux contributed more than 10% to the total number of unique hits.

You will donate ???

How do we suppose to find you to get the cash ? You are Anonymous Coward

This post was made under Linux

Re:Where's the money ?

[oog_rocks]

there are some stats around here somewhere, can't find them now, but the highest ranking browser was windows netscape, followed by lunix netscape, followed by ie. about 30% was linux.

Re:I don't see the problem

[kevin805]

It doesn't take much knowledge to set up an insecure Linux box that will bring down the rest of the network.

It takes significantly more knowledge to set up a secure Linux box.

Obligatory Car/Computer Analogy

[jefftp]

Something you are not likely to hear anytime soon:

"I worked at a place that gave me a company car. I didn't like that it used gasoline, so I spent the money and time and had it converted to use propane. Propane is not only cheaper, but is also better for the environment."

The problem isn't Linux, the problem is people who are overstepping their authority and possibly creating more work for someone else.

What I haven't seen in this discussion....

[Kevbo]

Is that just *anyone* installing *any* OS is a major security risk. In any environment where security is a major issue, allowing all users to have root or administrator access can be a major threat. Think of all the tools one can run but require root or administrator level permissions to install or use! Once someone has that kind of access on the network, they can gather a lot of information, and conceivably cause a lot of havoc. Something to think about....

Re:I'm disappointed

[I_redwolf]

Ahhh you seem to be missing the boat. If someone really wanted to hack the damn network they would of found a way LONG before installing linux. Your assumption is that if they install linux they'll have the tools to do so. Whats the problem with that? Your network is supposed to be secure in the first goddamn place. You sound like one of those kiddie admins that have a firewall set up and think you're secure.

If windows is handicapping the user why the fuck does he/she have to beg you to use the tools that will work for him? Get a fucking clue.

What changes to the network are you talking about?! NOTHING happens to the network if a user installs Linux on their machine. So if you could expand on this I'd be happy.

Why is it assumed that if the person is running Windows they are incapable of messing up their system (and possibly the services provided for others) quite royally?

Have a good day.

Re:OSes sneaking in?

[killalldash9]

"I can't understand how an OS, other than Linux (or other free OS) could just sneak in. OSes cost money, someone has to approve the investment. Surely workers don't pay for the software they need to use at the job themselves? And not paying would be piracy. So there."

And no one would ever think of commiting software piracy, right? Ugh...

Fire your programmers

If your company has programmers employed, you should probably fire them. You may not be aware of it but they actually produce .exe files. All day long!

Maybe firing them is impractical, but at minimum you must require that an IT person is present to give permission each time a programmer makes a .exe file (they call it "compiling" or "linking"), and/or executes it.

It is after all a new program that the IT department has to evaluate whether it should be allowed on their network.

Re:Fire your programmers

[grahammm]

Things may now be different (I have worked for very small companies, where there has been no separate IT department, for the last 10 years) but when I worked in the IT department of a large (mainframe) installation, most of the programmers were part of the IT department - because programming is an IT function.

Re:My employer gave me an award

[acceleriter]

VMware's part of my plan in the event the Network Nazi faction of IT gets its way in my organization. One thing I have yet to figure out is how to patch the executable to allow an arbitrary MAC address, rather than that telltale 00:50:56:xx:xx:xx (00:50:56 being VMware's OUI).

Re:I'm disappointed

[heymull]

Here here. I'd be pissed, too. I don't even like it when someone changes the 'wallpaper'. But that's just me.

Re:From an IT Management standpoint

[Patrick+Hancox]

>>Slap his wrist, tell him to think twice the next time, and move on.

repeat over and over as each "self-managed" user botches SAMBA because they didn't think they actually need to understand SMB networking.

Just follow the RedHat wizzard'ish thing and make sure you answer any hard questions with the name of the (a) real PDC (b) master account domain (c) main WINS server. Don't forget to have an attiude when the stupid IT guy dares ask you aboutt your new system.

Re:It's a corporation, not a democracy

[alecto]

Where in my post did I say I was not following the rules? I have the good fortune to work in an environment where eye-tee doesn't (successfully) dictate terms to the people they serve.

While there are often legitimate reasons to constrain operating environments, rhetoric (to steal your word) about firing people who dare to install a "non-standard" operating system or application is inflammatory and, in most shops, unenforcable as well. (Often, IT has a job to do other than micro-monitor the users--if they have time for that, they're ripe for downsizing and/or outsourcing.)

While there's an awful lot that can be read into what I posted, the fact is that I only said open source tools that are useful will displace closed source tools that aren't as much so, whether IT likes it or not. Ultimately people with the best interest of the whole organization are in control, not the self serving people in some IT departments that want to follow some particular vendor's line because it makes their jobs easier.

Translation: IT would often like to dictate platform and get paid for mindlessly implementing a single (or few) vendor system to the exclusion of better tools. The people forced to use inferior tools will, (in organizations that aren't dysfunctional, within and outside of the "rules") get around having to use them. Then the rules will change.

(Also, your reference to Brezhnev is quite appropriate--the Soviet Union didn't make a profit, and other organizations run that way won't be making much money in the long run, either. (Although Shapiro is more like a wannabe Stalin, but I digress.))

Re:It's not that we hate Linux...

[Chandon+Seldon]

What kind of moron sysadmin who makes his network so insecure and unstable that a single client machine running something unexpected can break everything? If you scripts are so crappy that they assume things that have a good chance of not being true, you should resign now. (Windows NT service pack 4 blah! We can't install SP5, it'd break my scripts.)

It's not like someone's pingflooding the DNS server...

Clueless Management

[Khan]

I wonder if Mr. Shaprio would feel the same way if someone installed Office 2000 on one of their machines. I'm sure they would be more than willing to allow for that infraction. Give me a break, Jeff. Buy a clue and do your homeowrk before you ban anything and fire the individual responsible. Dumbass.

Re:Clueless Management

[Asgard]

Well, in all likelihood you would have problems if you installed O2K on you machine -- you'd end up expecting everyone to be able to read your files. Linux (and the accompanying applications) means that the onus to convert files is on *you*, and you won't go crying to Tech Support if it doesn't work.

Re:Clueless Management

[Strog]

It's a matter of support. If you installed Office 2000 on the payroll computer you would have hosed up a $50,000 payroll package because it relies on Access97 and won't work with 2000. The couple hundred people who aren't getting paid are going to be furious. Of course they would get paid after the entire accounting department works a ton of overtime to do it manually. I would kick you butt but would have to do it quick because you would be fired in a hurry. We have a lot mission critical apps saving a lot of time here. If you hose up one of these apps then it could be done manually but it would throw off schedules across the organization and cost dept managers a lot of overtime into their budgets.

A lot of the things I do at work rely on paths and installations being the same. I have to make a lot of adjustments as it is with everything being the same. There wouldn't be a chance of keeping up if people were allowed to install their own apps/OS.

Re:Clueless Management

[flyneye]

Ill bet the voters in the district and the school board would like to know he puposely Doesnt use a low cost solution for any reason or unreason.
Bet that would piss all of tennessee off.

This man has no Slack

Re:Clueless Management

[Calamari+Indigo]

I see your point =but= where I work if they catch you installing Office 2000 on your computer there will be hell to pay. It doesn't fit into the Grand Corporate IT Scheme.

But that's just my experience.

Re:Clueless Management

[Negrom+Victori]

here,here!

Heh, secure?

[Jeff+DeMaagd]

If it's a Windows shop, you probably have a leg up just because of installing Linux.

Yeah, Windows can be made secure *snicker*.

It's only a job.

[Craig+Davison]

You didn't have to sneak anything on to a machine if you need it. Ask your boss to contact IT. If they're preventing his employees from getting work done, he'll tell his boss. And so on.
If you still don't get WinNT 4, you didn't need it in the first place.

You must be one of those "geeks" that takes their project personally. It's only a fucking job.

Re:It's only a job.

[imagineer_bob]

Actually, I was a VP with the same rank as the chief IS guy. And I still couldn't do anything (other than leave, which I did!)

--- Speaking only for myself,

Look at the sources

[lkaos]

What has slashdot come to when the post stories who sources are freaking net-admins for publics schools. ""Destroy their servers and fire them," says Jeff Shapiro, director of technology for the Kingsport, Tenn., public schools." You've got to be kidding me. What power does this guy have. Just because he controls 50 Windows boxes in some lame Novell network in Bumsville, Idaho doesn't mean his opinion has any crediblity or is slashdot worthy.

Re:Look at the sources

[gbsmith]

Moreover, what has the world come to when the Kingsport, TN schools are being run out of Bumsville, ID!?! ;-)

GBS

Re:Look at the sources

[1337d00d]

ph33r ph33r

Re:MAIL MACHINE is HOLY

[firewort]

Thanks for contributing to the discussion by insulting me.

Not the mail server, your own client machine.

If you can't recieve your email, you may as well be on vacation.

Yes, IT is supposed to be in charge of all IT resources. They were hired to decide what resources are available to you.

If you're making your own decisions in that area by deciding what resources *should* be available to you, and feel justified in doing so, then *YOU* are the person breaking the organization.

On your home machine, do all you like. On the work machine, Property of Work, IT's Responsibility, do what work allows. If you must have something as broad as a different OS, get their cooperation, you can't just go and install it, and if it breaks expect them to fix it.

THIS IS WHY there are Bastard Operators From Hell.
They have to deal with people who change the systems they're responsible for.

Here's a test. Bring a PowerMac into the PC office. tell them you expect them to make everything compatible for you. Watch them censure you, or fire you.

You said:
If you want to provide some real value, fix the problem.

I say:
Fine, but you don't *fix* anything by installing OS's or software out of the blue. You must discuss it with IT before you sideswipe them by making it appear on the network all-0f-a-sudden.

A host is a host from coast to coast, but no one uses a host that's close

They forgot something...

[mbadolato]

They forgot the part about "Stand up and clap wildly, as someone had the brains to know that Windows blows..."

what their webservers are running

[spoonyfork]

The article contains quotes from two IT "professionals". I did some quick checking to see what their respective organizations ran for webservers. Here is what I found:

Jeff Shapiro, director of technology for the Kingsport, Tenn., public schools:
www.kpt.k12.tn.us is running Netscape-Enterprise/3.5.1 on NT4 or Windows 98

Chip DiComo, network manager for shipping firm Hellman Worldwide Logistics in Miami:
www.hellmann.net is running Microsoft-IIS/4.0 on NT4 or Windows 98

Don't ask, don't tell, don't waste time

[#smd3]

If an IT manager stumbles on to a Linux box on the network that he's never noticed before then is it really worth the extra effort to change it?

I realize some companies have rules about this sort of thing, but maybe it'd take someone being surprised to learn they are really using Linux to get them to wake up to the possibility of using Linux as a viable alternative.

Re:Promote them to IT staff.

[Delphis]

Yea, I'd like to see other people where I work knowing more about Linux. As the network admin there myself (we use Linux on our servers anyway:> ), I would be happy to see what they knew about it and if they could be a helpful addition to the IT staff, try to get them moved there :D

We run a bit of a mix of stuff anyway.. Linux servers for internet stuff.. Novell for fileserving and an IBM AS/400 for the company order stuff... fun. :D .. Everyone uses Windows 95/98 on their client PCs. Be nice to switch to Linux once the office suites are really there.


--

Are you guys serious?

[DrWiggy]

This is not an issue about letting users use the tools they need to work in my company - the issues are ones of security, costs and management. To allow employees to install whatever they want, where they want is basically making any attempt at a security policy futile. I expect most of you have got nice, cushy dot-com startup jobs in Silicon Valley where there is so little of commercial value held on your machines, that this point doesn't matter. Where I work though, we make profits, like to protect them, and therefore take security seriously.

In addition to that, if a user installed NT on my network, I would be reluctanct, because I don't know NT. If the employee goes, I'm shafted. It's the same as an NT admin being concerned about me walking onto a site with *BSD CD in my hand.

Lastly the costs of running a multi-OS environment are much higher due to the fact that you either have to pay somebody who knows all the OSes (very expensive) or hire multiple people to support them (also, obviously, very expensive).

You might think it's all good fun sneaking your favourite OS onto your work machines (I couldn't give damn what OS it is, just that it's not corporate policy), but in my company it goes strictly against the security policy, and therefore as a result, you're looking at a bare minimum of a verbal warning, and possibly immediate dismissal depending on the circumstances.

The company's machines are just that - the company's. They're not yours, you have no right to alter the OS on them, and if you have a legitimate claim for another OS, perhaps you should suggest it and let the people responsible for looking after your network (and therefore your jobs) make an informed desicision. In other words - grow up!

Re:Are you guys serious?

[selin]

Well, although I have to agree with you on most of your points, consider several facts.

1. Because of employees 'sneaking' their favorite OS onto their computers, we have a 'standard' today - Windows. It was not approved by managers in it's inception either.

2. The open-source movement is critical to the long-term financial viability of using computer systems. Allowing an industry which has proven its desire time and again to head us into highly-profitable to them, financially ruinous to us, closed-system dead ends is ludicrous. Perhaps you have not taken a serious look at the history of the companies involved - or the purpose of the computers in that market.

I liken the people who install the new OSes onto computers in the corporate environment to agents of chaos - which allow for evolution - and hence, the potential for improvement (read that as lower costs through new ideas).

Perhaps you've grown up too much.

Re:It's not that we hate Linux...

[update()]

Speaking as a user:
The main gripe I have against IT people is that they think the point of computers and networks is to serve their interests. No! The point of IT is to enable employees to best get their work done, not to provide the most elegant and tractable system for the admins to preside over.

If you're barring employees from using tools that would make them more productive because they don't serve your interests, you're falling short, not them.

You can take my Mac when you pry it from my cold dead fingers ;-)

What To Do...

[ekmo]

If Windows Sneaks Onto Your Network

Re:I'm disappointed

[Grail]

The same sort of thing happened to us at work. We have a Linux network, with a Solaris box for development under Solaris, a couple of Windows 98 boxes for secretaries (who live on Microsoft Word and MYOB) and assorted routers and appliances.

Then some fool decided he'd install Windows NT, on a box he brought in from home.

He figured there was no Windows NT server already on the network, so his box became Primary Domain Controller (that's a choice the user has to make during install, implying that Microsoft assumes only MCSEs have access to Windows NT install CDs).

For three days we're trying to figure out WTF was wrong with our network, until we figured out that this box "Pyramid" was a machine that we hadn't seen before. We disconnected that office from the network, and everything came back to normal.

The same thing could have happened if it was a Windows network, and the guy had installed Samba on his personal Unix/BSD/Linux box.

Moral of the story - Don't mess with/on other people's networks unless they've okayed it.

Another Limerick

[qnonsense]

I say FrontPage 2000's the Pits,
But my Boss seems to think it's the Shits.
(so) I threw BO2K,
On his Server one day,
Now the Network's at my fingertips!

Pat on the back and a juicy raise.

[The+Evil+Beaver]

That's what I would do - but then again, I'm biased. But Winblows 98 has screwed me around enough to make me dream of fragging Billy Boy in Redmond.
Hrm... A HL mod of MSHQ, with a CD launcher, virii, and one giant Bill Gates as the final boss. The G-Man at the end pulls off his face to reveal that he's really Janet Reno... But I'm sure _that_ part would give people nightmares for the rest of their life. I'm already afraid.

Re:Pat on the back and a juicy raise.

[The+Evil+Beaver]

Only the HL mod stuff. And even then, I would still like to see and have such a mod.
But I've suffered much trouble from Win98. From my modem not working for two months (August and September), to constantly losing whatever I'm working on whenever Windows is in a bad mood (I guess it doesn't like Winamp that much), I am subjected to all sorts of horrors from Redmond.
Windows spells trouble. And anyone who undermines it has my undying respect.

Turnning the tide

[Felinoid]

Addmittedly this is in the hands of the IT department and of the IT manager is all pro-Microsoft there isn't much you can say or do.
But for many it IS posable to turn this around on a grand scale.
Basicly talk the IT into certifying a Linux setup.. maybe a inner office build using Linux From Scratch (optomised to the standard hardware used in the office).
Talk em into a "clean sweep" of the office.. Not just one machine but the whole department.
This will more than cover for the few ITs who say "NO" and refuse to install anything but an approved NT system.

Don't look at all thies situations as a roadblock to getting Linux implemented. It may be a bit of durty pool to get whole departments to drop NT but then this IS how Microsoft plays it and it's not wrong if an intelegent IT dose it for the benifit of the busness. You simply need to sell him on some key points.

(Do some net research I don't really feel to good right now and really can not provide a good rundown of keypoints for selling Linux at this point in time)

Once you have whole IT departments changing over to Linux you pritty much kill all the MsFUD.
I think this may be the short road to getting Linux compleatly into the mainstream.

From there it's a short road to premoting BSD and Solarus as well.. "Linux is just one of many *nix solutions"...

The problem is with the IT departments

[MeanGene]

The IT departments in most of non-tech corporations are so outsourced, it's not even funny. So they've got a contract saying that they support only certain OS(es).

Some time ago I actually wrote a business case to let me install Linux or a commodity PC. But our IT department scratched their collective ass and gave me a Sun workstation that probably cost at least 3 times as much. I had to install gcc on it anyway...

Uh

[Operandi]

"The article's author (rightly) points out that this is probably an unstoppable phenomenon"

Reality check: The firm management controls the firm and what takes place in it. If they don't want you running on workstations at work that they provide you with, you will not be running it. If you do they can simply fire you. To say it's unstoppable I think is not realistic. I'm not saying it is right but that's the way it is.

Regards

The only thing that surprises me...

[Enahs]

...is that you didn't get modded waaaay down. Didn't you know dissenting opinions aren't allowed on /.? =)

Another thing to keep in mind: if you're in the kind of office environment where you're not allowed to install your own software, not allowed to take materials in/out of the office, etc., and you go ahead and install Linux on a machine...good luck. In August I left a business that, essentially, you could lose your job if you ran Norton Utilities on their Macs, and you didn't have a certain job title. I'm sure they'd have been more than happy to stick a boot up my ass for installing Yellow Dog. =) While the prepubescents on /. might see this as an evil that needs to be expunged before they hit the workforce, I say it's a necessary evil.

Rather than going off half-cocked and installing Linux "because I can" draw up a proposal. Show why having Linux instead of/in addition to Windows/MacOS is better. Convince the powers that be. If they don't like it, then swallow the bitter pill and keep using Windows/MacOS. People have to do similar things in all professions daily. Being in a tech field doesn't make people better than others.

Re:The only thing that surprises me...

[softsign]

I've got enough karma to say what I want. Fuck the party line - it's stupid. Not to mention hardly any better than the zealots who cling to Windows.

This article doesn't say anything that any rational administrator wouldn't agree with. Yet on /. it becomes another example of the suits not "grokking" the wisdom of Linux Everywhere(tm).

Why not shake things up? Linux is not the saviour it's hyped up to be. It's a good OS, a damn good idea but it's not All That (and a Bag of Onions)(tm).

--

Re:IT people are assholes.

Sorry to post anonymously, but my IT Hitler may read Slashdot...

Uh huh... I might, eh? Well, Steve, you'd better start packing your little cubicle toys...

Promote them to IT staff.

[vaxer]

If I found out that someone had been using Linux without talking to me about it, I'd ask them if they'd be interested in doing more IT work.

I'd also address why they hadn't felt comfortable talking to me about it. Communication problems can bite you in the ass later on. Mostly, though, I'd be proud, and a little bit scared, to have a fellow geek on board.

Re:Promote them to IT staff.

[Phil+the+Canuck]

The admins in the article rarely stated any opinion of Linux. They stated their opinions of users who install unauthorized software.

Where I work as "god" (lol), Linux is quite welcome. It is a long-term goal to increase its usage here. I'd have a similar response to those in the article (although not as blindly arrogant as "destroy their servers and fire them") if I found someone installing MS Office, and I've almost stripped out the last of the NT boxes.

At my next job, the reverse could be true. I wonder if your attitude would change if it was NT invading a Linux environment.

Re:Promote them to IT staff.

[BeanThere]

"Mostly, though, I'd be proud, and a little bit scared, to have a fellow geek on board."

I have a suspicion though that a fair portion of the IT admin's they interviewed for that article are so dead against Linux because they probably don't understand Linux/Unix based networking, and don't want to let on how clueless they are. They certainly don't want to have to admit that one of their users, over which they are "god" in that domain (no pun intended), may know more than they do. It's far easier to just hide behind excuses like "we have standards around here, and we've standardized on NT, so anything else goes".

Sure, they're not all like this (and naturally you get clueless people playing around with Linux too), and many are pretty clued up. But some aren't; some just need to feel that certain amount of control that they have by managing IT in a company. Letting clued up "renegade" users start using Linux means losing some of that control.

Thats probably why they don't feel comfortable about asking confronting people who plugged Linux into the network - it's a perfect situation to get into a conversation where it may become obvious that they don't know as much as everybody there thinks they do - so they feel insecure, maybe?

Re:Promote them to IT staff.

[henley]

Mostly, though, I'd be proud, and a little bit scared, to have a fellow geek on board.

Here's where you have to think Corporation not Ego. Having a fellow geek on board is *good* for the company. Speaking from experience, 2 heads are always better than one - even if those 2 heads operate by trying to out-compete with solutions.

After all, I can't be the only one whose best work has been when under pressure to prove geek bragging rights...

Re:Promote them to IT staff.

[heymull]

"Promote"?! We would consider that a demotion at my company. UNfortunately, but that's the reality of it. I program in secret for fear that someone will get the crazy idea that I deserve to be moved into IT :)

Re:Promote them to IT staff.

[BeanThere]

"At my next job, the reverse could be true. I wonder if your attitude would change if it was NT invading a Linux environment"

My attitude would be the same, if you'd read my post properly I think I clearly made my point. Control/power freaks are the same no matter what field they're in. It seems you've some stuff into my post that just plain wasn't there. It was not implied either. My post should be read as it was written. I was not attacking *you* or "your kind" - it doesn't sound to me like you are one of the people I'm talking about anyway. You'll know if you meet some.

Re:Promote them to IT staff.

[Phil+the+Canuck]

"I have a suspicion though that a fair portion of the IT admin's they interviewed for that article are so dead against Linux because they probably don't understand Linux/Unix based networking, and don't want to let on how clueless they are."

My point was that your post assumed a position by the interviewed admins that they didn't present. I didn't think you were attacking me.

I've met plenty of power freak admins, in fact I replaced one at my current job. I just don't see much proof that these admins are of that particular subspecies. Some, but not much.

Re:Just like company email servers...

[mr]

>therwise all-closed-source company (yes, official company policy, set by the legal department not IT, forbade the use of GPL'd software.)

So?

Load up BSD then the NEXT time you run into such a road-block.

If they don't like BSD licensed code, point to the BSD copywrites in Windows and ask when they will get rid of that.

Stop thinking the Open Soruce OS world is all Linux.

very classic

[BenLutgens]

this is disgusting. The whole Idea that someone would get that worked up over an alternative operating system on thier network is utterly disturbing. I could care less what operating systems people use on my network. Only thing I care about is that I know what machines are on what IPs. Then I regularly check for strange activity through aggressive logging and what-not. People need to lighten up. But first and foremost people need to get clearance before they go and install a *nix like os on thier company workstation so as not to get their security types all in an uproar.

Re:very classic

[ErikZ]

this is disgusting. The whole Idea that someone would get that worked up over an alternative operating system on thier network is utterly disturbing.

Don't be angry. Imagine being in charge of a department wide MS network that constantly has problems from the users up to the servers. The poor souls are killing themselves trying to get things working reliably, and so when someone suggests an OS they don't know or understand, they freak. Don't be angry, pity them.

Sneaky Linux.

[webrunner]

The scene: an office, filled with cubicles. An IT worker walks down one of the rows, takes a look down a perpendicular line of cubicles, and then, satisifed, turns around, and wlaks in the opposite direction.

A lone penguin comes out of a nearby pool of water (connected directly, of course, to the Alaskan sea). THe annonymous bird leans up against a cubicle, and checks down the corridor. Seeing an IT worker, he ducks back behind cover, and quickly runs up behind when his back is turned, and then ducks down another way. he eventually makes it to the elevator, and presses 'up'.

The penguin removes his infiltration gear, and the words blare across the screen:

METAL GEAR LINUX
Tactical Operating System Installation Action!
----

Re:Sneaky Linux.

[webrunner]

yes, but Metal Gear Solid happens in Alaska.

----

promote the person...?

[giantsquidmarks]

they have open source skills greater than 99.9 percent of the people who work at IBM...

WHAT THE!?!

[Negrom+Victori]

if I read Right, people get in trouble for using a supirior OS while all you other guys make big bad bill rich!!!! Somthings wrong here! I don't see why companies dont like linux I mean you can even get the raw versin free! for those of you "non-believers" out there, here are some cold, hard facts: 1: windows will crash at the drop of a hat while you couldn't crash linux if you tried. 2: linux isn't run by a power hungry corperate shark who intends to rule the industry. 3: linux is easier to configure, control, program in and use than windows (ugh! I can't believe I managed to type that horrible name without dilberate spelling errors!) 4(and lastly): linux has way cooler mascotts.

Linux today story quashed

[Martin+Spamer]

It seems the Linux today story has been quashed. This Story has been unposted. 2000-10-22 03:23:33 UTC (0 Talkback[s]) (29704 reads)

The question is Why ?

Can anybody post it here from their cache, so that we draw our own conclusions ?

Have M$ legalal egales been throwing their weight around ?

Samba is what samba does.

[nevets]

Sorry, I just got done watching Forest Gump.

Yes, I feel for you. I'm one of those programmers that "illegally" installed Linux on my machine. But I was able to prove my productivity due to it.

But....

One day trying to set up a Lab NT machine to verify users to a global account through my Samba/Linux box, I tried a few configurations, and later gave up on it. But what I didn't realize is that I left "local master = yes" and work group equal to my companies domain. Opps!

It took our IT department three days to find my machine. ALL windows machines in my subnet were not able to access net drives or printers. I came in on a Monday morning to see a piece of paper on my machine that read:
ATTENTION: one of your machines is preventing all Windows machines on this floor from accessing the network. We have disabled your port. To be reconnected, call the help desk
Lets just say, they don't like me very much ;)

I don't agree with all that you say, but I do feel your pain!

Steven Rostedt

Re:Samba is what samba does.

[nevets]

Actually there is more to the story.

I had approval from upper management to go ahead and connect to the lan this way. But our IT is vendored out and I it took a long time to get anything done, so I needed to get around it to make dead lines. This would not have happend if I had a quicker response for those that control the network.

I'm here at work to get things done, not go wait around for others to fill out paper work. I've taken these types of gambles before, and the majority of the time, I have saved the project. I also have been recognized for doing this. That's probably why I stay out of trouble.

I just thought it a funny story ;-)

Steven Rostedt

Re:Samba is what samba does.

[nevets]

wink wink nudge nudge....

;-)


Steven Rostedt

Linux is a virus?

[kinnunen]

Suddenly I'm much more worried that it might mutate.. This really puts that Microsoft ad in to a whole new perspective, it wasn't just some random propaganda, it was a virus bulletin.

--

Re:I'm disappointed-again

[Mr_Ceebs]

It all comes down to the fact that If you sort it out with the sysadmin first and work with them then they are far more likely to say yes to the install than if they just happen to find your machine sitting on the network. especially if you have made a small mistake in the install script that screws up the local segment. If you have talked first and IT feels that they are partners in testing new equipment on the network (without them having to take time from all the other pressing jobs that people want them to do right now.) then they are generally going to describe you as 'helping in security testing' when a network segment dissapears and a selection of your collegues suddenly start shouting because things are not going well in their electronic workspace.If however they don't know about it then they will be out for blood

Some IT people are NAZI's and you won't get anywhere with this approach, but then you know that If they find you running unauthorised software on their system then they are the ones who are going to hand you over to management with a large sign that says 'kick me' taped to your back.

Speaking as a sysadmin If I know that someone is running an exotic OS variant on a section of the network then When things go wrong I can get the service up and running for the rest of my users that much quicker. We fairly often get the idea from users that we just think the network is run for our benefit, I have yet to meet a sysadmin who thinks this way. from the sysadmin's point of view the major problem is the individual user who is of the opinion that the entire system is run for their benefit.

How to make a killing on banner ads

[Mark+Gordon]

Write a gratuitously inflammatory story about Linux and submit it to Slashdot. Make sure your servers can take the load, though.

Re:How to make a killing on banner ads

[agaffin]

Oh, geez.

Guys, we posted that story last Sunday night, like *six* days before some Slashdot user posted a link to it (Linux Today had it way earlier).

Much as I love driving up our page views (and don't worry, our servers can take the load), I have better things to do than try to inflame Slashdot users.

-- Adam
Network World Fusion

well duh!

[ArchieBunker]

He works in an NT shop, what would the helpdesk know about linux? Damn the zealotry at work here.

Re:well duh!

[new500]

well, wait a moment,it might be appropriate to describe us as a NT shop too, as a large proportion of our client work gets completed on NT machines running Photoshop, InDesign and soft proofers, but that doesnt mean we have to turn into a bunch of fascists, which is the blunt word which comes to mind reading these guys rant on with catch phrases like "Destroy their servers and fire them,".

This sort of attitude just smacks of ill considered intolerance, the arrogance of power as egos can so easily be stroked to get fatuous comments like these for a magazine to please its advertising base.

Now NT, or moreover Win2k in our case sucks more the more we learn about it - but our "decision" is hardly final and all encompassing. (talking about a statistical majority of installs here) We tend to think system choices are flexble at the level of investment and size we are, according to how flexible we are to learn and adapt - as opposed maybe to being brainwashed and adopt. It would seem to me a pity for IT professionals to be so tied into one system or another and I wonder, as we grow, if his is not a fact of life we are not actively trying to avoid / ignore.

This will probably come across as a disclaimer of a kind, but in our shop a majority of NT systems were chosen in part because we trade advertising slots (which drives design work as well) and needed CTI which was not available on the Mac, giving us the choice between coding or supporting two systems. We were too small to choose these other options. Had Apple been on schedule with - X then we would have been switching out this year already. Right now we're also running Deneba Canvas beta and Framemaker Beta on SUSE and RedHat, praying that the WINE libs will allow us a third horse choice (IMO Canvas + Framemaker covers the bulk of our design and typography needs, but I wish these guys would do properly native ports). But my point here is that historical arrogance (in Apple's case) was a turn off for us, just as the arrogance of the comments by Di Como and Shapiro in the article are also a turn off, and I expect this may be the same with many other readers. If we had a choice (and amusingly it would be mine ;-) between retooling and retraining and having browbeating thugs like these guys run our networks, I'll take the retrain/ retool route and I bet people here will be with me.

If we were a *big* company, I would expect any IT/IS director we hired to be knowledgable and competant (not necessarily guru) across Linux/Unix as well as other operating systems (NT and maybe AS400 come to mind, permitting Mac OS X can at least be administrated as BSD despite the key advantages lying elswhere). The issue I see here is that it is damn hard not to be increasingly tied into "proprietary solutions" as you grow _if_ you are not prepared to hire a classy internal shop of coders. Summarily (because there's too little space here for much of a discussion) I think that the internal shop wins hands down for a business case, if you can do it. And so for us the most difficult thing here right now is trying to raise the technical awareness of all our users to inculcate the kind of environment which can be responsive to in house developments, thus preempting the unnecessary or misguided end user cries for shrink wrap crap and locked in licenses.

This brings me to my other real gripe with the opinions given in the article - e.g. "Investigate to determine if a business case has been presented to management for the offending box,". Oh, man just why are these people mouthing off about a comment that is surely just a fact of life for anyone with a IT policy?? To reiterate such a simple rule for the "public benefit" in an article - just smacks of chest beating. "Look at us, _see_ how hard we are with our rule book!". What nonsense. And what is a supposedly reputable trade site doing replicating elementary mantra under the guise of an article? This is not advice, nor is it educative. It is simply autodidacts in print (or html).

Comments about third party apps not being supported on Linux just reinforce the problems you can store up for yourself when you pay someone else and trust them to provide for your needs. In comparison with this it feels very good - and very healthy for our business - to be able to seriously consider linux or BSD for the range of tasks we can.

I can in fact imagine ('cos I'm a cynic) a time we might have linux across virtually all our systems, and, having been so sold on the patent advantages, act in a similar hostile way to introductions of new systems which are not "tried and trusted". Man, will we have dropped the ball if that ever happens.

Admissions of Linux reliability

[new500]

. .

"We sat down with them and agreed that they could use their Linux box as long as our phone didn't ring when they had critical problems," Maday says. "So far, we haven't heard one thing from them since the meeting we had a few months ago."

Could this be the second (see MS advert article)inadvertent admission of the day by a Windows IT zealot that Linux has advantages? Or am I missing a trend?

== Idle Random Thoughts. Usual Disclaimers Apply ==

Re:Admissions of Linux reliability

[mikem2002]

Actually, no! I'm a NetWare zealot who runs Linux, Be0S, NT, MacOS...

I'm fully aware of the benefits of Linux, it's rock solid, has an incredibly long shelf-life, and runs on the slimmest of hardware.

Please keep in mind the article was about renegade boxes...those that have a foothold within the network and providing a service to users without the IT guys knowing about them. We have a case now where MARS_NWE is SAP'ing out on the nework and messing with the Netware IPX clients...because of one "renegade" box. That's not good with several hundred users are affected. I get to work on finding the guy with this service running and tell him to shut it off! Why have him shutdown his MARS__NWE service? It's not needed. He can use his Linux machine all day long, but not when it's interfering with other network operations. I get to work on that the rest of the afternoon. Fun, eh?

We use Linux a LOT around here! It's no stranger to our environment. But it can't just show up and serve files for workgroups. Why? Because when we get calls from users that say "can you retrieve my file from backup tape? I deleted it." And we never heard of the server it's on! We need to know to help out the end user, not leave them hanging. I don't care if they use Linux as a desktop workstation, but as a server, we need to be aware of what will be up against months down the road.

Thank you.

Mike Maday

mikem2002@madays.net

Re:Admissions of Linux reliability

[nan0ok]

Of course not .. they'd all been eATEn by ThE 27 FeET MuTANT PenGUINS of FinLAND!

Re:Sneaky Linux - dammit that would be great TV!

[timothy]

I'd like to see more TV commericals for Linux (not that I watch TV often, but still ...)

that scenario you named would be hiliarious. Imagine 15 seconds of that followed by a quick, funny blurb on Red Hat (or VA or anyone else with the money to make TV commericals ... heh, how about MS-backed Corel?);) ...

gentle humor is a good tactic. Portray the particuloar kind of Windows-centric IT bureaucrat who's autocratic, stuck in the past and narrow-minded, and contrast the open minded, creative, dynamic Linux guy. (There are both types in both camps, actually, but the perception I have is certainly the other way ...)

MS has lots of people in marketing, remember. If companies like Red Hat and VA are to survive, they have to at least defuse the MS marketing bomb ...

timothy

Way to fight Linux

[krokodil]

If Linux sneaks into your network,
just standartize company email
and calendaring system on MS Exchange/MS
Outlook and send all internal documentation
in MS Word, Excel and Power Point formats
exclusively. Thank should take care
of it.

Re:Security and Local Root

[echo8]

A few points: First of all, Windows 9x machines have no conception of privileged ports or privileged users. If you allow them on your network at all, any user could be running the same unauthorized services under windows that they could be under *nix. You may be able to physically secure YOUR systems, but what's stopping a user from bringing in a laptop and plugging it in instead of their desktop? A user which physical access to your LAN can circumvent there security measures (even if your switches insist of having certain MACs on certain ports...). Finally, I don't know what you're talking about regarding "packet storms" but it's certainly the case that if you have systems which are wholesale into using plaintext protocols and insecure trust relationships, you have much, much more serious security problems.

Limited scope

[faeryman]

How is this different than when a computer comes with a non-Linux OS appears on your network. Say I boot my G4 up and happily share my printer or let my workgroup mount a hard drive via Appletalk. I take it, that under DiComo's rules...I'd be fired for not using a Microsoft solution. What if I used a Mac SMB client, or SAMBA if I ran LinuxPPC? Would I be fired then too?

*le grr*

This is more of a problem with restrictive IT managers who can't see there's more than one tool for a job than it is with /just/ Linux "appearing" on a network.

(&DiComo looks like a troll.)

Re:Limited scope

[Evil+Grinn]

Say I boot my G4 up and happily share my printer or let my workgroup mount a hard drive via Appletalk. I take it, that under DiComo's rules...I'd be fired for not using a Microsoft solution. What if I used a Mac SMB client, or SAMBA if I ran LinuxPPC? Would I be fired then too?

When I worked in large-corporate IT, if you shared the hard drive of you *NT* box with your department, you were frowned upon. Or if you wanted any Microsoft operating system other than NT.

Of course nobody got fired for this kind of stuff, but our attitude was that if we didn't set it up and we didn't admin it, then we didn't have to fix it when it broke. I think that's pretty standard.

Re:IT people are assholes.

[Arandir]

They always have to mark their territory and demonstrate that the computer I use is their property to do with what they want.

Prepare for a perceptions-shattering revelation: those computers are their responsibility! If you bring in your own box and keep it off of the company network, then go ahead and do whatever you want. But until then don't treat someone else's property as if it were your own.

They are the enemy for anyone trying to get work done.

No, they're the ones who enable stuff to get done. You think the people in accounting and HR know how to configure a network? Hah!

As a programmer I need to install programs all the time. Programs the IT monkey can't even grasp what they are. So he'll say no.

Then segment your network. But all programmers on their own net and let them configure away! Then when you take down the network you only have your peers pissing on you, and not the people who sign your checks.

but in a programming environment, the programmers can usually run the network better in their spare time.

Hee, hee! That's the silliest thing I've ever heard. Please don't remain anonymous. Let us know who you are, so when you get canned by IT we don't hire you by mistake...

IT and Development don't mix...

[Gandalf_007]

At least at my company. The only time we ever deal with IT is if something screws up with the NT domain server or the Outlook server and we can't log in or use email. Aside from that, we do our own thing, with our NT workstations, our Linux servers, and we're responsible for maintaining them.

On a side not, I don't think we have any "production" level Linux servers, but that's mainly because of the support thing-- when the Oracle server went down we called HP and they made a guy come back from his vacation to help us. I'd hate to be him, but also, I don't know of any company that can provide that kind of support for Linux.

Re:Of course

[Arandir]

an all Linux workstation environment is one that has Free software on it. The person who snuck in Windows 2000 probably has done so in violation of their license agreement.

The W2K license agreement does not prohibit interoperation with free software. I am aware of no software that has such a provision. This is pure FUD and you know it. But apparently you're not secure enough with your own choices and have to disparage the choices of others to make up for it. I prefer to raise up free software instead of tearing down the rest.

I never knew I had it so good

[Nethead]

When I first got hired on at my company I was laughed at for running "Lamex"... All the others were running FreeBSD then. (I've since then seen the light and run FreeBSD now.) That was back when we only had 10 people in the firm. Now we have 150 and an IS department. We now run about 350 web application servers on the production network. We also have marketing departments running windows, NT servers with Exchange and Outlook for meetings. The art department runs Macs and the proggers run linux or bsd (all flavors) and all behind OpenBSD firewalls.

Our company did something that I've never seen before; we merged the IS and NetOps into one department. Now you would think that this would cause a great war but it's turned out to be wonderful. When they needed to setup a file server that would talk to all the OS's we showed them how to build a samba box. When Exchange was having problems with open relays and mail floods, we showed them how to have a sendmail box in front of it as a kind of mail spool/firewall. And when I needed to run visio or outlook, they set me up with a switchbox and a windows box. All the sysadmins and programmers are available to ISNOC and input on all projects. That way the best solution (NT/BSD/Mac/Linux/Sun/Cisco/etc) gets implemented. We also act as our own ISP since we push about 1Gb/s out to the net. We have a wide body of knowledge that can deal with anything the users need. Each user is allowed to use the OS that they feel will let them get thier job done.

If you are a large firm that has lots of programmers, admins and IS gurus, get them together and let them rock.

How about developing policies ahead of time?

[rocketjesus]

First of all, if I were a manager, and another manager from another department tried to fire one of my own employees, I would probably tell them to go take a long walk off a short pier.

However, if the IT department isn't keeping on top of things like this, then they suck. If they don't, today, October 21st 2000, already have a policy on Linux, I would wonder, probably aloud, about where the hell they've been for the past five years, whether they had developed a plan to deal with the release of Windows 3.1 yet, if they'd heard of this newfangled thing called the "Inter-net", and how their horseless carriage has been working out for them.

Thirdly, I think most people understand the need for IT departments to have control over their networks, and that it is important to get permission to modify settings on a machine on the network. However, what many IT departments don't realize is that many of them have no clear path for getting said permission, and it usually comes down to a purely political decision by someone who doens't understand or even care about the user's needs.

So, IT people, before you start flaming people for complaing that it sucks that they don't have any control over their computers, pose as an average employee and see if it's possible, using the resources an average employee would have (IE, not being able to just log in as root and do it) to, for example, switch operating systems, or even just get something installed that would make their lives easier.

Sneaking, dealing, slithering

[PenguinX]

I just love the verbage here - making Linux sound like a "renegade", having it "sneak" into an IT department on people's *GASP* workstations! So we are obviously not dealing with a server or production system here - we are talking about workstations.

It is my understanding that most IT departments are SO lax that they don't have the time to worry about what people are running except for those who are always asking the questions - usually these people do not want to run Linux. In most places Linux is ran by Administrators and people who need a real X server or something with a REAL terminal program. Hell half of the people in the Operations Department where I work run Linux with VMWare simply for Outlook.

Actis Homepage FYI

[scalcote]

This wasn't obvious from the FT article. And it's always nice to know where big brother lives:

http://www.actis-technology.com/index .ht ml

BTW: strikes me that the greatest enemy of a free world is a perfectly efficient government/police force, something which the type of tracking Actis promises places us in danger of.

Just like company email servers...

[Masem]

IMO, if the company has provided you with the computer, it's *their* property to do with as they please, just as the courts have ruled on the monitoring of company email. If you install Linux without checking with the IT departments first, then you deserve whatever punishment the company deems as a penalty for abusing company equipment.

That said, there's no reason to actually take steps to see if Linux can be installed on a box. Write your IT department or supervisior, explain what benefits you *and* the company will get from installing Linux on that one machine. Make sure you explain you'll be completely responsible for that box from technical support to making sure it works with any priopritary protocols on the current network to making sure that it's secure. The latter point is probably most important; your job will be riding on the security of that box, so *you* need to be willing to take the risk and responsibilty to lock it down to the best of your ability. (This brings up the point how much more secure a well-maintained linux box is even compared to a expert NT person -- but you need to define how secure is secure.)

If they don't agree, then there's probably no reason to stay at that company, if they don't understand why different people need different tools to work. Particually if they are in the IT business.

Re:Just like company email servers...

[clare-ents]

If a company provides you with a computer and you routinely have to evaluate software of your choice, providing you've mentioned that the Linux thing might have a useful feature or so I can't see any problems with generating a test system.

Certainly I managed to procure three old boxes to install Linux on to so we could test the usability of UNIX tools and test a failover webserver. The machines were all sitting under the desk gathering dust since they are too low powered to run any iteration of Win(.{2,4})Server.

Re:Just like company email servers...

[Number6.2]

As far as I can tell, this really depends on your company, and your line of management as well.

I work for a company that is M$ centric for workstations, but relies on Sun machines to actually provide our service. The attitude here is "as long as it lets you do your job, and you don't bother the IS guys with Linux questions, you're fine."

The last phrase is all-important. If you use something non-standard, you bear the responsibility of making it work. And you had better not waste too much time getting things to work!

Just In Case, my machine is dual boot. If the suits want to see Windows on my machine, why should I dissapoint them.

To recap: your milage may vary. I work in a geek-centric department, for a company that provides kind of a geeky service. My brother, who works for A Financial Institution, has nowhere near as much latitude as I do.

Should you risk your job in order to get it done? My advice is pick your battles carefully.

Re:Just like company email servers...

[hurricanej]

Make sure you explain you'll be completely responsible for that box from technical support to making sure it works with any priopritary protocols on the current network to making sure that it's secure.

That always sounds good at first. And the solution works great for you! Your co-workers start relying on your system. Then you leave the company for a much better position. Your department is now screwed because IT has no idea how to take on the beast that made total sense to you, but lacked documentation, corporate standards, etc.

Make sure you keep that in mind as you roll your own solution and it'll be much more accepted by those in IT.

-hj

Re:Just like company email servers...

[Patrick+Hancox]

>>I'm sure I don't need to discuss everything that's wrong with that argument here)

Indulge me.

I'm assuming that the production (web?) server was not a linux box, what was it? If the system was a NT/W2K server then there was some truth to their claim. Perl is not a problem but running cgi under IIS is. You get much better performance by running as an ASP and you don't get hit with the -new process for every run- that you do with cgi, on IIS.

but you knew all that allready. Damn IT goons.

Re:Just like company email servers...

[mr]

NT 4.0 server
ftp over the ftp.exe program to your unix box

then strings | grep -i copy

FTP.EXE is an example of Microsoft programs using BSD licensed code.

If BSD licensed code is forbidden in your company, so is Microsoft.

Re:Just like company email servers...

[sigwinch]

if the company has provided you with the computer, it's *their* property to do with as they please

A professional holds their fiduciary duty higher than a bureaucrats paper. If upper management is dead set on throwing away resources, you can't stop them, but it is a professional's responsibility to make them aware of waste and attempt to remedy it.

then you deserve whatever punishment the company deems as a penalty for abusing company equipment

Translation: We don't care whether you get your job done as long as you don't violate Regulation 27B-6.

Make sure you explain you'll be completely responsible for that box from technical support to making sure it works with any priopritary protocols on the current network to making sure that it's secure.

Translation: We're not going to help you do your job because we have pieces of paper that say we don't have to. So there!

Re:Just like company email servers...

[Evil+Grinn]

Write your IT department or supervisior, explain what benefits you *and* the company will get from installing Linux on that one machine. Make sure you explain you'll be completely responsible for that box from technical support to making sure it works with any priopritary protocols on the current network to making sure that it's secure.

My war story:

I managed to get permission to set up a Linux-based departmental server at an an otherwise all-closed-source company (yes, official company policy, set by the legal department not IT, forbade the use of GPL'd software.) on the grounds that it was purely experimental, and that I would be solely responsible for it.

I developed some cgi apps on it that turned out to be very useful within my department, so useful that other departments wanted to use them. I tried to have these apps moved to a "Real" server, but they had been written in Perl, which was verboten on the production boxes! (their stated technical reason for disallowing Perl was that it required a new heavyweight process each time the script was envoked... I'm sure I don't need to discuss everything that's wrong with that argument here)

I was not about to re-write these apps in another language for reasons as stupid as these, so everybody just keep using the Linux server, even though this was technically not a production server.

I've been gone from there for almost a yeat, and last I heard they are still using it. I moved on and left them infected, I guess.

Re:Just like company email servers...

[Erik+Hollensbe]

Unfortunately, this isn't a valid argument.

The law team undoubtedly forbade software which wasn't writted by and purchased from a company, which allows them to sue the shit out of them if something goes wrong. (even though EULA's say otherwise, there have been people that have won suits against MS and other companies for faulty software)

Now of course, I'm giving lawyers benefit of the doubt, but this seems the most likely situation.

Re:Just like company email servers...

[JFMulder]

There is no way an IT will ever give you go the go install another Linux, because, if it doesn't work, even tough you claimed full responsibility for it, HE is the one who will have to install back all the necessary applications and Windows to get you back to work.

Re:Just like company email servers...

[IntlHarvester]

Welcome to the wonderful world of IT, where the most basic fact is that IT never approves anything, but instead it gets put in on the departmental level, gains a user base, and IT always ends up supporting it in the end.

You weren't planning to maintain those Perl scripts forever, were you?
--

Re:sounds reasonable, but it's not.

[NuclearArchaeologist]

No updates since 1998? I wonder how many of those exploits still work. Show, not sell, me the fixes.

Re:Of course

[el_chicano]

Microsoft Windows 2000 [Version 5.00.2195]

Are you saying that Win2000 comes with unix comand line tools now?

---> C:\>progra~1\cygwin\bin\find --help

would lead me to believe that you added these tools to your Windows box.

My point was not that you can find unix text tools for Windows, but that you have spend time to unix-ify your Windows box to make its' command line more useful.
--
You think being a MIB is all voodoo mind control? You should see the paperwork!

What To Do? What?

[resistant]

Network World is running an article on how IT managers should deal with Linux "sneaking in" to their networks, or more precisely, being surreptitiously installed on workstations on their network.

Is this a trick question?

Well, hell, break out the Jolt and pepperoni pizza and party! Next, someone'll be asking you if you have any clear idea of what you'd do if Natalie Portman made a play for you. Geez ....

no, it's not about ads...

[libreazul]

... linux is the WAVE of he future. like it, or not, linux has become the defacto os of the immediate future. i'm banking on it.

time to burn some more karma

[NuclearArchaeologist]

All you micro-turds ready to smack this down again? Last post modded to -1 flame bait will be reposted with improvements. Eat it.

Huh! MS junk costs my company plenty of bucks, and the goodies are all getting broken by the MS march of progress. Yep, that custom tiff server for documents has all sorts of problems with it's printers now. I'm not even going to get into the six or seven easily broken passwords everyone has to generate or the Unified paperless system that could take out a whole rainforest every year. Suffice it to say that people have to did and dig and dig, and then it does not always work anymore.

Now for the orininal post: Sounds Reasonable, but It IS NOT. The point of which was that ANYONE can BURN a MS network with MS BS.

There are reasons for hanging onto Microsoft junk, but reliablilty and security are laughable.

As a user in an MS shop, I can tell you your policy won't stop squat. All those cute litle .exe files people swap around on email come from the web to begin with! If you don't filter web watching and downloading, your NT users are going to download any old thing they feel like. Wingate, sniffer programs, stupid little cursor programs that eat up bandwith reporting employee surfing habits, real audio (barf) whatever! SMS is not going to clean up that broken registry even if you do remove offending programs. In the end, your gonna have to do whay you always do, tromp down to that desk and spend hours trying to fix it with those substandard MS tools. Security on NT is as good as, well security on NT!.

So, what do you tell people who ask for Linux becuase it works better and will shave a few bucks off the departmental budget? I hope you can live up to your claimed flexibility when the trickle of requests becomes a flood.

THE ONLY REASON TO HANG ON TO THAT CRAP IS BECAUSE IT'S THERE. It would cost too much to replace it all at once, so just let MS break it one piece at a time. GET OFF YOUR ASS, LAZY SYSADMINS, MOVE TO SOMETHING THAT WORKS.

Damn... You just described my life.

[Wntrmute]

The first type does it for a year or two and moves on. The second type stays there forever (this is espcially true at helpdesks). If the first type doesn't leave after a year or two, then they get lots of crap dumped on them and eventually have a breakdown and get fired - then recover and move on.

I'm one of your "type 1's" who is still doing it. And I'm at the point right now where I am "getting lots of crap dumped" on me, and *this* close to having that breakdown... :-)

I have a preemptive strike though. I'm job hunting right now...

-Wintermute

Re:Damn... You just described my life.

[shippo]

And my former job as well!

I stuck it out for around 8 years at one place doing 3rd line support. I knew just too much about our core product, and was able to resolve more problems than the UK office of the software manufacturer. I was irreplacable - they just couldn't find anyone else who both understood the product and was able to fix it quickly when things went badly wrong, as was proved when I was off sick and confined to bed for a week.

Unfortunately the product we sold began to die off a couple of years ago, and my employer went into publishing their own product, which was clearly inferior to competing products. I ended up doing first line support for this junk, and I also had all kinds of *crap* landed on me by the head of this software team, such as trying to get document conversion libraries to to what they were clearly not designed to do.

After 3 months of this new regime I just walked out of the place, never to return.

Re:I'm disappointed

[Arandir]

If someone really wanted to hack the damn network they would of found a way LONG before installing linux.

In that case, since anyone who really wanted to break into your home could do so, why bother with a door lock?

NOTHING happens to the network if a user installs Linux on their machine.

What! There's more than one Linux distribution that comes with default settings that do nasty things to networks. The danger doesn't come from the Linux-guru, but the guy who's just trying it out and doesn't know what they're doing.

Re:It's not that we hate Linux...

[Dwonis]

Hmmm... Let's see...

Any "moron sysadmin" that uses, say, DHCP on their network?
--------
Life is a race condition: your success or failure depends on whether you get the work done on time.

Hmm... And I Thought The User Was The Customer...

[HiyaPower]

It has always been my impression that the users of the network are the customers of the IT department. Thus, it is the duty of the IT department to make the customers happy or the customers should seek another source for their services. The arrogance of those IT departments who state that they are the Holy of Holies and know all is beyond the pale. They should be given their walking papers because they display a conflict of interest that will destroy the organization that employs them. If I were in the upper management of a company and Linux started to appear, I would start to make inquiry as to why. Things like this just don't happen for a lark. They come about because some need of the customers is not being satisfied. Linux may not be the answer either, but it is a symptom of such a need. To have a IT department that states that they will be unresponsive to that need, is a IT department that will sink a company.

Re:It's not that we hate Linux...

[Dwonis]

Windows may not be anything wonderful, but it's predictable, and we know what the important flaws are, and how to work around them for minimal user impact.

Interesting. I use Linux because my experience has been that Windows is too unpredictable to be manageable. At least with Linux, if something messes up, it's because I did something, not because I did nothing (except with damn Netscape, grrr).
--------
Life is a race condition: your success or failure depends on whether you get the work done on time.

Linux and Firing...

[Cephas+Aurelius]

It all depends on what IT agreements and policies are out there. If the policy states "No install this list o' bad s**t" and they do it anyway, can 'em. If there is no stated policy and they can 'em, prepare the lawyers, there's a suit in them thar hills.

Re:Linux and Firing...

[JNewt]

I've worked desktop support in large orginizations that had software usage policies. There are a million and one reasons for restricting user software installs. Starting with company liability. If Joe Bob the slightly clued in use in accounting installs a warez copy of Ms Office 2002, there's a company liability issue there. If some joker in the mailroom decides he'd rather use MS Word 2000 than the standard '98 and he distributes those files, then you have a little conversion problem. If some moron in Executive downloads and plays every stupid .exe he sees on the internet, he'll end up getting a trojan horse thats not detected by a virus scanner and "bye bye" unfiled SEC documents. Now, on the other hand, if Sysadmin Bob installs Linux on a 'development system', thats a whole other story. Its one thing to break the rules, its another thing for the guy that makes the rules to use his experience to make correct decisions. Rules are there for people who otherwise wouldn't know what the 'correct' thing to do is.

Re:Linux and Firing...

[Ailurophobic+Cat]

My usual stance on the whole issue is it's easier to get forgiveness than it is to get permission. I'd rather deal with a potential denial rather than the easy "no you can't do that! Now go away and leave us alone" response you're likely to get.

Can they secure it?

[Chan]

On the university department's network I am responsible for, we don't really care what gets installed on individual labs' computers. I like Linux and run it on many of the department's server systems. My only problem is that I have to deal with the consequences of people who don't know much about security installing Linux on their lab PCs so they can run web servers, etc. More often than not, these machines end up becoming targets for remote attacks, then base stations for cracking the rest of our network.

NT really sucks...

[sxpert]

If Windows is handicapping you so much, tell me. If your sysadmin is so ass-backwards that he doesn't recognize a good explanation of the benefits you'll get from using Linux, then he's an idiot and what are you doing working in an IT department with this guy managing your systems? Chances are he's missed the boat on more than just this one issue.

Hi, I work for a state department (no, you'll not know that here, the info is available, but you'll have to find that yourself...)
I can tell you only one thing :
Some idiot decided to sign an exclusive contract with Microsoft. I had to go through an incredible amount of loops to develop my app (printing reports from a web server to some network printer) and create a f*****ing NT service instead of piping to lpr...
I can tell you that in two years, when I won't be working for these people anymore, I'll still be cursing these bozos...

Different kinds of users

[spacey]

I've put linux at a lot of workplaces, and found that IS is very scared of it at first, but tend to forget about it until they *don't* have to worry about it - i.e. when the latest virus, os update, etc. comes through.

However, there are times when linux has presented valid problems - having samba set up and declare itself the master browser in such a way as to disrupt windows systems from connecting to shares on the domain, etc. (this may no longer be a problem, but it has happened). However this just points to the need to document how new elements must behave, and make it clear that new things must be tried in an environment that is not critical to production. This can teach real lessons and improve networks a lot.*

IMO an IT department that resists change above all else is one that will resist itself out of existance. It's the users that try new things for themselves, and from these evaluations learn new things, that make systems and networks useable.

-Peter

* Anyone else remember when doom first hit big novell networks? Networks were being crashed by the flood of ipx broadcast traffic. Even though this killed business in many places, in the end it fixed configs across the world to keep private networks private. Disruptive events like that, and like linux have to be evaluated and lessons learned. They can't be squashed.

Bad management

[adb]

If you're not willing to treat your programmers like adults and, well, competent programmers, then you ought to either fire them or resign. And if you're not willing to let them use the tools that they (not some random IT guy) think they need to do their jobs, that's precisely what's going on. It's IT's job to support the people who are doing the actual work of the company.

Hell, this doesn't just apply to programmers. I'm the sysadmin. My users use a variety of operating systems, both because of personal preference (the animator loves SGIs, the programmers love NetBSD and Linux, the engineers have settled pragmatically for Windows, and the managers are, well, managers -- except for the CEO, who's a Unix weenie just for the sake of Emacs) and because we write software for a variety of platforms. It's not hard to maintain a diverse system like this, and it's certainly not insecure -- it's easier to break physically into our office than it is to steal the appropriate passwords or keys to SSH/PPTP past the firewall, and we trust each other.

So I think that the problem you think you're solving with a fascist policy of "The Company [i.e., the managers or their IT toadies] decides what you get, and you'll damn well use it, even if it's like hammering in a screw with a fish" is actually a problem of either management's misplaced distrust of the programmers, or of actual incompetent programmers and accurately placed mistrust. Either way, the people are the problem; with the right people, fascism can only make things harder.

As for this crap about "It's not yours. It's the company's. They can make you use it however you like.": yes, it's literally true. If my company were run by idiots, I could be ordered to use the wrong tool for a job, and to fuck it up in whatever they please. But you know what? I'm better than that, and I've got a no-notice contract and a year's rent set aside in savings, so I can damn well tell them to fuck off and find a company that will treat me with respect. And you know what else? They know that, and they're good and smart people themselves, and they're not going to do that. They don't consider it worthwhile to hire people they don't trust and respect, and I don't consider it worthwhile to work for people who don't trust and respect me.

<flame> I'm glad I don't work with you. I hope that some day you will grow up and go to work for a company with a future. Do you get off on timesheets, too?

I especially love that comment about how you wish the poster luck finding a job that fits this "skewed outlook". It sounds like you've found your way into an unsatisfying job, and rather than being sensible and getting another job, or being considerate and committing suicide, you're lashing out at others who have some self-respect and have spent the minimal effort to get jobs at places that treat them as the valued assets that they are. Remember: down, not across. </flame>

Re:user friendly != funny

[Denial+of+Service]

I have worked helpdesk... for a cheap ISP, no less. User Friendly is still not funny.

---

Re:I'm disappointed-again

[softsign]

Ahh, someone bites. =) Forgive me if I break into another rant.

I respectfully disagree. I happen to believe that the VAST majority of today's Linux users are indeed less than skillful at administering Unix. Inept, if I may say so.

I see it everyday. People who claim to be Linux masters because they've been using this lesser-known distro for so many months/years.

And then I watch them login to their home machine (using telnet no less).

login: XXXXX
password: XXXXX
...
(happy colourful bash prompt)$ su -
password: XXXXX

And this is one of the brighter ones who knew to disable remote logins by root. It scares the hell out of me thinking that these people consider themselves knowledgeable. The problem is that these are the people who will go around installing Linux overtop of Windows machines at work without asking because they presume that the sysadmin doesn't know how or (even worse) they believe that they don't need to ask permission.

An intelligent, well-informed Linux user will understand that control over what is deployed on a network is not just a luxury for a sysadmin. He will understand that he's treading on somebody else's toes by installing another OS where it shouldn't be.

For one thing, it's called common courtesy. For another, it's common sense. Unless your job is to maintain the workstation you're given, what the hell right do you have to mess with it? It's a tool, supplied to you by your employer in order for you to perform your work, not a God-given right.

I feel bad ranting like this, because I know there are some very knowledgeable people out there who are locked in by some short-sighted contract signed by even more short-sighted managers. But the reality is that it's not your call. Installing Linux without permission isn't going to help the cause 99% of the time.

--

It's all about genetics

[empesey]

It depends all on dominant and recessive genes. You'd have a period where there would be a battle for survival of the fittest where linux would triumph.

The only problem is, deep in the back of your subconcious, you'd know that sooner or later, those recessive genes will pop up at the most inopportune time.

just had this happen

[bakreule]

I installed Mandrake on a machine at work that was no longer being used (ie. the guy quit). Our network manager came around the next day and asked me what I was going to be using it for, why did I install it, etc. He then asked me to delete because he "didn't know what kind of effect it would have on the network." Our network, btw, is a bunch of NT machines with an Exchange server (bet ya couldn't see that coming.)

Anyway, we bitched and argued, he said he didn't want a "rogue" OS on his network. Eventually my boss had to come in and settle it. I turned off the computer. I think he was pissed about Linux "fouling" up his network and half that I didn't ask his permission before installing an OS. The latter I can understand, in an anal retentive way, but the first is just plain ignorance... errrrr.. burns me up....

Trains stop at a train station. Buses stop at a bus station.

Every chance I get....

[dilvish_the_damned]

..I install on the (umm searches for words so he dont get tracked down and defragged) aerospace development network. All I need is an excuse and I install a modified RH distro. Why not? I dont need to approve it with anyone. No one has to buy anything so no purchase requests. There is no 30 man hours involved with buying NT just becouse I need a file server out of a PC. It saves tax dollars and lots of them. It saves me massive amounts of time becouse there is always something wierd I need to do with the network like simulating a custom device. Try to do that quickly with NT. Save more tax dollars. It can have a lot of services added and subtracted on the fly without spending a lot of time trying to fill out the purchase request and having meetings about it (I never count them, the meetings about what should be trivial things depress me). It makes the very expensive operation go much more smoothly and without an even heavier pricetag attached to it. Tax payers IMNSHO should feal good about the whole thing. But the point is, if it works for the government, why can't this work for a corp. ? Why must this be viewed as insidious?

Re:Safe from packet sniffers?

[softsign]

No, it won't. But that's one less source. So is password-protecting the BIOS on your workstations and disabling boot from floppy.

With your kind of logic, what's the point in locking doors? An experienced thief can pick the lock anyways, right? Or break it down.

Not to mention you missed the point entirely. I never said nobody should be allowed to have Linux. I only said that sysadmins have good reason to be pissed when someone goes and installs Linux on a workstation without telling them.

--

Re:Practical considerations

[sxpert]

So why don't you use dumb terminals ?
That's what should be used on a secure network (with encryption between each terminals and the respective servers...)
Dump NT, it is NOT secure, you can't state your network is secure...

MAIL MACHINE is HOLY

[firewort]

There's a few rules of using more than one operating system...

FIRST: The mail machine is holy, and must not be used for experimentation or installing insecure or unstable (development) software. If the IT dept issues you your email machine running NT (blah) then keep it that way. And don't take your chances repartitioning and adding linux on the back of the current drive.
*** SEE HERE: the IT guys issue you a machine that they can support, and are required to support, no matter what. When you change that to something other than what it was issued with, they no longer need to support you.

SECOND: When running more than one OS, keep one secure, and stable. if the experimental one goes down, you have the stable one to fall back on.

In my office, my mail machine is NT 4 sp5. I requisitioned two other boxen, one runs TurboLinux and the other has Debian 2.2 Potato (Espy!)

Our mail app runs on Lotus Notes (when will they write a client for linux?!) which runs (slowly) in WINE.

The site is networked with Token Ring, and I have to socksify to use anything outside the intranet.

None of these things would, or SHOULD be supported by IT. They were hired to decide what will be issued, and are bound to support what they issue, not what I decide I would rather run.

I can understand their hesitation at Linux creeping onto the network, they didn't issue it, and will be derided, guilted, and profaned at for doing their jobs and refusing to support it.

A host is a host from coast to coast, but no one uses a host that's close

Jeff's Email Address

[ChiefArcher]

They forgot to say, "Jeff's can be contact at jshapiro@kpt.k12.tn.us"
Remember.... polite emails...
ChiefARcher

IT, Challenges, Missions...

[mindstrm]

In my world, it is IT's job to make technology work for the company. Period. If it has to do with Information, and Technology, then it's IT's responsibility to provide expertise.

That said, if someone just ignores policy and installs something over their workstation, of *course* something needs to be done; but not because they installed 'linux'.. simply because they trashed their workstation!

On the flip side.. the guy who says, in the article, 'we allowed our Finnish group to continue to use Linux as long as we could manage it with NDS' is bunk. If you purchase a company that does all their work on linux, you evaluate the total cost of switching them to a different (preferred) system, or supporting their current one. EITHER is a viable option; as the IT manager, it is up to you to provide that support.
SImply saying 'fuck you, install NT' is *NOT* providing support. Showing the boss how the cost of switching to NT & making this fit with your current support structure, and the rest of the organization's devleopment -vs- the downsides of changing the office over, THAT is the way to show it.

Re:It's not your computer

[TheCarp]

> Its only a matter of time until the user says
>"I can't open your PowerPoint file because I run
> Gnulix..."

As I said, if they don't NEED a specific OS for their job functions (which if they are manipulating power point slides they certainly DO need Windows) THEN I think its stupid to limit them.

Certainly there will always be people who spend more time working on other things than they should. Does it matter whether they are dinking with init scripts or playing solitaire?

> The smart IT shops cut this shit off at the pass

It is the IT shops job to police how employees in other departments spend their time? Isn't that the job of the individual departments to manage their employees and set what is and is not acceptable productivity levels?

At least in places where I have worked, IT is looked at as "Customer service" - they serve the other departments by providing computer systems. It is not the customer service reps place to tell his customer how to do his job, just to provide him with the tools to do it.

-Steve

Re:I'm disappointed-again

[el_chicano]

I happen to believe that the VAST majority of today's Linux users are indeed less than skillful at administering Unix. Inept, if I may say so.

I agree. I have used Linux since '95 (1.12.13 kernel) and would not call myself an expert in it. I know enough to unpack/install tarballs and fix small problems in source code that sometimes prevent compliation so I would call myself a power user but definitely not a wizard.

I think that the problem is that there is a lack of resources for intermediate users like myself. While there are a lot of materials out the net, most seem HOW-TOs aimed at newbies. On the other end of the spectrum, try to post to a unix wizards group and see how fast your mailbox gets indundated with multiple "RTFM" e-mails.

The solution is to buy books like the ones put out by O'Reilly among others, but that costs money. I sure wish I could find a forum where I could discuss more-advanced Linux topics (like shell scripting, system administration, make, rcs/cvs, etc.) with the experts without being insulted or made to feel like an idiot just because I want to learn more about my favorite OS!
--
You think being a MIB is all voodoo mind control? You should see the paperwork!

Same here..

[mindstrm]

The key thing people are blowing out of proportion here....
When Mr. Schapiro-whatever is asked 'what would you do' he responds with what he woudl do if *anything* outside of what people are *clearly informed* is allowed is installed. He does not say 'oh, well normally we wouldn't care, but if it was linux, we'd fire them'. Sheesh.

Communication is absolutely the key. I expect that if the developers need to hook a bunch of linux boxes up to my network, they come to me and say 'Hey, we need to get access to the file server and shit from these LInux boxes, because that's what we're doing our code on now'. As the IT manager, it's my *JOB* to accommodate this (preferably, they tell me BEFORE they make this decision to switch platforms, so I don't have to make a bit of a fuss. The fuss is because the cost of me supporting it must be factored in to the cost of switching over, and may reflect badly on my own budget otherwise.)

Re:Shapiro is an IT genius

[el_chicano]

The mail server on this domain is an OPEN RELAY.

Shhhh... don't tell anyone or some heads may roll.

Wouldn't it wonderfully ironic if Shapiro got fired over something as stupid as this?!?
--
You think being a MIB is all voodoo mind control? You should see the paperwork!

Re:Have to agree

[ScuzzMonkey]

When I was a lowly IT grunt, that's how I thought about it, too. But when I became responsible for budgeting labor and prioritizing issues in my department, I realized that as enjoyable as troubleshooting and tracking down the real problem may be, it's also not the point. The point is to get the box fixed and get the user back in business in the shortest amount of time. The more my tech dinks with something that could be solved with a ghost job, the less time he has to work on something that can't--and the longer the real user is unable to get his work done. All of this costing money that doesn't need to be spent.

If we have similar recurring problems, it's different, of course--then we'll dive into it. But if it looks to be a one-off (and these are usually user-caused in some respect, whether they admit it or not--I'm not running a concentration camp, I'm not going to spend an hour grilling them to force them to tell me what fool thing they've done this time just so I can tell them not to do it again) the best possible solution is to ghost it and move to the next one.

Re:Have to agree

[TheCarp]

> so you work in a place where people BUY their
> own macintoshes and bring them in?

Worked....I terminated my employment there over a year ago.

and no...they didn't have to. Each department had a budget (often not even from the central administration - it was a hospital - departments and people had grants) and could buy whatever they wanted.

-Steve

Re:'unstoppable phenomena'

[mindstrm]

Procedure aside.. this is one reason that linux installations sneak (unintentionally usually) past IT: The lack of licensing.

The chief reason that IT departments (well, mine, anyway) wants to approve all software (well, the first reason.. there are two), is because of licencing. We must not open the company up to liability. With linux, the common user thinks (rightly so) there is no licensing, so doesn't need to tell us.
The second reason is, of course, support. Support, as in making sure all our infrastrucutre works as well as possible.

Re:Safe from packet sniffers?

[softsign]

Look, I'm not saying that crypto isn't worth the effort. I'm saying leaving ANY door open is stupid.

Surely you can't argue with that?

--

Is it just me?

[Ace905]

"Novell NetWare often moved in through the back door, led by departments that said mainframes and minicomputers didn't give operating flexibility or application capability they needed. Before long, NetWare was the dominant network operating system and IT managers complained about unauthorized Windows NT workstations and servers entering the company through that same old door. Now that Windows 2000 and NT are displacing NetWare, IT has Linux to worry about."

Is it just me, or is this article claiming Linux is both a major problem, and the wave of the future?

Maybe those banner ads can pay to send this journalist to school.

Re:It's not that we hate Linux...

[Trepalium]

Speaking as a user: The main gripe I have against IT people is that they think the point of computers and networks is to serve their interests. No! The point of IT is to enable employees to best get their work done, not to provide the most elegant and tractable system for the admins to preside over.

Ironcially, your own arguement can be used against you on this point. If by allowing near unlimited flexability to the users of a network, the entire network infrastructure becomes too unreliable, you often end up with a whole lot more lost productivity. Often the same things that make the IT people happy are the same things that keep employees productive, although perhaps not as happy as they could be. Most of this is just risk management.

For example, my employer recently changed from using Win9x on workstations to using Windows NT 4 on workstations, and although the number of complaints about being unable to install software on their workstation has increased, the number of messed up workstations has severely decreased. Now people have to rationalize their reasons for installing a program on their workstation to me, rather than just blindly installing anything they please whenever they please. While it's true this can be interpreted as "barring employees from using tools that would make them more productive", it's also managing downtime which is particularily expensive since productivity often goes to near zero for these employees. In general, however, it's easier to make exceptions to a rule than to never state the rule at all.

Employees do not own networks

[BroadbandBradley]

In many environments, several hundred machines are "imaged" and the software image comprises of close source programs with proprietary protocols to proprietary server networks. When vendor # 1 out of 7 says "hey we've updated our systems and you'll need to upgrade your client version to 2.blah.1" these applications need to be tested alongside of the applications from vendors 2-6, often time with much tweaking to get things to jive. In this type of environment, Although I prefer using Linux, I'd rather not invest the time to get all those applications working for me to be productive at my job, and then have to keep up with any changes. That is why there is someone in IT who creates the drive "images", so I can do my job and not worry about it. It's against company policy to install ANY SOFTWARE without approval of IT (might not even waste time asking although I did ask to use Linux) If I was a webmaster with one machine hooked into a network only to allow a connection to the outside world and some network drives, I'd go to IT and let them know I'd be using Linux. If the rules state "no software without IT approval" installing a different OS without asking is a very blatent "F-U" to company policy. While firing someone for this at first offense may be an extreme, in some cases, I'm sure it's justified, wheather it's a Java applet, a game, or an OS(Linux or Windoze).

Its more productive

[Doodhwala]

I feel that companies should not care / take any action as long as installing linux does not put any more stress on critical resources (such as Tech Support/Bandwith/etc). After all whats more important for a company .. productivity or selling their soul to NT ;) ? Its just true that somepeople are more comfortable with linux than NT (and it should be noted.. vice versa) so give people the chance.

I personally am happy as all my computers at work are dual boot and am free to use whatever I want. Just hope more companies move out to supporting linux and you can have standarized maintainance (look at CMU's depot with automatic upgrades/changes/patches every night. Just my two cents

Re:I'm disappointed

[softsign]

Typically, companies with "very very strict rules" are those ones who's upper echelons are so totally in the pocket of some major vendor that they swallow EVERY bit of crap, no matter how outrageous, that is in that vendor's interest. If vendor says "Don't let any other operating systems on your network, it could destroy everything!" many policy makers are too ignorant/lazy/busy to know otherwise, and simply make that law.

That's complete crap. So any company that keeps tight control over its resources is being subservient to its vendors?

Companies with FLEXIBLE arrangements are the ones who demonstrate at least some knowledge in what's going on, and a willingness to pad their bottom line through the optimizations and research (unpaid) of employees... or at least, it's a hallmark of a CTO/CIO who realizes that better answers come from employees than from vendors. True, sometimes these things fall down and go boom, but that sort of thing happens even with the most seasoned professional or group.

Any IT manager worth his salt knows not to sign a blanket contract that prevents you from using anything other than a single vendor. It's called good business practice. And any IT manager that wants to stay an IT manager will at least touch base with his subordinates before committing them to anything at all.

You miss the boat too. Nobody is saying that Linux should be outlawed. I'm talking about employees going behind admin backs and installing Linux (or any other OS for that matter, NT is just as capable of f-ing with a network) without asking permission.

--

IT Departments Really Need a Clue

[SamBeckett]

By and large, in my corporation, the IT department takes a "We control all attitude." We're not even a tech-company. We make engines.

It pisses me off everytime I need an application or tools that are only available for Linux, or Linux could just do the job better, and I can't use it because IT says no.

Corporate IT departments need to realize that they are there to SUPPORT, NOT TO CONTROL its users.

Until they realize that, I will be completely 'ignorant' of what they want (be it ColdFusion, WebSphere, HP-UX or WinNT) or of their supposed standards.

Get real.

Re:The FUD grows....

[Nailer]

>I suppose there's a place for every OS out there, even DR. DOS

Are you somehow implying that DR-DOS wouldn't regularly be considered to have a place in your IT department? Pffftt!

There are good reasons to prohibit.

[Luis+Casillas]

The IT people are responsible for network security. Given that Linux boxes nowadays are rooted left and right, some random guy (with a bit less than half a clue) installing Linux without authorization may well open up a security hole and compromise the network.

In my department we allow Linux systems, but people who intend to install it must notify a computing committee, and they are expected to run only ssh, and possibly smtp and a small, secure, non-cgi capable httpd like djb's publicfile (intended to serve a Java ssh client or test pages, not as a production server). We had a box rooted before this went into place; the user of the box was running an old version of Redhat, and the box was running a buggy, absolutely unneeded amd daemon. The attacker transferred a rootkit and a sniffer using ftp-- the ftp daemon had not been used for anything else in that box, ever...

Re:There are good reasons to prohibit.

[anderman]

The problem had nothing to do with the fact this guy was running linux. The problem was that your firewall was either not installed, not running, or not set up properly. If installing OS's at your site is a security risk then I would see why the IT people responsible for network security allowed anyone access to that machine at all. There might be good reasons to prohibit but this is not one of them.

Re:There are good reasons to prohibit.

[Luis+Casillas]

The problem had nothing to do with the fact this guy was running linux. The problem was that your firewall was either not installed, not running, or not set up properly.

There is no firewall here at all. This is a university, and all systems are out in the open.

If installing OS's at your site is a security risk then I would see why the IT people responsible for network security allowed anyone access to that machine at all. There might be good reasons to prohibit but this is not one of them.

First of all, there is no prohibition here on running anything-- my department's policy is that if you want to run a unix-like system, you should tell us, so we can help you run it securely (essentially, as few daemons as possible, and no cleartext-password services, no ftp of any kind, secure daemons like qmail or other djb stuff, etc.).

Exploitable unix systems are a risk, firewall or not. An insider could still break into a box.

Re:Just block them

[Nailer]

* Use IP fingerptinting to find OSs sending packets from particular IPs.
* Trace the IP at a particular time to a MAC address
* Block the MAC address at your firewall.

Actually ...

[KidSock]

you do have to be carefull though. Someone setup a box for g++ and Samba prevented the browse lists from working properly. It became a master browser but couldn't find the domain master browser so some hosts on that subnet could not be found in network neighborhood. I looked at the config and didn't find anything wrong. I asked the Samba guys and didn't get much of an answer. I never heard about it again from the IT guys but after being the local Linux advocate it's a blow to the credability. I won't be advocating the default Samba config at least. Use local master = no !

KidSock

Of course

[Fervent]

If a fully Linux workstation environment was suddenly inflitrated with Windows 2000, Slashdot would be all over it like white on rice.

"The horrors! The insanity!"

Don't be hypocritical by trying to turn the situation around.

Re:Of course

[el_chicano]

You may not use Windows 2000. I use it all the time. I like it. I like Linux as well, but Linux has a LONG way to go before it even touches the usability in the GUI department for me.

Hasn't anyone told you about the command line yet? grep rules! :->
--
You think being a MIB is all voodoo mind control? You should see the paperwork!

Re:Of course

[SpamapS]

If this steams you, then why didn't the article I replied to steam you?

Re:Of course

[darkwhite]

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\>grep
Usage: grep [OPTION]... PATTERN [FILE]...
Try `grep --help' for more information.

C:\>winnt\system32\find
FIND: Parameter format not correct

C:\>progra~1\cygwin\bin\find --help
Usage: progra~1/cygwin/bin/find [path...] [expression]
default path is the current directory; default expression is -print
expression may consist of:
operators (decreasing precedence; -and is implicit where no others are given):
( EXPR ) ! EXPR -not EXPR EXPR1 -a EXPR2 EXPR1 -and EXPR2
EXPR1 -o EXPR2 EXPR1 -or EXPR2 EXPR1 , EXPR2
options (always true): -daystart -depth -follow --help
-maxdepth LEVELS -mindepth LEVELS -mount -noleaf --version -xdev
tests (N can be +N or -N or N): -amin N -anewer FILE -atime N -cmin N
-cnewer FILE -ctime N -empty -false -fstype TYPE -gid N -group NAME
-ilname PATTERN -iname PATTERN -inum N -ipath PATTERN -iregex PATTERN
-links N -lname PATTERN -mmin N -mtime N -name PATTERN -newer FILE
-nouser -nogroup -path PATTERN -perm [+-]MODE -regex PATTERN
-size N[bckw] -true -type [bcdpfls] -uid N -used N -user NAME
-xtype [bcdpfls]
actions: -exec COMMAND ; -fprint FILE -fprint0 FILE -fprintf FILE FORMAT
-ok COMMAND ; -print -print0 -printf FORMAT -prune -ls

C:\>

Karma Police, arrest this man, he talks in maths

Re:Of course

[saintlupus]

We're all Linux users, and we know that Windows 2000 is a horror, and was developed under insane conditions.

actually, i'm a mac user, you arrogant prick. i'm getting rather sick of the "if it ain't linux, it ain't shit" attitude that sweeps this place. just because i don't use a *nix as my primary environment doesn't make me a gravy-drooling moron.

--saint
----

Re:Of course

[Fervent]

We're all Linux users, and we know that Windows 2000 is a horror, and was developed under insane conditions.

This really bothers me, but I try to keep mum because it's been addressed before. This is supposed to be "News for Nerds" not "News for Linux users".

You may not use Windows 2000. I use it all the time. I like it. I like Linux as well, but Linux has a LONG way to go before it even touches the usability in the GUI department for me.

Just block them

[arothstein]

at the firewall. Most people will conform when they find their internet access has been cut off for coloring outside the lines.

Re:Just block them

[rhinoX]

And how are you going to do that, exactly?

I'm don't see the difference between NT on port 80 and Linux on port 80.

Re:user friendly != funny

[neuneu]

Popular? Do you define popularity by the number of ad banners?

I don't see the problem

[GrandCow]

For the most part, if someone has enough technical knowledge to get linux installed on their computer, get it on the network, get the applications on that they need to be productive in the workplace... AND know enough to be able to use it voluntarily, then what is the problem? You can be pretty sure that they aren't going to be calling you for software issues anywhere near as much as the majority of people that I've worked with... You know the type... the people who call MIS every time their computer crashes, the ones who go into the preferences menu's for all of their programs and start randomly pressing buttons, the ones who bring in virus infected disks from home because they want to give someone else some recipe or picture they got before.

Really though, this is just one more piece of software that people are bringing in from home because of a personal preference. In my last company we had people bring in copies of Corel Office suite because they were sick of Word crashing on them so much. We install Netscape on all of the computers we deploy so people can make a choice, and generally make it so that the employees can be the most productive.

Besides, at least Linux is free... How many rogue copies of Quake do you have running around in your company? Most places have at least one guy who has the quake cd sitting in their desk, to be passed around when new people come in or computers get moved around ;)

Its not your network or your computer.

[Vampgrrl]

Users should not be allowed to install whatever they feel like they want to install without permission. I am at a tech company that is trying really hard to standardize on a platofrm and one type of machine. Do any of you realize what a huge pain it is when someone either has a server running on the network that interfers with other network operations? For example I had a user set up Win 2000 adv server as a desktop operating system, the DHCP server was active. This caused massive headaches and very angry executives. Who got in trouble for this? The user ? NO , IT Client Services did! I can name tons more experiences that I Am sure you have all faced if you are in IT like this. Please, user community just ASK 99% of the time it will be ok we just want to make sure everything will run ok and nothing critical will be interfered with. However, IT is my job dont think you know more than me and even if you you dont have a place to do what you want. I dont tell accountants how to do their jobs, I dont tell programmers how to write programs. I am there to help you so please have the consideration to please ask us beofre thinking your workstation/PC belongs to you, it doesnt ..I am responsible for it.

It's not that we hate Linux...

[jht]

I'm speaking here with my IT manager hat on, not my Linux geek hat in order to provide a little perspective. We don't hate Linux - in fact, probably the majority of us have a favorable opinion of Linux, too. Some of us even use it in our home/hobby lives, like I do (and have been since '94).

The problem we have is with unauthorized anything on our networks, not just Linux. You see, planning and running the corporate network is what we're paid to do. In most structured environments, nothing gets installed without IT's thumbs-up. Period. The business (and our jobs) depends on the network's being as stable and predictable as possible, and even though Linux is wonderful stuff, workers are required to use what the company provides because we know it. It's not just Linux that can get a worker fired at my shop. It's any software that didn't come in through our department's OK. And all those cute little .exe files that people e-mail to each other? We block them at the SMTP gateway. Yes, we're pains in the ass about it, but we have a stable network with very little downtime - and when the latest .VBS virus goes sweeping the Net we're safely locked away with no downtime. On the other hand, we don't filter or monitor e-mail content or web sites. We don't care about speech at my company (which a lot of companies restrict), just reliability and safety.

That's an important distinction. Some IT folks just reflexively hate that which they do not know. That's the wrong way to go about their job, but it covers the butt well. My attitude (and our policies are derived from it) is that the company provides the PC, so we get to decide what it runs, based on what you need to do your work. You don't get to decide unilaterally what runs on it - we do.

However, we're not entirely closed off to running "other" things or operating systems. If someone came to us and had a reason they needed Linux to do their job instead of NT, I'd test to make sure it didn't interfere with anything else on the LAN (like a misconfigured Samba could), and they'd get their Linux after we tested it. But the important point here is that we are flexible, provided you follow the "right way" of making sure your software is OK. When people do that, and give us the chance to test things, we approve things unless we find a specific technical reason not to.

But if someday Linux became our standard desktop OS at my company, you know what? We'd fire people who used Windows without authorization. Wouldn't that be an interesting turnabout?

- -Josh Turiel

Re:It's not that we hate Linux...

[josepha48]

I'd have to say you are more like a control freek than anything else. You want total control over all that goes on to the machines that go on YOUR network. If ISP's can handle all the computers on there networks with the various hardware system as well as the various software etc, so should a network. I have been at several companies that did not monitor there software installs. The way that they would work is if a user was repeatedly screwing up his machine or running certain program they would take away his power to install software. The only downtime we saw was when our NT servers needed a reboot because of NT server problems. I have always had full admin access on my machine as there are lots of times that I need software to do my job that is not supplied by IT. Currently my IT department wont support anything other than Windows and Office and Outlook. That does not fly when you have to test web apges in various browsers like I do. To make sure that content is viewable and looks good in IE, Netscape Opera, and other browsers. As well I have other needs to do my job. I find the need to have a web server on my own PC a necessity in my job. This allows me to test various web server settings without screwing up a dev environment that others may be using, as well as things like php and perl.

I know more about computers than most IT deparments. The last time I called the IT deparment was to ask them to set me up on the server side for VPN. The time before that was to get my static IP address. I know that most users are not like me, but if I had to call the IT department evertime I needed something installed or uninstalled or my registry edited or whatever, you'd want to assign an IT person to my desk as my personal slave.

I don't want a lot, I just want it all!
Flame away, I have a hose!

Re:It's not that we hate Linux...

[Cally]

Well, I was fired by these people for, amongst other things 'continuing to use PERL [sic and Apache in defiance of corporate standards." Well, that was correct; I used them, and the standards were IIS / VB. Couple of employers down the line I'm quite enjoying using mod_perl to build sites which real people will (hopefully) actually use. Their corporate policy was wrong, it was stupid, and their refusal to even consider the arguments for doing anything differently was .... worse. They were NOT flexible, not remotely.

Ak, I haven't had my first coffee of the day, what am I posting to slashdot...

Re:It's not that we hate Linux...

[Dwonis]

Ever set up a second DHCP server on a network that is already served by DHCP? Or are you suggesting sysadmins be not allowed to use DHCP?

Samba can cause the same problem. If you set it as the master for a certain workgroup (a 1-line configuration file mistake), it will cause serious grief on the Windows machines.

My experience has shown that whenever you're using a broadcast protocols, it's quite easy to mess everything up.
--------
Life is a race condition: your success or failure depends on whether you get the work done on time.

Re:It's not that we hate Linux...

[jht]

Just to expound a little bit on my earlier statement here - I know Windows isn't particularly stable or secure compared to Linux (like I said, _I_ use Linux, and I run the network side of the house - I have the major voice in setting the policies in the first place. And I have a couple of Macs, too (I'm sitting at home writing this on one of them) - so I know about "alternative" platforms and the like. I'd love to use Linux on the desktop at work (and let other people use it), but it's not about me and what I like, it's about what's best for the company. And I don't decide that in a vacuum (though I do have the final say).

Windows may not be anything wonderful, but it's predictable, and we know what the important flaws are, and how to work around them for minimal user impact. We do use NT Workstation (and 2000 Pro on laptops), and we test patches and service packs before deploying them in production as well. I work for a corporate employer (an insurance company), not a small mom & pop company or a university or anything like that. Our idea of multiplatform development is writing COBOL code that runs on both the PC and on DOS/VSE.

Another thing the standardized environment gives us is the ability to actually take advantage of some of Microsoft's stuff - their development models aren't too bad in a homogenous environment. For instance, as a year 2000 project, our developers replaced a noncompliant mainframe-based financial system with a homegrown system based on SQL Server 6.5, writing procedures in COBOL to drive it. It works very well, and since the new system is on SQL Server, we were able to build an intranet site that uses embedded Office 2000 components to build ad-hoc queries off it. Since we built that, users can now get the information they need themselves and run their own "what if" scenarios directly from a web page - they don't need to have analysts go and do batch repots off the mainframe anymore. It may be Microsoft tech we used to do it, but it worked and it helped our productivity.

Unfortunately, you need Windows to use it. Virtually all our tools (and we have a lot of vertical market code in our company) are Windows-based, and, as a result of all this, Windows is our standard, for better or for worse. In a way, this reminds me of a discussion I was in on Usenet a few month ago. One fellow was insisting that vi + TeX was all a user should have for producing business documents, because the documents came out looking prettier, and that was what he gave his users.

I countered that I'd rather have nice, easy-to-understand writing from people made with tools that let them easily use things like mail merge, spell checking, and pasting in things from other programs if needed. In other words, Word (or other Office software). Let the users concentrate on just getting work done, and give them the environment and the tools to do so. If legitimate exceptions emerge, deal with them the right way when they happen.

It's not about power or ego, it's about doing our job (at least, that's how it is for most of us). Most people here who don't understand that will eventually, I hope, rise enough in their careers that they'll realize the difference.

- -Josh Turiel

Re:It's not that we hate Linux...

[henley]

Speaking as a user: The main gripe I have against IT people is that they think the point of computers and networks is to serve their interests. No! The point of IT is to enable employees to best get their work done, not to provide the most elegant and tractable system for the admins to preside over

This cuts straight to the heart of a 30+ year old argument.

On the one side, BOFH and friends are responsible for providing a manageable, scalable and supportable computing environment that meets the IT needs of the organisation. This includes a spectrum of specific technical requirements depending on applications, coupled with (guarantee it) a wide spectrum of (l)users ranging from K&R re-incarnated at one end to a big steaming pile of Upper Management at the other.

On the other side, we have the (tiny!) fraction of users who do actually know what they're talking about and do actually have valuable ideas as to what tool might scratch their IT itch, and who will *never* be happy with the Ordained Platform as Passed Down From On High.

The answer as always lies in the middle. But, folks, here's the acid test: Will the BOFHs stick to their own rules and run their own platform internally? It's a fair marker of whether the line has been drawn in the right place. If BOFH can't hack it, then you shouldn't either. Otherwise, you owe it to the Company to do the best to stick to the standards.

Re:It's not that we hate Linux...

[austad]

Stop being an idiot. If some user sets up a second DHCP server on the network, it will respond to DHCP requests from other peoples workstations. If it responds before the real DHCP server, then the user will have hosed network settings and not be able to do anything. We've had it happen several times. A couple of windows 2000 boxes running DHCP, a redhat box starts it by default if you install it, and those stupid little Mac Airport access points have a DHCP server on them. The biggest threat to our network is a stupid user pluggin in something with a rogue DHCP server on it.

If you have a way around this other than assigning everyone a static IP, I'd sure like to hear it. I'm sure millions of other network people would love to hear your solution also since you sound like you're such a network god.

Re:It's not that we hate Linux...

[RAruler]

It's not a horrible policy. If you instal Linux, and it for some reason decides to wreak havoc on the rest of the network, or its poorly setup and a bunch of script kiddies use it to DoS Amazon or something, you'd see why it makes sense to have it cleared through the IT department first. He's not saying you could never use Linux, just that if you installed it without authorization, you'd be canned.

---

Re:It's not that we hate Linux...

[DrEldarion]

When some schmuck decides to install something unauthorized on his machine for gits and shiggles, he risks not only his own time and money, but he may be putting the entire network at risk

Ain't that the truth. A friend of mine going to Iowa State installed Linux on a computer of his and managed to get a call early the next morning telling him to quit whatever he was doing. Turned out he was f'ing up the entire network. (I don't know what he did, I'm clueless about Linux..)

-- Dr. Eldarion --

Re:It's not that we hate Linux...

[update()]

If by allowing near unlimited flexability to the users of a network, the entire network infrastructure becomes too unreliable, you often end up with a whole lot more lost productivity.

Absolutely. I'm not saying users should be allowed to do anything they want. I'm saying that IT people routinely lose sight of the fact that they and the equipment they preside over are there to serve the users, not the other way around.

Re:It's not that we hate Linux...

i'd be really horrified to work at a company which didnt let me install the OS i liked on the machine i have for my exclusive use

Let me guess, you have somehow scammed a job where you don't do any real work or do anything to make profits for the company, byou spend all of your time installing strange crap on your computer and fixing all the problems you've caused. Not only that, you think it's your right to do so.

The day they finally can your ass, I'll bet that you never saw it coming.

Have to agree

[TheCarp]

This is one of the reasons that I left my old job (Ok that and I was tired of frontline tech support for windows machines and got offered a Unix system programer position)

They didn't want to FIX machines. There was litterally a policy "If you can't fix it in 15 mins, escalate the problem". Anytime the problem required more than a scandisk or running some IT-aproved simple fix - then it was "rebuild" (which used a system much like ghost)

It made the job boreing and unbearable. I ENJOY finding problems. I don't want to have to look at a problem and "blow it away" just to have it surface again in a few months.

As for linux - I was one of those "Insurgent linux users". What was IT policy? Simple..."If its not standard software and hardware - we don't touch it" That was it - anyone can run whatever they want - if it breaks, don't come crying to us (unless its "100% aproved").

Was a very sensible policy, and it worked. Those who were able to manage linux boxen ran them. Those who could manage NT (which was unsupported for Users) could run it. Those who had Macs - could run them (though macs were unsupporte dbut we fixed them - was kind of a weird grey area for political and practical reasons).

Personally I think that what a person uses on their desktop machine doesn't need to be much of an issue. As long as they can handle any issues that come up, and they can get their work done - why does it matter? (other than some people feel a need to feel like they are in control of everything - I never did understand that mentality)

-Steve

Re:Have to agree

[DrSkwid]

Those who had Macs - could run them (though macs were unsupporte but we fixed them

so you work in a place where people BUY their own macintoshes and bring them in?

or did they install macOS on their linux peecees

.oO0Oo.

Bravo

[crucini]

That was really well said.
Before going to a new company, I always verify that I can run whatever OS I want, that I will have root on my desktop, and that nobody else will have root. I've yet to hear an objection.
Maybe we're seeing a company-culture difference. I'm in Silicon Valley, where demand for techies is very high and unix is very popular. Reading slashdot I keep getting the impression that there are tons of clueless old-fashioned companies in the Midwest or something that underpay and disenfranchise their techies. I keep hearing "clueless management installed MSexchange over techies' protests." I think that many technical people must be unaware of their market value and mobility to stay in a place like that.
Although the workstation is frequently the employer's property, I don't think it makes sense for the employer to exert absolute control over it. When you hire a craftsman, he may or may not bring his own tools, but he generally decides how to use those tools. Too many posters are citing the employer's mere ownership of computers and networks as the last word in this debate.
I find the idea of submitting a business case silly and demeaning. The business case is simply that the emplyer needs my skills and can have them only on my terms.

Re:what if the the opposite were to happen

[crucini]

First I'd contact the responsible person and find out what he's doing and why. If he's committed to NT, I'd just make sure we're on the same page wrt email, printing, DNS, etc. Fitting an NT box into a Unix environment can require some tweaking.
If he's a bit unsure of his reasons for installing an NT box, and his desired application could be done well on Unix, I'd try to gently steer him in that direction. The key word is gently.

It would be wise to start a NT-admin mailing list so these guys can pool their knowledge of smooth integration into our network.

Before it was posted...

[epcraig]

Before the slashdot posting, the forum posts tended to flame the author (and Mr. Sapiro) for dissing Linux.
I guess not that many slashdotters posted there, because the pro/anti-Linux ratio didn't change notably after timothy brought it to slashdot...

Re:From an IT Management standpoint

[bellings]

My workstation just mounts samba filesystems from NT or Linux based SMB servers as if they were any other filesystem.

Then, you are probably using smbfs. Until very recently, smbfs had absolutely nothing to do with Samba. Now, it seems to be maintained by one of the people who also works on Samba. But smbfs is not part of the Samba software suite -- you do not need to install Samba to run smbfs, and as far as I know, it does not depend on Samba in any way. Samba is primarily server (although it does include smbclient, an FTP-like utilty), while smbfs is an entirely seperate linux client.

Unfortunately, smbfs is hideously deficient. Like you, I use also use it and depend on it every day. Unlike you, I could never recommend it to anyone else -- smbfs is one of the perfect examples of where Linux is badly, badly broken.

Re:Booyah

[meaple]

you missed it you dumbass

Help! Our corporate server is mutating into a

[EyesOfNostradamus]

penguin... no, into a rabbit, ... no into a frog, no into an elephant!

OSes sneaking in?

[flux]

I can't understand how an OS, other than Linux (or other free OS) could just sneak in. OSes cost money, someone has to approve the investment. Surely workers don't pay for the software they need to use at the job themselves? And not paying would be piracy. So there.

And if the company has a policy that only IT certified (blahblah) software can be used in the network, well, if Linux isn't on the list then there's no problem removing it. Otherwise, who cares, it is propably doing its job just fine.

what if the the opposite were to happen

[JesusOfNazareth]

what if you have a strictly unix environment for your network and someone installs nt? if i were IT dude in that possition i'd probably not care. but then again i'm a lazy bastard with no experience in IT management type stuff. this scenrio probably never happens. better scenraio: you have a bunch on linux machines and someone installs freeBSD! :P

Re:Linux (its not about support)

[ragnar]

This is a pretty ambitious statement, but the real cost in software is support, not the shrink wrapped box. IT departments spend a lot of money on training their staff and supporting their users. That said, they would rather stick with a bad solution that people can use without increased support costs than a better solution with more support costs. This is all about the short term versus long term issue. Sure, these other apps would be better after a few years of usage, but they don't want to pay the support cost now. Making the software free has nothing to do with this.

Besides, who really cares if Linux gets on the desktop or has more installations. It is scarcely different from AOL gaining market share. If you use it an enjoy it, great, but it adds nothing to your user experience if every Tom and Joe uses it as well.

My Tuppence

[AndrewD]

Lord, if only I had anyone with the nous to do this. I think the worst it would ever get from me is a bollocking for not telling me first so's we could get the thing set up right for the rest of the firm. And anyone I catch installing NT anywhere on my nice shiny network has not long thereafter to live. It's soooo nice being in a firm where the IT policy is "Andrew sorts it all".

What to do if Microsoft sneaks onto your network

[Morgaine]

Hey, there's nothing wrong with that, the feeling is mutual.

After all, we fire anyone that brings Microsoft onto our network ... :-)

Well, not really, becauses we'd lose all the fun of the instant bluescreens from the regular background radiation of death packets.

Re:It's a corporation, not a democracy

[swb]

It's that attitude because the marketing people have neither the background nor the skills to make IT decisions.

I had a marketing person ask me why I couldn't come in just one extra day a week and integrate two closed source database applications (Nielson and IRI) which turned out to be slow and difficult to use. Of course the advice they had been given by their IT people that these applications were slow and difficult to use was completely ignored in favor of the "value" of the information. Now that the licenses were bought and commitments made to the client about using these products they were stuck in the bad decision that they made and they were asking me for the impossible because they decided that they didn't want to use these applications anymore. And of course I took some of the blame for not being a "team player" on this issue.

Let's see, marketing makes decisions about technology they're not qualified to make, ignores the advice of the people they hired to specifically provide that kind of expertise and then turns around and blames them when they have problems. Gee, you think calling them busybodies is inappropriate?

They're so caught up with their simple-minded, uninformed science fiction/pop culture view of IT that they think IT decisions mean choosing what color iMac to buy.

It's the rough equivilent of me going to the marketing department and compelling them to buy media time on X Files because I think it's a hip show that will enhance our product. Well, duh.

IT's customers? Haha. I hardly think that the relationship is nearly that equal. It's the same kind of client-customer relationship you might in see in a servant-master relationship. The rhetoric of TQM doesn't work without equality, and that doesn't exist.

Sorry, I'm not buying the idea that IT is somehow the corporate bully and that all the poor "busybodies" are trying so hard to get around big, bad IT's rules that the company's going down the toilet.

Bane of IT

[Sloppy]

The use of unauthorized software and hardware has been the bane of IT's existence.

Yeah, because it makes IT obsolete. MSCEs are terrified of the day that they end up in the unemployment line because the users don't need them anymore.

---

How much power do IT mangers have, anyway?

[Eric+Smith]

'Reformat the hard drive and fire the person who installed that renegade operating system'

I've never worked anywhere where an IT manager would have had the power to fire me (or get me fired) for anything less than deliberate disruption of the company network.

In fact, at several companies I worked for, where Linux was definitely disapproved and IT was pissed off that I was running it, if the IT manager had pulled the stunt suggested by that quote (reformatting my hard drive), I likely could have gotten the IT manager fired, since I could have easily shown that such an act resulted in the destruction of valuable company property.

A good IT manager does not view the users as the enemy. If an employee is running an unapproved operating system (or any unapproved software), but does not cause a disruption for anyone else, a good IT manager will let that employee (and perhaps his or her manager) know that he can't expect any support out of IT, but that as long as he doesn't cause problems he can keep running it. If the employee's use of unapproved software does cause problems, or prevents that employee or other employees from doing their jobs effectively, then IT can get the employee's manager to intervene.

At one company I've worked for, every time anything went wrong on the network, IT tried to blame it on my machine, but in every case it was in fact determined to be a configuration error on their NT servers. For instance, at one point my machine was getting the same IP address as someone else's, so neither of us could use the network. IT claimed that the DHCP client in Red Hat Linux was broken, and assigned me a static IP address (becase they knew my manager wouldn't let them force me to run Windows). Afterwards, however, the same problem occurred with other people who were only running Windows. It turns out that in the interest of redundancy they were running two DHCP servers, but they were serving up overlapping ranges of IP addresses.

Then, months later, another IP address conflict occurred between my machine and a Windows machine. They were all set to blame Linux again, when I found out that they had expanded the DHCP pool to include several previously assigned static IP addresses.

After that they seemed to realize that I knew what I was doing, and that rather than trying to blame me for network problems, they should have me help out.

Re:How much power do IT mangers have, anyway?

[adamsc]

A good IT manager does not view the users as the enemy. If an employee is running an unapproved operating system (or any unapproved software), but does not cause a disruption for anyone else, a good IT manager will let that employee (and perhaps his or her manager) know that he can't expect any support out of IT, but that as long as he doesn't cause problems he can keep running it.

Exactly. I setup a "You break it, you bought it" policy here. We support a standard desktop configuration which is somewhat locked down. If someone wants more control, they have to agree that our support is changing to be like a colocation agreement in that we don't support anything past their ethernet cable.

This works nicely as the people who can't run their own system usually stop asking when they realize how much work is involved and those that can don't have a problem with it, since they were planning on doing so anyway.

Re:I'm disappointed-again

[Iambic+Pentametor]

Anyone using "XXXXX" for their root password is a fool. At least use "XxXxX"

---
We've secretly replaced this mathematician's value of pi with 355/113.
Let's see if he notices!

It makes their job difficult

[iramkumar]

In our dept , we use Exceed to logon to HP-UX machines to do most of our jobs. And there are plans now for "standardising" with windows 2000 for god knows what!. I mailed them for using Linux.They came back saying Office suites (MS!) are not there & support is difficult.(Hope it changes soon with *office)...
Anyway I use linux ..and will do so even if they kick me out :-p. What's funnier is you can get linux "officialy" installed on request for project specific purposes..I was around when the did one.You would not believe that they INSTALLED a cdrom drive on the computer (which they got it from anothet linux box) ..just to boot RH linux. ..(they could have as well done it with NFS/HTTP...)

What I personally think is ..this article is just escapism ..maintaining a linux network is tough for the sysadmin..they can no longer get away with double clicking their way to escape out of any situation...

Re:IT people are assholes.

[Skyshadow]

You're an idiot.

I can't stand people like yourself who sit around all day congratulating themselves over how above everyone else they are. You sit in your little cube gritting your teeth because IT won't instantly give you everything you want. You don't give a rat's ass if your freeware Backstreet Boys screensaver f*cks with the network, because you're the only one in your entire office who matters anyhow. They just must not understand it.

It's not your job to dick with your computer. Get back to fucking work.

----

Re:I'd sure like to be on Jeff's network...

[inquisitor]

Mod this up, please.

My school's a lot like this - but worse. It's a network of (drumroll please) Windows 95 boxes.

Running Research Machines (RM) tacked on security software.

The server? NT 4.0 Server. You know how incompetently this NT 4.0 server is set up? It's not set up to reboot automatically after a BSOD.

That's right, the system can BSOD - remember, this is controlling the entire network, and the RM software is buggy as hell - and the other systems on it have to wait for someone to *MANUALLY* reboot it. That is moronic. As for its Internet access - the less said the better.

Not only that, but the RM software and the censorware transport passwords unencrypted, allow them to be seen on screen by the sysadmin ETC. This is the most moronic security solution I've seen. The censorware even pops up an Internet Explorer box saying "this is unencrypted - possible security risk".

The network could only be improved by sticking a Linux box - or even better an OpenBSD one - on it, to handle proxying (using Squid blocklists if they really must), mail (there's no mail and freemail sites are blocked), login et al. And if the student computers had NT 4.0 Workstation on them, then security could be improved further.

But no. <SARCASM> They're too intelligent for that. </SARCASM> Instead they're going to keep it the same.

I wish I had root.

More rubbish

[Crixus]

Wow. What was the point of posting this article? All it does it tell us what a bunch of ridiculously inflexible IT managers at some backwater locations would do if the rebel OS got installed on their network.

Who cares.

What's important is how YOU would respond, not someone you don't even know, or care about.

Rich...

Re:More rubbish

[Pig+Hogger]

Why is it that when I go into my grocery superstore than has about 100 isles, only ONE is labelled 'Nutritional'?

Because the others are labelled 'tasty'...

--
Americans are bred for stupidity.

Don't try to command the tides

[dodecahedron]

This reminds me of the battles the IT departments of companies waged when the IBM PC first started showing up in offices. The Big Iron alterboys got management to institute "no pc" policies, or to force people who wanted PCs to get them approved by the IT people (one guess how many approvals were given). The users responded by getting the vendors to call them "data analysis systems", or anything but "computer". If you want to maintain some semblance of control, it would be smart to capitulate to the inevitable and help out; at least then you'd have a prayer of nudging things in a manageable direction.

Re:"Reformat their hard drives"

[Skyshadow]

They are in SUPPORT positions, not there to rule all things computer related!

They are in support positions. It's their job to make sure everyone can work and it's their ass when anyone can't. On the other hand, it's the programmer's job to punch out code all day, not to be spending time messing with your system. You tell me who ought to be dictating network policy.

It's not fair to the IT people to make them fully responsible for all of the computers on the network and then not give them carte blanche in systems management. They have every right to do what they need to to keep the systems running.

Of course, it's also IT's job to be responsive and give the developers what they need -- not doing so is like having the janitor refuse to wash out the restrooms twice a day. Still, recognize that IT still has to strike a balance between their budget, systems stability, the demands of other people and your needs.

----

Let it be...

[Jothom]

I say aid what is coming. If there is enough demand from those who use your network, let them use Linux. Just make sure that the IT people have a system to goof around with it on. Hell, we have started to use Linux where I am, and it is going to be more and more supported as time goes on.

"... GNU/Linux or I'll look for another workplace"

[Jama]

I can see two types of negative reactions towards GNU/Linux in the workplace (be it in the production, test or desktop environment). Let me present the clueless manager and the cluefull manager:

1. "Linux 7.0 will not be installed on my network! Even though you have shown us to be a good service developer you must follow our IT policies no matter what. I think you understand the companies viewpoint, you see my work is all about keeping investors content, managing business risks and helping the marketing department to create technical service brochure about our IT services for our customers."
   
   
2. "I am not sure why we need yet another OS in our network ... can't you use our standard server setup? I know this open source software thing is becoming more popular each day, but we have company guidelines. Maybe ... if you are serious about this, you could write a discussion piece why you think we need such a new platform for our customer services? I must say that I've thought about this myself too, maybe you could later even do a presentation about open source software licenses for our inhouse developed tools, that could be an interessing discussion I think?"
   
   
3. If your manager replies inline with the first example, leave the room, check your own ambitions and ideas, check your professional options and think deep about your future. Make an honest choice and remember that in this IT-age the knowlegdable worker should be king.
4. 
   
   In the case of the second example you have better chances of achieving 'your' ambitions on the workfloor. If your willing to go this 'hard' way you can explain the power of OSS, the different license models and the business-risk reduction it brings in the longterm for your customers.
   
   Remember to also pay attention to the functional requirements of your managers, services and your team members(probably in that order ;). If you then feel your viewpoints have some impact and there's willingness to try to bring in Linux servers and desktops by co-workers, you could do a official presentation about the whole opens.
   
   Personally I'm in this second stage at the moment, I've installed about 10 boxes with Debian GNU/Linux ranging from critical production servers to desktops and test-environments for developers. I'm also gonna do a presentation about the methods and consequences of OSS methods for inhouse software. Eventhough I don't consider myself an expert on opensource software(TM) development or the GPL or any other license, I still feel I can teach my co-workers (and offcourse managers) something about this wonderfull (but slow) revolution called free software.
   
   My presentation will be made available next month on: DebianLinux.Net
   
   

"Reformat their hard drives"

[imagineer_bob]

> Opinions of the IT managers they interview
> range from 'Reformat the hard drive and fire
>the person who installed that renegade
> operating system

I've worked at companies that made software, and at Research and Development departments where there was an IS/IT department that assumed our computers were not to be tocuhed.

Sometimes it got silly--like we were trying to ship a product that ran on WinNT 4.0, but IS would prohibit us from running WinNT 4.0! And if we'd complain to management (in this case it was John Warnock and Chuck Geschke) they wouldn't have a clue why were were trying to make life hard on the poor IS department!

We had to _sneak_ in operating systems that we were required to support for our product!

Currently, I work for a Research and Development group and I've learned to just humor the IS department. I let them set up my PC with Windows 98 and Norton Antivirus, etc, and as soon as they're gone I wipe it clean and install what I need to get my job done.

IS departments should support the engineers, not the other way around!

--- Speaking only for myself,

Re:"Reformat their hard drives"

[Erore]

Scenario: You've setup your own machine and only you know root. You get fired. How will they get to your data?

Scenario: Corporate wide they decide to deploy a new application that requires Windows on all PCs. Something they thought they had. They get to your machine and find out that it doesn't have windows. They also find that you have spent the last two years coding custom utilities that will not work on Windows. What do they do? They need you to use those utilities, they also need you to use the custom application. What if 5% of the workers fall into the same boat.

Point being, don't sneak, ask. IS should be root on your machine, and IS should know what OS you are running and why.

Re:"Reformat their hard drives"

[imagineer_bob]

Scenario: You've setup your own machine and only you know root. You get fired. How will they get to your data?

This straw man is easy to defeat! I always keep a sealed envelope in my drawer clearly marked "passwords" with all my passwords in it, just in case I get run over by a bus.

Because it's sealed, I can tell if someone needed to get at them. For material that belongs to the company, this is an acceptable level of security.

--- Speaking only for myself,

Sandbox systems

[Surak]

I'm involved with this struggle on a daily basis where I work.

Whereas I work in the Math-Based Manufacturing Technology dept. for GM Vehicle Operations, corporate IS&S wants to maintain a sane network environment.

For that reason, I'm in charge of our dept's Windows 2000 engineering CAD pilot. We have sandbox Win2K boxes installed for testing of locally-developed applications.

Furthermore, the company is slowly moving to ONE domain for engineering (corp.gm.com). They've been told to eliminate compilers, eliminate locally-developed applications, etc. Yet, we have a business-need for those same locally-developed apps.

So IS&S has had no choice but to admit that, since we have a real business case, they need to allow us to KEEP those locally-developed applications and locally installed software, provided that testing is done in a locked-down sandbox area.

If we wanted to install Linux on a box or two, once again, they wouldn't have any choice. We would be ready with business case in hand, and they just wouldn't have a choice. They'd have to let us have our sandbox systems.

Limerick

[575]

There once was a man from IT
Linux sneak'd to his desktop PC
The OS, not supported
His boss so purported:
"You're fired, we run FreeBSD!"

Re:Limerick

[Rusty+Foster]

Yay! 575 is back!!!
--
There is no K5 cabal.

Re:Linux

[PimpBot]

Linux is an unstoppable operating system
Oh god.

With applications like StarOffice
You're not helping your cause.

Open source methods create the best software. BIND - 95% of the market. Apache - 69% of the market. Sendmail - 90% of the market.
And Office? Mathematica? Non-free software stands quite well on its own.

GNOME is an ideal replacement for it under Linux, and is actually more advanced.
...when it works. Maybe nautilis will be better, but gmc is crap. I believe even Miguel has send so in not so blunt terms.

Ease of use.
Completely subjective. I know many people who find the MacOS UI infinitely superior to Gnome/KDE/Windows

You've got a case of the "blinded-by-obession"s. Remember, what's best for you may not be best for another. Remember, Linux is all about freedom...some people choose to use non-free OS/software because they feel its better.
--------------------------

Promote him/her

[macdaddy]

What else can you do? Promote the user to CEO. :-)

Re:IT people are assholes.

[Surt]

>> but in a programming environment, the programmers can usually run the network better in their spare time.

> Hee, hee! That's the silliest thing I've ever heard. Please don't remain anonymous. Let us know who you are, so when you get canned by IT we don't hire you
by mistake...

You may work at a company with a competent IT department. A lot of us don't. I've worked at 3 companies so far where programmers had to go and explain network setup and make network configuration changes for the IT department. I would love it if every company hired competent IT people, but many smaller companies (particularly startups) don't.

It's not your stuff!

[mDistrukt]

What it seems everyone here has forgotten is one key factor: IT'S NOT YOUR STUFF! It's not your computer, and even if you choose to bring in your own computer, it's not your network, and you are bringing it into a building that is not yours and probably working on it during time that is not yours. When you own the company, then you can do what you want to the computer.

I work as a computer technician. We were forced to add a disclaimer every time someone started up that they would have to acknowlege in order to get into their computer. This disclaimer stated clearly that the computer that they were accessing was not their propery, and that any unauthorized modifications could be considered damaging company property and could result in termination.

You may think that Linux (or MacOS, or NT, or BeOS, or Amiga, or whatever non-standard OS you choose to use) is the coolest thing since sliced bread and will help your productivity. But have you considered how that OS you just installed on your desk affects the computer down the hall, or the server on 3rd floor? What happens when the head office deploys that software that suddenly doesn't work on your computer? What happens when the IT person comes out to do an upgrade on your computer - and suddenly can't get into it to do his work?

I'm sorry to rant, but this is among my pet peeves. IT has established company standards for a reason - they have a view of the big picture - and in the end they'll have to support it sometime.

Re:Safe from packet sniffers?

[Hobbex]

No, the logic is that you _should_ be locking your doors (ie, using crypto) rather than just nailing some of them shut but leaving the others open and unlocked on the grounds that they are too small for a thief to find.

Trying to secure a network that spans more then a single room through physical security is monumentally stupid.

Re:I'm disappointed

[Arandir]

The guy who's just "trying" out Linux is not the type of guy to come in his office and throw it on a machine where he has to get work done.

I've seen two (real not analogies) cases at my work were Linux caused network problems when run by people who didn't know what they were doing. The last case caused a subnet to be down for a day.

The problem isn't Linux. The problem is that these schmucks have root priviledge allowed them to barf all over the network at will.

Re:professional programmer != hacker

[adb]

The idea that "adminning" one's own box is a major task is silly: PC users have been doing that quite happily for a good 20 years now -- I know, I've been one for around 16 of those years. The real work of IT is in making it easy for these disparate boxes to communicate, by creating networks, file servers, and so forth. Part of that work is using the proper open tools to make it work with anything your users choose to use.

The idea that homogeneity is a good thing ("better than optimal", even) is laughable; you obviously confuse it for cooperation, which *is* essential, and which has nothing to do with what tools you use. Homogeneity leads to crushing virus epidemics, getting locked into a specific vendor's tools, less productive workers (Emacs alone saves me hours a week), and all sorts of other nastiness. Taking the time to maintain a properly open environment -- and yes, in the short run, it does take a little more effort, though less cash -- will save you all that trouble.

The value in an employee lies in the work done and contributions to other employees knowledge.

I couldn't agree more. That's why I want my co-workers to get their work done in the most efficient way *for them*, with one of the criteria by which the work is judged being that it is easily shared with other people. Code edited in Emacs is still readable in Visual Studio, no matter what M$ wishes were true; files served up with Samba are just as accessible as those served up on a Windows box.

As for timesheets: here, they're a requirement for reporting to the government. A necessary evil. The managers know what work I've done, and that's what I get my bonuses for, not for how many hours I happened to be hanging around and thinking about a particular project. I guess you live in a magical corporate fairyland where (hours worked) = (benefit to the company).

It's a corporation, not a democracy

[swb]

You can argue all you want about power bases and all the other rhetoric of liberationist politics, but we're talking about the workplace and not about a democracy. You're at work to use your skills within the constraints of the policies and procedures established by management. It's that simple.

Do I particularly care for it? No. In many ways its a bullshit structure. It makes work like some kind of proft-making bastard child of the Brehznev-era Soviet Union. It stifles innovation. But a corporation is an organization that relies on a coherent, structured and standardized environment to be effective.

If you don't like the rules, don't play by them. Go someplace else and make your rules/declare there's no rules. But don't break the rules that you voluntarily agreed to follow and then declare that the rules are unfair and that they don't apply to you.

Re:It's a corporation, not a democracy

[alecto]

And you are? Thought so.

Re:It's a corporation, not a democracy

[alecto]

I see. Lost the argument, but don't want to lose karma. Who's the luser again?

Re:It's a corporation, not a democracy

[swb]

Ultimately people with the best interest of the whole organization are in control, not the self serving people in some IT departments that want to follow some particular vendor's line because it makes their jobs easier.

The people with the best interest of the whole organization are never in control. Often the people pushing unapproved (since it's not really about Open Source vs. everything else) tools are people with their OWN agenda at the top -- they can't seem to produce with the tools they're given, so they have to blame IT for their failures. Have you any idea what's involved in choosing those approved tools and whose ass is on the line if "approved" tools suck to the point of being unusable?

The other thing that rankles me is the blind-faith insistance on open source tools for some lame software-politics reason. Ugh. Opposing open source because you don't like open source is just as dumb as favoring it because its open source.

The "self-serving IT department" is usually just trying to make the best out of a bad situation. Since they seldom have complete control of even the IT environment they're held responsible for AND forced into decision-by-committee where busybodies from marketing get to make IT decisions(!), is it any real surprise that there's some compelling desire to make their job *somewhat* easier?

Translation: IT would often like to dictate platform and get paid for mindlessly implementing a single (or few) vendor system to the exclusion of better tools. The people forced to use inferior tools will, (in organizations that aren't dysfunctional, within and outside of the "rules") get around having to use them. Then the rules will change.

My Translation: IT would like to have a standardized because they're tasked with implementing unrealistic expectations in nightmare deadlines with not enough money, too many "managers" making bad decisions, and too many users who want to make decisions that they're not held responsible for.

I'd agree that installing unapproved tools isn't like bringing anthrax to work, but hey, if the rules say don't do it, then don't do it or get out -- it's the honest thing to do.

Re:It's a corporation, not a democracy

[alecto]

AND forced into decision-by-committee where busybodies from marketing get to make IT decisions(!)

It's precisely this attitude--that IT's customers are busybodies, that causes them to be an obstacle to be worked around rather than the servants to the organization they're supposed to be. That one word speaks volumes.

Network management by Diktat works in BOFH stories (and is quite entertaining there). Things are different in real life with real people.

I'm disappointed

[softsign]

... that nobody even sees the real problems rogue installs can cause for sysadmins.

When a sysadmin installs an OS such as Linux, Solaris, or even NT usually administrative privileges are withheld from the workstation user - with good reason.

However, if someone comes along and installs their own Linux distro suddenly you've got someone other than the admins with root privileges on at least one machine in the network. Hello, nmap. Hello, packet sniffers. Yes, you can encrypt everything to death, but it's better to keep prying eyes from ever seeing the sensitive data in the first place.

If I'm the sysadmin and you go and replace the OS you were given, you're damn right I'll be pissed. There goes all my planning. You are using the company's equipment and messing with something that it's not your business to mess with.

If Windows is handicapping you so much, tell me. If your sysadmin is so ass-backwards that he doesn't recognize a good explanation of the benefits you'll get from using Linux, then he's an idiot and what are you doing working in an IT department with this guy managing your systems? Chances are he's missed the boat on more than just this one issue.

If you work for a company with very, very strict rules in place about changes to the network, there's probably a reason for that. You should know better than to mess with stuff that 1) is not your responsibility and 2) others probably know more about than you do.

Why is it assumed that if the person is running Linux they must be some Unix god incapable of messing up their system (and possibly the services provided for others) quite royally?

--

Re:I'm disappointed

[Chemical+Serenity]

That's complete crap. So any company that keeps tight control over its resources is being subservient to its vendors?

Read more carefully. I said "Typically". I'm certain there are other companies that DO need tight control over its resources for reasons far more appropriate than simple fear of knocking the network over, or sniffing (as the original article implies).

But yes, there is a large contingent of management who simply suck up vendor sludge simply because it seems to be an easier solution than getting direct input from employees who often have conflicting and varied requirements. Needless to say, that sort of policy is considered somewhere between a "bad joke" and a "faustian nightmare" by the poor plebs in the trenches.

Any IT manager worth his salt knows not to sign a blanket contract that prevents you from using anything other than a single vendor. It's called good business practice. And any IT manager that wants to stay an IT manager will at least touch base with his subordinates before committing them to anything at all.

Many IT managers then must not be worth her(or her) salt then. I've seen a great many companies "standardize" on single vendor solutions, and claim that doing so is good business practice. Hark back to your history lessons... noone ever got fired for buying IBM^H^H^HNovell^H^H^H^H^H^HMicrosoft.

In a perfect world, IT services is set up to serve the needs of the people requiring the use of IT. They get a clear picture of what's needed and make every attempt to serve that need within the confines of a well structured and managable environment. In the real world, IT is far more likely to dictate terms than accept requests. People don't like asking permission when they know that thier request will be rejected out of hand by people that fear change... the rejection of which is just a symptom of a larger scale problem of fear and laziness in a company, not typically an "anti-linux" sentiment (although I've seen that in some places too).

I think you're missing the boat with your question. I'm not complaining that Linux is being outlawed... frankly, I don't work in corporate environments any more partially due to myopic management strategies such as this. I'm talking about draconian policies that leave employees feeling powerless if they go through "authorized channels". Perhaps the question should be why don't employees feel they can get their needs met by following policy?

--
rickf@transpect.SPAM-B-GONE.net (remove the SPAM-B-GONE bit)

Re:I'm disappointed

[Arandir]

If they didn't know what they were doing then they shouldn't have installed it.

If you ask that incompetant guy "why did you install Linux?", and he replies "But Bob two cubicles over has Linux", you're stuck.

Which brings us right back to the beginning... IT. Someone in the company needs to say, "these are the company computers and this is what you're allowed to do with them." And users installing their own software shouldn't be one of them. Then you can ask the much more appropriate question "Who authorized a installation?"

Re:I'm disappointed

[I_redwolf]

Thanks; your first analogy proves my point idiot. You should be secure at all times. Meaning you should have the shotgun, deadbolt and private security guard in your house if thats what it takes to keep it secure. Not just the deadbolt. Anyone can just take the deadbolt out, but after that they've got the private security guard and the shotgun to deal with.

The guy who's just "trying" out Linux is not the type of guy to come in his office and throw it on a machine where he has to get work done. Get your fucking analogies correct and get back to me.

I just got back from hell and goddamn is it cold there.

hmmm

[GC]

IT Managers should be more concerned with Unlicensed Commercial Software on their network than people finding and installing Linux.

I'm a Sys Admin, I know of several boxes on our network running Linux (dual-boot or not), some of which are very useful boxes that we installed ourselves, some are ones that non-IT staff installed.

I work for a software company, however, and some of the software we produce works on Solaris, so people playing around with Linux isn't a big thing. We're not 100% Micros~01 here... At my last company, however, I had to set up a Linux box "behind the scenes" without letting my manager know. When I left they and they discovered the box they pulled out the network cable, and threw the machine out. (It was an old P75 - ideal for Linux :-))

Support Issue

[antv]

I guess it's mostly support issue - they don't know how or don't want to fix Linux problems.

At my current work they gave me machine with NT 4 taking 4 gigs and 9 gigs of empty space. They said I could install anything I want, but they would only support NT and, surprisingly, FreeBSD up to some extent. I decided to go for BSD since I wanted to learn it. So I fixed NT in a usual fassion (mkfs) and had no problems with IT anymore. I also have Linux on laptop, use it in company. I know that almost every tech in my company uses either Linux or BSD, or Solaris for those with Sun boxes, graphic designers use Mac. The only thing they require is for you to be compatible (SAMBA to access printers, have to be able to read .DOC, etc). And officially IT is not supposed to help you if your Linux box is screwed - I know my bos got about 5 different Linux distros from IT when he asked for it - but officially they aren't responsible. Beyong that - who cares what you use as long as you do your work ?

On my previous work, when I was admin myself, I used Linux as universal troubleshooting tool - had it work as print server for Macs and reroute all print jobs to Netware server, etc. Had to fix couple of linux boxes for professors - it was a college work - I know that most other admins never bothered to fix Linux, or for that matter anything that they had any excuse not to fix. That's probably why some IT managers dislike Linux or anything else that is new - they don't know what security measures are needed for system, how to support it, would it interfere with anything (one of my friends used Linux with Netware, named machine/share or smth like that using Russian characters, half of their windows boxes started crashing when trying to browse network).

Re:Linux

[Covener]

You write this with a straight face?

Maybe a 25 chromosome grin?

Re:From an IT Management standpoint

[Patrick+Hancox]

almost.

if your browsing/wins/dhcp are setup correctly (big if) the appearance of a new PDC will only affect the subnet the fake server is on. If your sane, you have segrated user/clients from the subnet with you domain hosts along time ago. PDC2 will try to anounce the "new" domain but be overruled but the standard browsing elections. People on the same subnet are in for a little suprise, however. It easy to spot by the problems it causes.

In 7 years of nt I've only met one user who was stupid enough to deliberlty try and clone the PDC namespace with another nt install. He was fired.

Simple Solution

[gad_zuki!]

Ads what ads? My hosts file blocked all of them except one. Everyone should have some ad blocking option either on or ready to be activated when we come across articles like these.

I can almost hear them on the phone to accounting, "Yes, yes, we did get 20,000 hits on that one but the ad people said their server only sent 1,000 ads!"

Let the network evolve itself

[Cardinal]

Damn straight. If a couple employees have switched to Linux, and the IT people haven't noticed, then obviously it didn't cause any problems. Samba isn't overriding the PDC's authority like it could be, they're probably still in e-mail contact with the company, and it's a safe bet they're still being as productive as before (If not more), because if they weren't, IT would've gotten a call to come down and re-install Windows.

I just so happen to be in this position, as the only Linux-running employee in an otherwise comletely NT/Win98 shop. The company does ColdFusion development, uses Exchange Server (I use the webmail interface) and uses SMB file/print sharing copiously. I work on a project that's being done in PHP, so I don't have to deal with the ColdFusion server regularly crashing NT, and by being in Linux, I can very easilly run my own development environment.

It's a completely ideal environment, in my opinion. I can use a superior development environment, I've proven that I can actually be more productive (God, what a pain in the ass it was having to develop with only one 1280x1024 area available) and I'm one less person IT has to worry about supporting, because I can take care of myself.

Win2k/IE here!

[rodent]

I run Win2k for 3 reasons. IE (I fucking hate Nutscrape), Eudora and Ultraedit. However, nothing on this box can't be replaced. All of the important shit stays on my servers and ALL of them run Linux as I won't trust my critical shit to M$ for any reason. (oh, and I refuse to pay for any M$ software/trash)

rodent...

sometimes you can't allow different oses

[_Spirit]

In general I agree with the consensus here, leave em alone or even complimenting them on their choice but in my work i come accross some reasons why the more radical negative approaches are sometimes preferable and even necessary:

Support
A lot of organisations have to deal with lusers or even worse: self proclaimed power users who regularly make a mess of their workstations, and the organisation spends money to keep everything going. Allowing ppl to use something different can set a precedent. How are you going to explain to a user that (s)he can't use this application when another user installs a different OS ? (anyone who's ever been a sysadmin knows what i'm talking about)

Security
Some organisations have security requirements. Some are even required to be able to prove that they are secure. This is usually done by getting certification from experts who will create a setup that has been configured and tested to be secure. Linux isn't secure, nor is WinNT, but they might be when they're run in a specific setup. Allowing users to do things differently means you cannot guarantee security on your whole system, simply because you don't know how it's been set up.

Compatibility
In some organisations software is used that's not compatible with non MS OSes. My current client requires me to use Outlook to plan my days so they can see what i'm up to. Even though i might not like using Windows, I don't know a way to do this on Linux (yes i know about Outlook web access, but you need a server for that). Other organisations have custom applications, same story.

This is all I can think off right now, but there is probably a lot more.

Bottom line is that a lot of organisations are Windows based, and it might not always be possible to do anything sensible with a Linux box in those.

silly article.

[small_dick]

My sysadmin got a call from a higher level manager recently.

Manager: "This new server -- why are you ordering it with Linux?"

Admin : "We use linux increasingly for all our servers, and a few programmers are using it as well."

Manager: "Shouldn't we just use NT?"

Admin: "Nope. My calcs show about $10,000 in software licensing if we use NT, but only about $500 if we use Linux."

Manager: "Okay."

[Actually, the fact that she let us do it was a ray of light in an increasingly gloomy workplace]

PS: We need permission to install Linux -- I got some heat awhile ago when I put a linux box on our net without approval. After I explained why, they left it up.

From an IT Management standpoint

[alexhmit01]

Additional systems are ANNOYING to support. I am responsible for IT and Development at my company, (i.e. a very small technical team), and we use Linux exclusively for development. We are developing PHP and Java code for web deployment, so Linux is the natural environment, the user has his own web server, etc.

Our network infrastructure is NT 4 w/ Exchange, so everyone has a Windows box. The developers have two boxes, NT and Linux, and they are responsible for their own Linux boxes.

However, that didn't stop a bad Samba configuration from causing nightmares. Samba is getting close to being banned.

It decided to claim to be the Master Browser, but the PDC was and knew it was right. Faulty election code, and the Samba box forced enough elections to crash my PDC.

Is this buggy code on MS's part? Absolutely. Was I annoyed? Absolutely.

Linux creates new headaches if SAMBA is installed. Without SAMBA, there really isn't much of a reason to worry about it. Let it do its own thing.

It is likely being used as a workstation, and you are not going to have licensing issues (normally), so there isn't a problem.

If someone is setting up an unauthorized server... well that person may need to be fired.

Now, a tolerant IT staff will have a policy on unsupported systems. They should allow them without support, but if they disrupt others, they need to be decommissioned. Rediculous overreactions are stupid, but having no policy and allowing a free-for-all is asking for spending Friday nights at the office debugging...

Alex

Re:From an IT Management standpoint

[bellings]

Linux creates new headaches if SAMBA is installed... It is likely being used as a workstation

Why would anyone install Samba on a workstation? Samba allows you to use a machine as an SMB Server, not as an SMB Client. On a workstation, you'd want an SMB client. Unfortunately, there don't seem to be any usable SMB clients for Linux, but thats not what we're discussing here...

Controlling Your Network

[Gihadrah]

Yes, it is unfortunate that they chose to focus on Linux in the article. But then again I am sure that this is becomming more of an issue.

The article would be better addressed to unwanted software, be it games, napster, or Linux.

Then it would not appear so inflamatory to the sensitive Linux users ear.

The point is, that IT must have some accountability for what is happening on THIER network. In a proper orginazation there should be some method of properly introducing new software onto the network - this includes testing the ramifications of this new software on everything from network performance to SLA's (Service Level Agreements) concearning uptime, costs, etc...

Once again, it is a valid point (although some solutions may be draconian) it is just focousing on Linux - while bigger threats to corporate legality and network bandwidth may come from such apps as Napster...

Did you actually read his post?

[Cardinal]

as a programmer i have to say - that HAS got to be the worst and most draconian policy ever.

Did you actually read the post you're now slamming? His comments were, imho, quite reasonable. If you consider them Draconian, I wish you luck finding an employer that meets your requirements of an IT department.

its the people who USE those workstations that make money for your company - not you or that IT department.

This narrow minded view is about enough to invalidate your entire post. Does the concept of a team effort mean anything to you? The presence of programmers, marketers, customer service reps, etc. wouldn't be worth five cents without a solid IT department keeping it all running. Don't think for a moment a qualified group of network admins doesn't help a company make money.

Indeed, one of the biggest concerns when a company is being considered for a contract is the quality of their network. Speaking as a programmer for a company that's been scrutinized and approved by more than a few large corporations, I assure you that one of the key factors of our getting contracts is the quality of our network and the reliability of the systems.

by definition people who use workstations should be allowed to do whatever they like assuming that they dont interfere with the network in any way.

By definiton? Oh, please. The definition of a workstation is not "You can do whatever you want with it, as long as it doesn't hurt the network". Your workstation is not your responsibility when it breaks, or when it acquires a virus. It's IT's responsiblity. They're the people who will be held accountable for your workstation's functionality, not you. Therefore, it is most certainly not yours to do with as you please.

'd be really horrified to work at a company which didnt let me install the OS i liked on the machine i have for my exclusive use.

Again, I wish you luck finding an employer that meets your somewhat skewed outlook on reality. I'll also assume you didn't read his entire post, because he explicitly stated that if somebody presented a good reason to install an alternate OS, it would be considered, tested, and approved or disapproved. It's not Draconian as you'd like to scream and wail, it's the protection of their time and their responsibilities.

Another point. It's not your box, it's not yours for exclusive use, and it's certainly not your property. If you're home sick one day, the company has every right to let somebody other than you use the system, or log into it to look up something in your mail. It's a reality check: The computer isn't yours.

if i want to be my own admin what rights does the IT department have to fiddle with my personal workstation or fire me ?

This should be obvious by now, from what I've covered above, but I'll say it again. It's not yours. You didn't pay for it, you didn't install it, you don't maintain it. The computer belongs to the company, and the company can do with it whatever it wants. How is it you don't understand this?

you must be at some really brain dead firm to be considering policies like that.

Well, the rest of your post isn't worth responding to, so I'll just leave it at that.

Practical considerations

[Teliver]

I myself am a network Administrator at a bank, and this article got me thinking about what would happen if something got installed on our NT network that we didn't authorise. I'm afraid that we'd HAVE to remove it for two reasons. 1) This is a bank. It has a secure network. Any and all computer equipment, programs and operationg systems are provided by IT in order to ensure this. If we don't know everything about a computer, we cannot define it as secure. So all equipment needs to come from us. 2) If we were to let linux or bsd or Mac onto the network, we would have to support it. Why? Simple. Our job is to ensure that everyone else can do theirs. And we just don't have the skill set for running linux in a business critical environment. If we can't fix their PC, we can't do our job and they can't do theirs. So we give them the same tools. And it works. Now firing someone for installing something on the network would be wrong. All I would do is tell them to remove it and explain why they should.

The FUD grows....

[Capt.+Beyond]

ahhh, it's bound to happen. FUD, from all sources, and every side, "battling" the "OS Wars". I suppose there's a place for every OS out there, even DR. DOS. If the shoe fits... wear it. Why does this war of words have to continue? Isn't there enough war in the world anyway? I'm so tired of "My OS can beat up yours". If I can complete the job using whatever OS I choose, why should it matter? If I had a job that DIDN'T allow me that choice, I would walk... Now, on the other hand, if you are a company developing Windows software, I could understand. It might be hard to get the command nmake to run on FreeBSD.

Chill out, dudes.. geeezzz....

Re:It's all about power. The end is predictable.

[Pig+Hogger]

The article chronicles Netware sneaking in when mainframes dominated. Then NT slithering in when Novell dominated. Now Linux is permeating (currently) NT dominated shops.

Anyone else see a pattern here? Ultimately, Linux, FreeBSD, or other open source tools will come to dominate because they meet the needs of the organization.

Hmmm. The titillating question one cannot help from deriving from your statement is "WHAT'S NEXT????"...

--
Americans are bred for stupidity.

History...

[CharlieG]

I know that most of the /. readers aren't old enough to remember this, but it sounds exactly like what happened with the PC revolution. (Yes I know the article mentioned it slightly)

Back when (say, Pre IBM PC, or the early PC days), there was a lot of "We can't do that" that came from the people in the Glass house. The way thing changed was that people BOUGHT their own PCs, and snuck them into work!

So, the Lan Admin says "You can't do that, it's a company PC" (Strains of the "Who" playing here - Meet the New boss, same as the old boss. We won't get fooled again) - What to stop you from setting up your own PC in the office (or for that matter, carrying a laptop), and even (gasp) setting up (Totally bootleg) your own LAN? The company doesn't own it That's how PCs snuck into the Fortune 500 to begin with

Charlie
(feeling old)

Re:Linux (its not about support)

[micahjd]

If you use it an enjoy it, great, but it adds nothing to your user experience if every Tom and Joe uses it as well.

If you assume that software is static and all users do is use the computer, that's true. But, the more users linux has, the more potential developers. That includes the C-and-perl-wielding geeks like me, "beta testers", and game companies.
;-)

It's sad to see geeks that are frustrated with the M$ assimilation, but they're too dizzy from the FUD ray to see their alternatives.

Try asking!!!

[msobkow]

None of the places I have worked would accept installing unauthorized software in their networks. It isn't an issue of NT vs. Linux vs. FreeBSD vs. whatever -- it's an issue of maintainability and security.

If you're in a small shop (less than 20 people), they often don't have the staff to maintain more than one OS. If you're in a large shop, there is a major issue of investment, repairability, tracability and responsibility. Sure I could install, admin, and maintain my own desktop Linux box -- I have a couple at home. But that isn't what the company/client pays me for. And who is going to pay for the reinstall of the system after I'm finished a contract?

Don't get me wrong -- I think Linux is great. I'd love to see WinXX and it's instabilities disappear. But that isn't my decision to make. This is up to the people responsible for the systems infrastructure.

That said, not one of the places I have worked has ever refused to let me install an alternative OS or software package, but I justify my request. That isn't to say I always get what I want -- there have been many times where sound business reasons have been given for not following my recommendation or request. Whether I agree or not, the final decision is up to the people responsible for the equipment, not some rogue employee who doesn't like the answer (s)he got.

Would you be surprised if you were fired for installing a virus? For putting untested code on a production system? What about replacing hardware because you weren't happy with your video card/modem/monitor/whatever? Then why would you be surprised to be fired for reformatting the whole system?

Bottom line is if you don't own the equipment and you don't have authorization to modify it or the software, you have no cause to complain if you get fired for going rogue.

Security and Local Root

[ayden]

My company has a very diverse UNIX network environment. As a UNIX sysadmin with an NT background I can say it's not Linux that causes the problem. We openly support our reasarch scientists, engineers and developers who use Linux. However, WE WILL NOT GIVE LOCAL ROOT TO OUR USERS. Period. It is too much of a security risk.

The is problem is when the users setup their own Linux boxen and keep root. What a way to make our day! Just what we need: rouge samba, appache, DNS and NIS servers! Packet storms anyone? Hacked passwords? RSH with root prilvidges on other machines?

Users don't realize that you fundamentally change the nature of a PC once you install Linux. You suddenly go from a broken windoz 9x box to a powerful UNIX machine. Therefore, we treat Linux as we do any other UNIX. No one gets local root. We disable all boot devices in the BIOS (CD-ROM, floppy, etc.) except the hard drive, Password protect the BIOS, and PHYSICALLY LOCK DOWN THE MACHINE.

Re:Security and Local Root

[ayden]

I was never paid to be an NT admin. Sure, I used NT for my previous job, but I'm Much Better Now! ;) I learned Linux at home, set up a home network and a firewall, set sercurity policies. Now I'm a UNIX admin, working with Linux, IRIX, Solaris and AIX.

Safe from packet sniffers?

[Alan+Shutko]

Ah, yes, preventing people from running their own Linux machine will keep sniffers from your network.

Well, except for your Win 9x clients. Oh, and any machine with a floppy (which can boot a DOS floppy). Oh, or laptops. But except for those, you're perfectly safe.

IT mgr's clamoring for job security

[RobertPearse]

"We're allowing them to run Linux as long as they allow us to manage it with Novell Directory Service."

that line is just to justify Dicomo's company's Novell expenditure. Chip Dicomo spent countless meetings selling mgmt on Novell. now, he's got a rogue linux box that makes NDS look unnecessary. of course, he's going to take a hard line! he has to justify his company's expense and his CNA training

furthermore, Jeff Shapiro firing employees that install linux is just plain stupid. any employer that takes a hardline with employees installing linux is going to be hurting in the hiring department real quick. c'mon, if you're smart enough to install linux and use it, you're already a valuable resource.

use 'em, don't lose 'em.

p.s. - if anybody been fired for installing linux, send me your resume. we'll hire you in heartbeat.

ZDNet has known this for years

[Cardinal]

:)

This Should Explain A Few Things

[flyneye]

Shapiro is a regular writer for them and it looks no more intellegent than the article we're reading now

The name...

[The+Evil+Beaver]

Actually, I'm Canadian (Beaver), and I style myself as somewhat of a James Bond type archvillain (Evil). Therefore, Evil Beaver isn't that much of a joke... Or is it?

I liked in particular...

[sulli]

Someone commented in response:

Fire anybody in IT who won't give me the tools I need?

It is my considered opinion that if IT won't let me have the tools I NEED TO HAVE to do the job, they should be fired from the top down, and their boatware should be destroyed. For what it's worth.

Re:I liked in particular...

[gss]

This is so true, sometimes people in IT don't realize that their job is serve the rest of the company and not the other way around. I work for a small software development company and we've been through a couple of net admins that just can't seem to grasp this.

Destroy their servers and fire them...

[chuckw]

"Destroy their servers and fire them"
- Jeff Shapiro in response to being asked about what to do to employees who sneak Linux on to the network.

If you'd like to inform Jeff how enlightened he is, you can find him at:

Kingsport City Schools
Jeff Shapiro
Technology Director
1701 East Centre Street
Kingsport, TN 37664
(423) 378-2145

And his e-mail is:

jshapiro@kpt.k12.tn.us
--
*Condense fact from the vapor of nuance*
25: ten.knilrevlis@wkcuhc

Linux in academic environment

[Roy+Ward]

It might be because I work in a university department, but our IT people have a very enlightened attitude: "If we install it (Windows NT is their main option), we'll support it, if you install it, you support it but we may help if we can". With that idea, the operating systems running in our office have included Windows NT, Windows 95 (I think), Windows 2000, BeOS, OS/2, Solaris, MacOS (OK, that one's pretty obvious on a Mac), and Linux. We are now pretty much settled on Linux, and Linux is slowly spreading through the department (helped by us). There is still the odd bit of software that we need Windows for which is why I still have dual-boot :-(.

When the inevitable M$-Word attachments arrive with email, if it's something we want to read, there will sometimes be a response like "can you please resend this in plain text so that people in the 9th floor research labs can read it?"

Of course, not all the university is like that - I know a person in another departmentment where they use the university's central IT services - and it's something like "You shall use the approved version of (for instance) Netscape (4.07 I think) and no other, and if you install _any_ software not on the approved list (even a later version of the same software) we shall came around and remove it". And they do. Ouch.

Fixing Samba is blindingly easy

[Cardinal]

All that's required is to spend a few minutes reading the docs on how to make Samba peacefully coexist with an NT domain. Really, it's quite simple.

Companies don't fire their best people

[Morgaine]

In reality, the unauthorized installation of Linux or any other open-source operating system on the corporate network would be a non-issue in any half-sane company, for the simple reason that it's almost entirely only the more competent techies that mess around with these things at work so openly.

However brain-dead management may be, it does not fire its top techies in any tech-based business. The repercussions of doing so should be obvious. It's far better and cheaper to fire the managers that object.

It's all about power. The end is predictable.

[alecto]

What all this comes down to is that IS in some organizations (like "Mr. 'Destroy their servers and fire them'," a top flight CIO from a Tennessee school district) is on a power trip.

As someone here pointed out, the glass house saw PC's as a threat to their power base, and IT created policies against them. They're doing the same thing with Linux--it's something they don't understand, don't want to learn, that cuts into their power base.

The article chronicles Netware sneaking in when mainframes dominated. Then NT slithering in when Novell dominated. Now Linux is permeating (currently) NT dominated shops.

Anyone else see a pattern here? Ultimately, Linux, FreeBSD, or other open source tools will come to dominate because they meet the needs of the organization.

Just like computing managers saying things like "PC's are just a fad, big iron and dumb terminals are where it's at" adapted or left, those saying "Linux is non-standard, unauthorized, and a fireable offense" won't be able to stay in denial forever.

disappointing

[matman]

Obviously, users shouldnt be adding software without IT getting a chance to test possible behavior in a network... but if your users feel that they can be more productive with a different tool, IT depts shouldn't be stopping them. An IT managers job is to keep users productive and to manage the tools that they use. It's sort of disappointing that the 'you\'re on your own' view pervades so many managers. If your users want to use Linux more than Windows, it suggests that your users know more about it than you do. If that's true, then you're probably not doing the best job as an IT manager. Why should users have to support their IT tools when you're being paid to do it for them? Come on! The only problem is not that users are adding untested software to production environments; its that IT departments are forcing them to do it without testing.

IT Nazis

[Kajota]

From the Article...

"IT organizations have standards and policies and renegade anythings should not be tolerated," he says. "If the company's IT structure is so weak that it's politically impossible to prevent or correct this, then it points to larger problems within the organization.""

Every place I've worked the IT people treat the rest of the employees like crap. Taking their servers down at inopportune times to do upgrades, having to get an IT person whenever you need to set the system time on your PC (I use GMT they use local).

They treat the employees in the company like unwanted people who they have to let use their network

IT people need to realize that the people on your network are your customers. You need to treat them as such. I've always thought that a company should have a seperate company run their IT stuff so that the IT people could be held more accountable.

I understand the need for control on a network but it has been my experience that to get anything other than the norm on your PC is almost impossible.

It's called a proxy server

[Cardinal]

A proxy server that does NT authentication, and doesn't let you log into it through your web browser.

The company I work at was running that setup for months, but only because the staff at the time didn't have a better alternative.

As such, I was stuck in Windows for the first few months of my time there. But, since MS proxy is such a miserable piece of shit, they got sick of trying to keep it functional, and switched to a proxyless network. 30 minutes later, I was in X. :)

My own solution.

[mindstrm]

Well...
1) The entire corporate network is properly firewalled; this is a key point. They don't open up a 'security risk' by using linux on their workstation.
2) I won't support it, unless they ask appropriate questions.
3) I won't freak out.
4) I ask why they did it. Usually it's because they actually need it to do their work (programmers). I am not there to tell them what tools they need to do their job; I am there to assist with making those tools work for them.

Really. The only reasons IT should get pissed are:
1) License violation
2) Security violation

Period.
I make it clear that I can't support it to the same degree as the 'official' software, that they better be able to deal with it on their own. THis is never a problem.

The Sith Lord Speaks

[jeffshapiro]

Darth Shapiro here. To Corvi42: Thank you! You gave me the only good laugh out of this entire less than totally credible experience.

Now, here's the reality. Our network is used for both educational and administrative purposes. Admittedly, it's not very tight, and we're working on it. There's a dearth (not Darth) of good security talent out this way, as most folks head for the megalapoli. Anyone want to volunteer some expertise?

Because it's used for admin it carries student data, which puts it under the Federal Electronic Records Protection Act (FERPA) and the Childrens Online Privacy and Protection Act (COPPA).

Most threats aren't from outside, though. Stats say the worst security risks come from within. THAT's why I have to take a hard line against rogue environments (doesn't matter what type. If you set up an Apple IIe with port sniffer capability I have to come after you). Because it's a clear violation of FERPA and against the district's Appropriate Use Policy (Federally mandated, Board approved), my recommendation HAS to be the severest penalty available, usually termination. Anything else opens the district to legal liability from the community or the Feds.

Another poster had a good chuckle over the idea of firing teachers, by the way. He's absolutely right. A teacher would just about have to commit and be convicted of a felony before we could fire them, and of course IT has no control there. All I do is present the facts and supporting evidence to our Personnel people along with my recommendation and they take it from there. In a corporate environment, no such barriers exist.

By the way, when it comes to user requests for non-standard items I never say no, except when the proposal compromises network integrity or security. Then I have to. Anything else, I say, "sure, but I have 6 people for 1,000 administrators and teachers, 6,700 kids, and 2,600 machines at eleven physical sites. Support's gonna be sketchy at best". The trick is, you have to talk to us first!

Also by the way, we use Gigabit Ethernet on the backbone at the high school and two elementaries, with Fast Ethernet classroom drops. The other schools are either Ethernet or Token Ring, being upgraded as time and budget permit. Our Internet access is broadband at up to 33 Mbps, which makes us the fastest district on a student/megabit basis in the state, possibly the country. Every computer in the district has Internet access, so don't be dissing East Tennessee.

I'm not anti-Linux either. World reality is that MS is ruler of the corporate roost, at least for now, so most (not all) of our desktops are Win9X. The computer science program at the high school uses Mandrake something or other, and I use Storm 7 on some IBM Netfinities that are too finicky to run anything else. Most of the servers are NetWare, because all we need is file and print along with *enterprise-wide* directory services, and it's cheap because we buy the Novell SLA at $2 per student per year.

We're also using Win2000 with Terminal Services a lot, and will more in future. Thin client/terminal server will simplify life for everyone and save us a lot of support time and money.

Please don't assume that I'm an evil slime because of a single qoted line in a short article, even though the quote was entirely correct. You have to know the CONTEXT to understand the total reality. This will be my only post on the topic. The personal insults are beneath the notice of any rational, reasonable person.

Respectfully submitted,

Jeff Shapiro

Shapiro is an IT genius

[glomph]

mailto:jshapiro@kpt.k12.tn.us

The mail server on this domain is an OPEN RELAY.

I suggest that this guy is a total imbecile.

But you knew that.

You mean DEmote.

[Alanzilla]

If I found out that someone had been using Linux without talking to me about it, I'd ask them if they'd be interested in doing more IT work.

I'd also address why they hadn't felt comfortable talking to me about it. Communication problems can bite you in the ass later on. Mostly, though, I'd be proud, and a little bit scared, to have a fellow geek on board.

I am a developer. I produce.

You work for me.

Jeff Shapiro's secret fantasies

[corvi42]

"Destroy their servers and fire them," says Jeff Shapiro, director of technology for the Kingsport, Tenn., public schools.

...
Reality shudders a bit and suddenly Shapiro is wearing a black cloak and a shiny black plastic helmet. The evil Sith Lord then turns and returns to his meditation chamber where he contemplates his plan to turn not only his estranged jedi son, but indeed all the children of Tennessee to the dark side.

Suddenly a report from his fleet admirale comes in - some rebel spies have installed Linux on a deathstar console in the computer room of the local public school. Holstering his lightsaber, Darth Shapiro takes a shuttle down to the location where the insidious rebels are being held. "It is pointless to resist, soon the rebellion will be crushed and all you Linux users will be one of us!"
...

Anyone else find this guy's perspective just a touch wacked? Maybe I was mistaken, but I was under the impression that the whole point of having IT departments in any organization was to help other employees and users of the organization to do their work more efficiently? not to be the software police. If someone finds it easier to use linux than IT dept. policy software isn't this a good thing? aren't productive happy employees a good thing? maybe I made a mistake somewhere - perhaps the real point of IT is as a shelter for those poor tortured control freaks who failed in successful careers with the thought police and ended up in public education instead and need to take some kind of petty sadistic revenge upon others to fill their hollow lives with anything even remotely resembling purpose. Oops - getting a bit personal here am I? How about firing people - that's not very personal is it?

E-Mail Shapiro

[flyneye]

mailto:jshapiro@kpt.k12.tn.us..
ask what he thinks of our revue of his work

My school persecutes NT - What is a "license"?

My school district's wan is administered by a tall, lanky DeVry man who refuses to acknowledge the possibility of using anything but Win95 + Novell 5 on the network. When I installed NT on my machine in the journalism room (I was sick of it freezing and its lack of a KILL PROCESS!!!! function..) I was promptly smacked down by the administrator and his goons. I explained that it didn't matter because NOBODY ever uses the school's file server and that I didn't need net access to do Pagemaker layout. They countered that I couldn't install NT without the school owning a license of it. I own an NT cd. MS gave it to me with VC++. Didn't I effectively give the school the 'license' when I okayed the license agreement in the installation process? They told me it was still illegal. What the hell?

-You can build a man a fire and keep him warm for a day, or you can set a man on fire and keep him warm for the rest of his life.

My employer gave me an award

[SpamapS]

After several evil crashes/restores on my Win98/NT laptop, I got fed up and installed Linux. I then bought VMware, and ran it in full screen mode. It includes an "undo" option, so at the next crash, I just "undid" that day's changes, and viola! I was back up and running.

My boss was none the wiser until one day he saw me flipping over to my E desktop from Windows. He was so impressed at the ingenuity that he gave me a $50 "Lunatic Fringe" award for doing things my own way.

Just another reason why I love my job! They let me bake my cake and eat it to! :)