I'm not really sure what you guys are concerned about. I get taxed out the ass but I don't really see much of a problem with it.
Amusingly enough....Maryland has also been a leader in the nation for job growth for a large duration of the "recession". We were far less hit with it than anyone else around us.
This guy is looking at extremely customized, many hours worth of work or days setups. If he can figure out even a fraction of that, he can figure out Windows SBS. If he can't, he's in the wrong job.
In this case, he can use whichever phones he wants. Since most phones integrate with Exchange (iPhone, Android devices)--it frees up his boss to buy whichever phone he damn feels necessary to purchase.
Keep in mind, the original requirements was that he not put anything into the cloud. Understandable, but there's a certain cost associated with not putting things into the cloud. Again, amost every flavor of smart phone supports IMAP/POP/Exchange e-mail relatively simply.
You're assuming that one pays retail pricing on the operating system. On a really superbly low-end HP Server, SBS 2008 is $750 additional cost. This includes 5 CALs.
Personally, for cost-reasons for such a small company I'd highly recommend putting things on G-Mail and calling it a day. Install MS Office when necessary, and that's that. You're right, it's completely not worth the cost--but I wager given the web technologies today, you're not going to build something that competes with Google for the most flexibility and small business pricing.
That said, he's going to have more of a hell of a time trying to get OSS solutions to work and he would spend on doing it with G-Mail or Microsoft products.
Guaranteed.
In fact, the shit integrates so well--that my iPhone hits google and my work's Exchange for Calendar events. In addition to being able to sync calendar events from my local Outlook.
Simply put: Stop trying to reinvent the wheel. Many people smarter than you have already done the hard parts, and it's superbly dumb to try to do it any other way.
You should ask yourself during this trial on how many more business-specific applications you're going to have to dig around for and come up with hobbled-together solutions when you could have very well done this easily with Windows SBS/Exchange and been done with it. In fact, you'd be already most of the way finished doing this if you just used SBS.
Your boss can focus more time on actually conducting business and less time trying to come up with "OSS" ways to do it.
Remember, IT works for business--not the other way around. Sometimes you need to make concessions on this.
Actually, the tea party existed in a few other forms earlier on, they were just never heard. It's a rising discontent that is creating the "tea party" to attract more momentum to the movement.
Under Windows XP, if something gets by the AV (which does happen from time to time), it will execute with full Administrative privileges. From there, it can do whatever it wants to your system.
At least under 7, by default it can't--and anything that tries to do anything will alert the user. While many users might simply click "Yes" to the prompt, that still puts the burden on the user. And more importantly, it can't just happen "behind the scenes" like it used to. IE and Chrome voluntarily lower their privileges in Windows, which further restricts what they can do and where they can write to. Firefox does not. Therefore, a vulnerability exploited in FF is more dangerous than anything in IE or Chrome on Windows Vista or 7.
You're an idiot because your opinions are already biased by the fact that you "refuse to give Microsoft" your money. I must give you kudos for not using M$ though, so thanks for that. But nonetheless, when you already approach an argument about their Operating Systems with an added bias about the company, it's hard to take any opinion you have objectively.
The latter remark I made regarding reduction in spyware and viruses is directly the result of the significantly extra protections added in Vista/7 to help protect end users. This is pretty much a fact of the products. You could be the most vigilant person in the world and you can still get a virus loaded onto your system. I'd rather reduce the attack surface they have to exploit.
You have to keep in mind that vulnerability ratings on websites (such as secunia) don't take into account the environment that it's running in. For example, a "critical" vulnerability in a browser might not actually be be that critical to you as a user. An example is, you could be using Firefox on Linux with a heavily restricted user account that has no local privilege escalation point. Every website will rate the vulnerability as critical, but your environment makes it not as critical to you. Taking that statement there, with various protections added in Windows (UAC in particular), the amount of damage that can be wreaked by a specific vulnerability is significantly reduced. Particularly if you use IE or Chrome rather than Firefox. The former 2 of which lower their privilege use on the system and require elevation to execute.
Nonetheless, you're still "vulnerable" a lot of the time. You could visit websites that you think are safe that have a compromised banner ad or webserver that got exploited with some compromised javascript. You could counter this with "oh I use adblock/noscript!", but then when you have to turn on javascript to get the site itself to work--you're kinda screwed. While these windows of opportunity are relatively rare, they do exist--and you cannot assume "perfect" security by simply only visiting sites you think are safe (though it does help).
If you're willing to just pirate it you have no say in the matter, you're an idiot--and I hope people do not listen to you for IT advice.
I've seen a substantial drop in requests from people regarding viruses by having moved to Vista/7 over the years. In fact, it could be argued that this is bad business practice by recommending software that I won't have to fix every month. But the fact of the matter is that I get tired of consumers bugging me to make sure that their data is fully protected, that they won't ever get viruses, etc. The attack surface on Vista and 7 is substantially reduced in comparison to XP. And this is great. The years of silent install activex objects are long behind us, the massive spyware used to install on peoples' PCs.
The closest we see to this now is the "PC Antivirus 2010" stuff that still hangs around largely due to its social engineering techniques. But back in the day, all I had to do was visit some random websites and get an XP machine infected with spyware and viruses. Vista and 7 have substantially reduced their market.
I'm not going to beat the dead horse because a number of people said this already, but you absolutely need to have defense in depth. Some stuff you can forego, others you cannot. In fact, I'd wager more for host-based firewalls than route-based firewalls for the simple fact that you can control each host individually if needed, and you leave no rock uncovered for your security.
For example:
Clients <-> Firewall <-> Servers
You might be able to protect clients -> servers and servers -> clients, but clients -> clients and servers -> servers are not protected.
Now, if you did host-based on each, you could at least lock down to the application/port level.
Beyond that, you would need some more advanced stuff.
It shouldn't be any more painful than either managing something like group policy (If you're using Windows, this is a snap) or managing routers/hardware firewalls. In fact, it would likely combine the functions as needed.
Yeah, it's unfortunate that these guys don't understand the concept that you can do this across thousands (tens of thousands) of desktops in Windows rather easily, and that it's a highly scalable solution, and as long as you've got a couple of domain controllers in the backend, quite a bit fault tolerant to boot.
Just to add on to what joelleo is talking about:
-Group Policy applies to OUs, Sites, Domains, and (after 2003/GPMC) allows you to do security group filtering. -User John is in the Call Center department. He needs certain rights locked down on the machine. You create John's AD user, throw them in the call center OU, and they'll get all the policies applied. -Later on, John is moved to the Sales department. Sales has a different set of policies, say, his machine is more open and lets him customize it a bit more, he needs certain software, he needs a different company homepage, requires different browser security zones. You simply drag his user to the new OU, reboot his machine, and he's good to go.
This sort of flexibility where you worry more about the business than the actual technical hurdles of trying to do this is something that Linux cannot provide.
Actually, for the record, after reading the text and noting on Slashdot I promptly sent a note to both of my state Senators and my House Representative expressing my disliking of said measure.
Not to get too political here, but those of us in the know knew that this sort of thing was going to come up when we voted for Obama since we were well aware of Biden's industry-friendly attitude. Unfortunately, it was this or some of the worst, laughable "politicians" you could ever consider to be put into a Presidential Office. Either way, I'm still glad that the alternative did not make it into office.
You might want to consider telling this to your buddies, because anywhere else on the internet, "free market" means "completely unregulated." Any laws put in place by the government that "restrict" a private entity to sell or purchase whatever it is they want is regulation. I'd bring up the stuff about cocaine being sold in Coca-Cola, or heroine being sold as a teething agent for babies--but these are things that most "teabaggers" accept as necessary regulation, but it's the same principle applied to everything else. Some stuff just needs regulation so large corporations cannot harm the greater good. Where that line is drawn, however, is usually up for debate. On a technology note, I feel that anything that hinders forward moving technological progress as a barrier. Think of it like a wall of water and a dam. The water (the ideas that people have, the people, the overall technology usage) are going to push forward regardless (increased YouTube usage, increased wireless internet usage, increased mobile internet usage), and the companies are trying to set up barriers (data caps, strict control of devices and software) to prevent that. But not only are the companies strictly blocking consumers, but they're also blocking potential future markets. And it seems kind of odd that in this day and age, where we are in need of *something* to really bring back this economy, that an area of consistently proven, massive, and fast growth (i.e. the Internet), that we allow such blocks on access to that global network. And this is where I feel that government regulation should step in.
Unfortunately for these larger carriers, we need to redefine what it means to be someone that provides access to the internet. At this point, the Internet itself is a public good, and is in the best interests of everyone involved (despite the fact that sites such as 4chan exist). And since it is a massive, public good, that has created ridiculous amounts of wealth and has opened vastly new opportunities for people to make money, it needs to be treated differently. It shouldn't be "you are connecting to the company's network", it should be "the company is a gateway to the Internet cloud." I guess an analogy I would try and use (oh I love analogies, sorry, I use them a lot because I have to talk technical speak down to a lot of non-technical people) is that the Internet is more like our land and our country, our Earth itself. In the real world, to get from Point A to Point B, we have decided that interstate highways and roads should fall under the public good, because commerce between areas is a great thing. Right now, the internet doesn't have the equivalent of public roads. It'd be like driving from DC to Baltimore and hitting multiple private areas where each person that owns that area charges a toll to let you through to where you need to go. And worse yet (for lower tier carriers), they get charged with your toll (though they ultimately charge you more to make up for the toll they pay).
If anyone can't see why we need to vastly rethink what all of this means, they need to be smacked.
Amusingly enough this has been finally mentioned, but what I've been thinking the most is how many applications use my GPS data for something other than just pointing out my location? Nearly ever major app has this now--particularly restaurant locators and movie theater locators. But you gotta wonder how many of them are collecting that GPS data.
I don't really see much wrong with it, it's far more accurate than "zip code" location that are otherwise used in marketing
I have never met an IT person nor worked in a place of IT where I can honestly say we have ever put down a woman that works in the field. But keep in mind, there is a difference here. Something so many women seem to forget.
IT nerds don't have to give you respect *because you're a woman*.
IT nerds give respect *when you know what you're doing*.
This is a key difference, because we (used to) have a ton of women in our company in IT that commanded a lot of respect. These smart, knowledgeable, and powerful women left the job not because of the men, but because of the pressures of the job (our DBA left because she was having to get up at 12AM to do database maintenance stuff because of a contracted developer we had).
Just an FYI, even though Apple has some of the most draconian app policies ever--they have never remotely nuked an application from someone's phone. They have taken apps off of the market, but they have never actually removed it from your device. I ran GVMobile for a long time until it stopped properly authenticating, for example.
"Take your business elsewhere". And it would mean nothing to any of those companies in the end. It might mean something to the guy that sold 500 copies of his game, but you taking your WHOLE $50 somewhere else when a game is selling 4,000,000 copies isn't really going to affect anything.
Slashdot Mirror
I'm not really sure what you guys are concerned about. I get taxed out the ass but I don't really see much of a problem with it.
Amusingly enough....Maryland has also been a leader in the nation for job growth for a large duration of the "recession". We were far less hit with it than anyone else around us.
This will teach you to listen to the mac junkies for business design.
This guy is looking at extremely customized, many hours worth of work or days setups. If he can figure out even a fraction of that, he can figure out Windows SBS. If he can't, he's in the wrong job.
In this case, he can use whichever phones he wants. Since most phones integrate with Exchange (iPhone, Android devices)--it frees up his boss to buy whichever phone he damn feels necessary to purchase.
Keep in mind, the original requirements was that he not put anything into the cloud. Understandable, but there's a certain cost associated with not putting things into the cloud. Again, amost every flavor of smart phone supports IMAP/POP/Exchange e-mail relatively simply.
You're assuming that one pays retail pricing on the operating system. On a really superbly low-end HP Server, SBS 2008 is $750 additional cost. This includes 5 CALs.
Personally, for cost-reasons for such a small company I'd highly recommend putting things on G-Mail and calling it a day. Install MS Office when necessary, and that's that. You're right, it's completely not worth the cost--but I wager given the web technologies today, you're not going to build something that competes with Google for the most flexibility and small business pricing.
That said, he's going to have more of a hell of a time trying to get OSS solutions to work and he would spend on doing it with G-Mail or Microsoft products.
Guaranteed.
In fact, the shit integrates so well--that my iPhone hits google and my work's Exchange for Calendar events. In addition to being able to sync calendar events from my local Outlook.
Simply put: Stop trying to reinvent the wheel. Many people smarter than you have already done the hard parts, and it's superbly dumb to try to do it any other way.
You should ask yourself during this trial on how many more business-specific applications you're going to have to dig around for and come up with hobbled-together solutions when you could have very well done this easily with Windows SBS/Exchange and been done with it. In fact, you'd be already most of the way finished doing this if you just used SBS.
Your boss can focus more time on actually conducting business and less time trying to come up with "OSS" ways to do it.
Remember, IT works for business--not the other way around. Sometimes you need to make concessions on this.
Actually, the tea party existed in a few other forms earlier on, they were just never heard. It's a rising discontent that is creating the "tea party" to attract more momentum to the movement.
@cheekyjohnson
Under Windows XP, if something gets by the AV (which does happen from time to time), it will execute with full Administrative privileges. From there, it can do whatever it wants to your system.
At least under 7, by default it can't--and anything that tries to do anything will alert the user. While many users might simply click "Yes" to the prompt, that still puts the burden on the user. And more importantly, it can't just happen "behind the scenes" like it used to. IE and Chrome voluntarily lower their privileges in Windows, which further restricts what they can do and where they can write to. Firefox does not. Therefore, a vulnerability exploited in FF is more dangerous than anything in IE or Chrome on Windows Vista or 7.
You're an idiot because your opinions are already biased by the fact that you "refuse to give Microsoft" your money. I must give you kudos for not using M$ though, so thanks for that. But nonetheless, when you already approach an argument about their Operating Systems with an added bias about the company, it's hard to take any opinion you have objectively.
The latter remark I made regarding reduction in spyware and viruses is directly the result of the significantly extra protections added in Vista/7 to help protect end users. This is pretty much a fact of the products. You could be the most vigilant person in the world and you can still get a virus loaded onto your system. I'd rather reduce the attack surface they have to exploit.
You have to keep in mind that vulnerability ratings on websites (such as secunia) don't take into account the environment that it's running in. For example, a "critical" vulnerability in a browser might not actually be be that critical to you as a user. An example is, you could be using Firefox on Linux with a heavily restricted user account that has no local privilege escalation point. Every website will rate the vulnerability as critical, but your environment makes it not as critical to you. Taking that statement there, with various protections added in Windows (UAC in particular), the amount of damage that can be wreaked by a specific vulnerability is significantly reduced. Particularly if you use IE or Chrome rather than Firefox. The former 2 of which lower their privilege use on the system and require elevation to execute.
Nonetheless, you're still "vulnerable" a lot of the time. You could visit websites that you think are safe that have a compromised banner ad or webserver that got exploited with some compromised javascript. You could counter this with "oh I use adblock/noscript!", but then when you have to turn on javascript to get the site itself to work--you're kinda screwed. While these windows of opportunity are relatively rare, they do exist--and you cannot assume "perfect" security by simply only visiting sites you think are safe (though it does help).
If you're willing to just pirate it you have no say in the matter, you're an idiot--and I hope people do not listen to you for IT advice.
I've seen a substantial drop in requests from people regarding viruses by having moved to Vista/7 over the years. In fact, it could be argued that this is bad business practice by recommending software that I won't have to fix every month. But the fact of the matter is that I get tired of consumers bugging me to make sure that their data is fully protected, that they won't ever get viruses, etc. The attack surface on Vista and 7 is substantially reduced in comparison to XP. And this is great. The years of silent install activex objects are long behind us, the massive spyware used to install on peoples' PCs.
The closest we see to this now is the "PC Antivirus 2010" stuff that still hangs around largely due to its social engineering techniques. But back in the day, all I had to do was visit some random websites and get an XP machine infected with spyware and viruses. Vista and 7 have substantially reduced their market.
And this is a bad thing? I make it a point to go to a Fry's every time I go out west. We don't have them here :(
I'm not going to beat the dead horse because a number of people said this already, but you absolutely need to have defense in depth. Some stuff you can forego, others you cannot. In fact, I'd wager more for host-based firewalls than route-based firewalls for the simple fact that you can control each host individually if needed, and you leave no rock uncovered for your security.
For example:
Clients <-> Firewall <-> Servers
You might be able to protect clients -> servers and servers -> clients, but clients -> clients and servers -> servers are not protected.
Now, if you did host-based on each, you could at least lock down to the application/port level.
Beyond that, you would need some more advanced stuff.
It shouldn't be any more painful than either managing something like group policy (If you're using Windows, this is a snap) or managing routers/hardware firewalls. In fact, it would likely combine the functions as needed.
150Kbps, not KBps.
If you're going to spend money why don't you just buy a damn SBS and use AD?
Yeah, it's unfortunate that these guys don't understand the concept that you can do this across thousands (tens of thousands) of desktops in Windows rather easily, and that it's a highly scalable solution, and as long as you've got a couple of domain controllers in the backend, quite a bit fault tolerant to boot.
Just to add on to what joelleo is talking about:
-Group Policy applies to OUs, Sites, Domains, and (after 2003/GPMC) allows you to do security group filtering.
-User John is in the Call Center department. He needs certain rights locked down on the machine. You create John's AD user, throw them in the call center OU, and they'll get all the policies applied.
-Later on, John is moved to the Sales department. Sales has a different set of policies, say, his machine is more open and lets him customize it a bit more, he needs certain software, he needs a different company homepage, requires different browser security zones. You simply drag his user to the new OU, reboot his machine, and he's good to go.
This sort of flexibility where you worry more about the business than the actual technical hurdles of trying to do this is something that Linux cannot provide.
And unfortunately for humanity, 500,000,000 other users won't care.
Actually, for the record, after reading the text and noting on Slashdot I promptly sent a note to both of my state Senators and my House Representative expressing my disliking of said measure.
Not to get too political here, but those of us in the know knew that this sort of thing was going to come up when we voted for Obama since we were well aware of Biden's industry-friendly attitude. Unfortunately, it was this or some of the worst, laughable "politicians" you could ever consider to be put into a Presidential Office. Either way, I'm still glad that the alternative did not make it into office.
first?
@AC
You might want to consider telling this to your buddies, because anywhere else on the internet, "free market" means "completely unregulated." Any laws put in place by the government that "restrict" a private entity to sell or purchase whatever it is they want is regulation. I'd bring up the stuff about cocaine being sold in Coca-Cola, or heroine being sold as a teething agent for babies--but these are things that most "teabaggers" accept as necessary regulation, but it's the same principle applied to everything else. Some stuff just needs regulation so large corporations cannot harm the greater good. Where that line is drawn, however, is usually up for debate. On a technology note, I feel that anything that hinders forward moving technological progress as a barrier. Think of it like a wall of water and a dam. The water (the ideas that people have, the people, the overall technology usage) are going to push forward regardless (increased YouTube usage, increased wireless internet usage, increased mobile internet usage), and the companies are trying to set up barriers (data caps, strict control of devices and software) to prevent that. But not only are the companies strictly blocking consumers, but they're also blocking potential future markets. And it seems kind of odd that in this day and age, where we are in need of *something* to really bring back this economy, that an area of consistently proven, massive, and fast growth (i.e. the Internet), that we allow such blocks on access to that global network. And this is where I feel that government regulation should step in.
Unfortunately for these larger carriers, we need to redefine what it means to be someone that provides access to the internet. At this point, the Internet itself is a public good, and is in the best interests of everyone involved (despite the fact that sites such as 4chan exist). And since it is a massive, public good, that has created ridiculous amounts of wealth and has opened vastly new opportunities for people to make money, it needs to be treated differently. It shouldn't be "you are connecting to the company's network", it should be "the company is a gateway to the Internet cloud." I guess an analogy I would try and use (oh I love analogies, sorry, I use them a lot because I have to talk technical speak down to a lot of non-technical people) is that the Internet is more like our land and our country, our Earth itself. In the real world, to get from Point A to Point B, we have decided that interstate highways and roads should fall under the public good, because commerce between areas is a great thing. Right now, the internet doesn't have the equivalent of public roads. It'd be like driving from DC to Baltimore and hitting multiple private areas where each person that owns that area charges a toll to let you through to where you need to go. And worse yet (for lower tier carriers), they get charged with your toll (though they ultimately charge you more to make up for the toll they pay).
If anyone can't see why we need to vastly rethink what all of this means, they need to be smacked.
Amusingly enough this has been finally mentioned, but what I've been thinking the most is how many applications use my GPS data for something other than just pointing out my location? Nearly ever major app has this now--particularly restaurant locators and movie theater locators. But you gotta wonder how many of them are collecting that GPS data.
I don't really see much wrong with it, it's far more accurate than "zip code" location that are otherwise used in marketing
http://kernelnewbies.org/Ext4#head-38e6ac2b5f58f10989d72386e6f9cc2ef7217fb0
That's how come online defrag is going into ext4.
defragging is necessary even on Linux-based systems, that said--we've also got hardware fixes for this, they're called SSDs.
I have never met an IT person nor worked in a place of IT where I can honestly say we have ever put down a woman that works in the field. But keep in mind, there is a difference here. Something so many women seem to forget.
IT nerds don't have to give you respect *because you're a woman*.
IT nerds give respect *when you know what you're doing*.
This is a key difference, because we (used to) have a ton of women in our company in IT that commanded a lot of respect. These smart, knowledgeable, and powerful women left the job not because of the men, but because of the pressures of the job (our DBA left because she was having to get up at 12AM to do database maintenance stuff because of a contracted developer we had).
Sounds like what I deal with when it involves management. And I'm a guy. Welcome to IT.
Just an FYI, even though Apple has some of the most draconian app policies ever--they have never remotely nuked an application from someone's phone. They have taken apps off of the market, but they have never actually removed it from your device. I ran GVMobile for a long time until it stopped properly authenticating, for example.
"Take your business elsewhere". And it would mean nothing to any of those companies in the end. It might mean something to the guy that sold 500 copies of his game, but you taking your WHOLE $50 somewhere else when a game is selling 4,000,000 copies isn't really going to affect anything.