Slashdot Mirror
Pleasing Google's Tech-Savvy Staff
An anonymous reader writes "Douglas Merrill, Google Inc.'s chief information officer, is charged with answering that question. His job is to give Google workers the technology they need, and to keep them safe — without imposing too many restrictions on how they do their job. So the 37-year-old has taken an unorthodox approach. Unlike many IT departments that try to control the technology their workers use, Mr. Merrill's group lets Google employees download software on their own, choose between several types of computers and operating systems, and use internal software built by the company's engineers. Lately, he has also spent time evangelizing to outside clients about Google's own enterprise-software products — such as Google Apps, an enterprise version of Google's Web-based services including e-mail, word processing and a calendar."
Reload the page, it worked for me. Looks like their server is having a minor case of slashdotting.
Curiosity was framed, Ignorance killed the cat.
From the article:
Is crushing a suspect's child's testicles illegal?
John Yoo: "No, [if] the President thinks he needs to do that."
If you are interested in how these recursive tools work, check valgrind's documentation (interesting because it relates a bit how some design decisions were made so that valgrind could be used on itself) for example.
Does IT make the company money? No, not a dime, they're a money sink-hole like electricity and phones. They don't call the shots just like the maintenance man doesn't call the shots. IT departments need to be enablers. When IT crosses the line from preventing you from installing tons of crap on your desktop to killing the rollout of a platform that generates revenue, someone in management should have been fired on the spot, no questions asked. IT should never dictate a product, only internal policy.
This app started in PHP before I was here. When I came in, I rewrote it in PHP to make it more efficient and strip out some of the fat. There were emails with IT on it and they didn't seem to care. It wasn't until the app got popular and used that it became an issue.
My management did their best to fight it, but IT has a strong pull here I guess.
The greatest experience we can have is the mysterious.
- Albert Einstein
I feel with you. The several IT departments I wored with have the same attidute of not wanting to change anything and forbid everything that could hinder them.
The worst I have seen was where I requested an email to be send from a a system. I knew it was possible. What was even worse was the fact that they had bought the CRM package for a LOT of money, because it was able to do so.
So when I asked if it would be possible to implement it, the answer was that I needed to fill out a request. I told them I could only fill out the request if I knew how much money it would cost.
Catch 22. The procedure on how to do things was written and nothing could change that.
I have seen IT departments that were unable to remove certain rights from people if they would not need them anymore, because there was no procedure for it.
I myself had, due to human error, access to each and every place in the building. More then anybody else. When I mentioned this, they told me that because I got it, somebody must have OKed it so I have the right to it.
IT departments just LOVE procedures. Basicaly because they are so easy to put in logical yes and no questions and answers. They should start with some debugging of their procedures and realise that the real world is more then if, then, else.
It seems that the person at Google has done just that.
Don't fight for your country, if your country does not fight for you.
Show me how.
And traditional viruses/spyware won't do that.
The trouble is, modern OSes are reasonably secure at this point, and you can bet the external-facing IPs are going to be locked down. Same with internal services -- some random developer's desktop might be open, but the service is going to be secure. So what you're talking about is someone actively making a "hacking" attempt at something that, to my mind, looks pretty much impenetrable.
The only other option is something more insidious -- set up a website which exploits some browser flaw, then hope someone at Google sees it. Or sit around a wifi hotspot, praying that someone logs on with a laptop that's vulnerable, infect it, set it to phone home, then pray it is actually able to phone home, and that Google doesn't take a peek at exactly where it's phoning home to.
And a successful variation of this is still just going to give you the one insecure machine. It's not going to give you the entire network. It's probably got less of a chance of doing that than if they were extremely anal-retentive in their security policy (and refused local-admin rights, etc), because it's going to be a heterogenious network.
But then, you did just provide the perfect counterargument: The first hacker to take down their network, either internal or external facing, would be infamous. Therefore, people are trying. It's not working. Therefore, whatever Google is doing for security is working.
Don't thank God, thank a doctor!
Yes. At least in Germany. Here, you, the purchaser, need to able to reed the EULA/ToS before even buying the software.