I've had decent luck with CFLs, with the only downside being that one has to be careful due to the small amount of mercury in them if they get broken (so I would try to find enclosed bulbs for safety reasons.)
The latest generation of LED bulbs is heads and shoulders above CFLs in almost every respect that I tossed all the glass tube lights. If dropped, it might dent the heat sink, or at worst dent the bulb portion, no broken glass. The life expectancy is a lot longer than CFLs, and they do not use much electricity, especially compared to incandescent bulbs. Of course, color temperature matters a lot. The cheapies have the undead-looking blue-white while the more expensive ones have a warmer white.
LEDs are also a must when RV-ing. LED bulbs use 1/5 to 1/7 as much electricity as incandescent bulbs, which make a big difference when boondocking in the middle of nowhere.
LEDs are also sensitive to voltage spikes. A light bulb filament can handle somewhat dirty power, but a LED, once it crosses its absolute voltage threshold, is done for. With salt water corrosion, there is always the chance of a short or some electrical glitch which might cause the LEDs to fail.
I've seen some interesting heating element solutions. A small electrical resistance heater that is turned on when the temperature is low is a lot more efficient than a regular light bulb. Of course, when the weather is above freezing, the heater turns off, so that is more energy saved.
Keeping LED lights in traffic signals visible might take little engineering, but it isn't something insanely difficult.
LEDs are used for fiber optic transceivers, and flip on and off millions of times a second. If they would end up frying in a short time. Being in IT, I have never encountered failure of a LED (if multiple mode) or laser diode (if single mode, "don't look down fiber with remaining eye") in a network adapter. It either fails immediately, or it works indefinitely. Of course, this isn't 100%, but in my experience, LEDs can handle a lot of switching, far more so than a light bulb filament.
To boot, it isn't hard to make decent security. I was using NetBotz over ten years ago and never have heard of any security problems with their design.
I would say that TC is above almost all security software in that the source is available at all. There are a lot of utilities out there that there is no source available for unless one is a large government.
TC at least has a level playing field. China might have the source code, but at least you do too.
Sometimes it is good to have recorders. A crash happens, lawsuits fly, but the truck's dash cam sees it was a another car doing a swoop and squat from the breakdown lane in an attempt to run the semi off the road. This is not uncommon on I-35 in Austin where there have been semis jack-knifed by people deliberately wanting to cause wrecks.
There has to be a balance somewhere. I've wondered about mandatory data expiration laws, but this would take a lot of crafting so as to actually be usable, have teeth, and not be easily weaseled out of.
If I read the article correctly, this would allow supercap batteries to be placed on the chip die. This doesn't sound like much, but it would be useful in keeping DRAM refreshed if there is a power outage for a brief bit, or enough juice to dump the DRAM to permanent storage (a small SSD.) If the processor state can be saved as well, this would allow a computer to start right back up almost exactly where it was before.
Of course, this wouldn't be enough power to keep a modern day CPU like a POWER7 running at full tilt for any significant length of time, but it might be enough to get the machine's components to save its state and shut down cleanly.
Then, there are the obvious uses for supercap batteries. A buffer for solar cells that can charge the regular batteries at exactly the power they need is one example, especially if combined with a MPPT controller. If the supercap cells are good enough with energy density, they could even be the primary batteries, although there was a patent application with working prototypes I read mentioned a bit ago [1] about high temperature batteries with a large energy density, and these would be a great candidate as primaries, while the supercaps would be additional storage, a buffer for optimal charging, and giving the ability to continue charging for a little bit of time once the solar panels stop receiving usable light.
I'd be leery of saying that a big name means security. This happened in the past with "too big to fail", and it can happen with security.
Cloud provider clients have other concerns as well: Sarbanes-Oxley, FERPA, PCI-DSS2, HIPAA, and other regs make using a cloud provider more complicated, especially come audit time.
Then there is ultimate responsibility for data. I know how my data is stored, and a cloud provider is just one piece of media, just like a DVD or a tape. If it all gets rendered inaccessible [1], I reach for a Blu-Ray disk that I burned stuff on. May not be as up to date as an always-online cloud copy, but it is still usable in almost all cases.
How does one know how well a cloud provider stores data? It could be on someone's spanned JBOD array cobbled from cast-off USB flash drives on a pirated copy of Windows Server 2003. It could be on multiple EMC VNX SANs in multiple geographic locations that replicate writes asynchronously. It could be any combination in between.
Unlike a tape or CD where one generally knows how long the media life is, a cloud provider is an unknown where at best, you can depend on someone's unverified promise. This works well with banks because they have to answer to multiple governments, but a cloud provider, in general, is not under any regulation to do much, if anything.
[1]: There is always the chance of one losing access to their account and never getting it back. Lose access to the recovery E-mail address or forget a recovery question, and good luck trying to pursuade an offshored phone support person, who is there to read scripts and get you off the line, to get your account access back.
There is also the fact that if an employee drops the ball and causes a disaster, it can be remedied at once. With a disaster at a cloud provider, the cloud provider may not be able to stop the data from being leaked or corrupted... or they might just not give a hoot because their TOS protects them from lawsuits from stupidity on their end.
Since there are a lot more Captain JC Masons than there are Scotties, it is good to have the ability to take swift action, even if the swift action is dashing downstairs and unplugging network cables.
Cloud providers coupled with clientside encryption are useful. At least there is something controlled on the client side, as cloud provider SLAs are worthless. All they need to do is go into receivership, another company buys the servers, and all the stored cloud data can be put for anyone to download as a BitTorrent file, and there is nothing legally to stop that from being done.
At least one should use a service like Viivo, just as a minimum, as a secondary layer of protection. The ideal would be to stuff everything in a TrueCrypt volume, or at least PGP/gpg all stashed files.
Without some encryption, a person is one password away from disaster.
Some consumer oriented printers have drivers limiting their file-sharing ability. Why should a printer maker (whom will remain nameless) artificially reduce the number of people who can print to a device to five?
Of course, some printers that have Wi-Fi are doubly cursed. Unless you tell the printer to change IP and Wi-Fi preshared key before you changed the password on the router, you are forced to plug the printer in to the local machine, toss on 300+ megs of drivers, just in order to get the printer to change a few basic settings.
This is good advice. I bought a HP Color Laserjet with a network port that groks PCL and PostScript in 2008. Said printer still will happily print out a color picture when needed, and it is still running with its original toner cartridges. Yes, it was about $200 for the printer on closeout, and toner cartridges would cost about $300 to replace all four, but I can print hundreds to thousands of color photos with it, while most color inkjet cartridges are sucked completely dry after a few pages of photos.
I've had good luck with HP, even their low end line. However, for the best bang per buck, the printer really needs to have a network port and to be able to work via Postscript so a special driver is not needed unless one wants to use a feature like capture/release or some printer specific item.
The way car audio is, not even the dopeheads will try to rip out radios anymore. In a way, this is a lot like the market for phones circa 2006, where there was little improvement other than perhaps a slightly thinner RAZR variant or perhaps a new feature here and there.
A company like Apple, Microsoft or Google could easily announce a product and sweep all the competition aside. If they made a 1 DIN audio head that could handle BT audio (and I mean handle it, not "support" it half-assed), have a good navigation system, and perhaps a 3G/4G antenna built in to autodownload maps via a Whispernet-like network, run some apps, and provide the usual amenities (XM radio, local FM radio, local AM radio, a CD player, USB connection, maybe even a Wi-Fi network using the above mentioned 3G/4G antenna with a subscription.
An audio head made by one of the above companies would utterly change the car audio industry, just like iPhones and Android devices swept out the dumbphones as mainstream devices in just a couple years. In the past one bought an Alpine for the name. Now, most OEM car audio systems are decent enough for most people. So, with the "good enough" reached, there isn't much innovation in this market segment.
Any decent IDS/IPS can notice oddball encrypted traffic and put the kibosh on it. Even moreso in a lot of places which use Bluecoat or something similar as an active MITM (where the BlueCoat's appliance key is propagated in the root of AD.)
I wouldn't be surprised if the PLA didn't have something in place that would throttle/log/stop VPNs without having to keep an IP blacklist. They have had decades to work on the technology, and have leapfrogged the US in a lot of respects.
I think Apple is going with the razor and blade model. The OS with the store comes at no cost because it helps sell the hardware, while the money coming in will be from the App Store.
So, it pays Apple to get people onto the same version of OS X, just so they can push store changes out and entice more developers to the platform.
All and all, a win/win/win for all parties involved. $0 upgrades are a benefit, developers get more people who can run their programs, and Apple gets more money from the 30% cut from people buying stuff.
The ironic thing is when one compares, feature by feature, Apple hardware against workstations by Dell or HP, Apple is actually slightly cheaper. Yes, it is more expensive than consumer level PCs, but with all the items a Mac tends to have, comparing Apple hardware to its peers is a different story.
Of course, who knows how this will hold true come the new Mac Pro form factor. They are more expensive than the previous generation, and stuff like working with FPGA boards is out of the question unless you want to work with a limited set of the PCIe lanes that are on a Thunderbolt breakout box.
There is storage capacity. Not many Android devices support 64 gig, much less 128 gig, although if the device is 64 gig internally and it has a SD card slot, then this is less of an issue.
Austin has a supercharger station between it and San Antonio, and another between it and Dallas. Now, if they can locate that in the city proper, it would be quite useful.
Another place where superchargers are needed is the I-10 route from El Paso. I don't know how any Tesla can make it in/out of the state on that route, barring pulling over and trickle charging on a motel's 110 volt circuit.
I live about 2-3 miles from the Tesla service depot in Austin. One thing that seems to sell the vehicles is the fact that they are "so good, they had to be banned." Even with all the hoops one has to jump through, if one wants a runabout vehicle, a Tesla is hard to beat (assuming one can afford the ticket to entry.)
So, the prohibition on Tesla vehicles in Texas just makes people seem to want them more. Especially with the fact that in Austin, charging stations are popping up in odd but useful places, such as credit union parking lots.
Resistance isn't just being a luddite, it is managing the technology, and not having it manage you. It is 100% healthy for the phone to be powered off at times.
It is an addiction for some. When RV-ing, a RV park could be perfect in every way, but if they don't have a good Wi-Fi signal, they get one-starred. Sometimes it is good to leave the devices in the car and actually do something that doesn't consist of using a computer HID, be it a touch screen, mouse, keyboard, or Siri.
However, things like Instagram are pointless to me. When I take photos, I want them stored privately until I choose to deal with them, and if I want to apply filters, I will do so with a local program, or if I need detailed editing, I just pull up Photoshop and do it right.
What I'm tired of is being viewed as a product, so I keep my use of services that are ad-served to a minimum. I try to pay a sub for sites I use frequently (if they offer that), my primary E-mail provider is paid for, and my Web hosting is on a Linux VPS. This way, I'm the end customer and there is nothing in the TOS about my content being sifted through by marketdroids.
I just have no interest in technology that benefits me not that much, but benefits someone interested in prying into details of my life (to package up and sell) a lot more.
I have a CS degree. Does it help in IT? It helps the same way that knowing the specifics of the Otto engine cycle help with cleaning the carb of gunk from bad gasoline.
One lesson I learned is that no, degrees and certificates don't mean a person is clueless. However, the people with the purse strings that hire and promote don't see a person's work unless they epically fail. However, they do see the MCSE, BS, BA, CISSP, TS/SCI clearance, and other certs. So, in my experience, one can be totally clueless, but if they have the pieces of paper, there will be jobs for them. In fact, I've worked at places which fired people on the spot if their certs expire, saying they "lacked the authority to operate the equipment."
So, the cert treadmill is important, in my experience.
Depends what part they strip out. If they drop the manufacturer ID, whoop-de-do, that can be guessed later on.
Instead of just dropping a chunk that can be possibly rebuilt, how about at the minimum, using a hash of the ID? The ideal would be a salted hash, with the salt a secret (so someone later on can't grab a list of MACs and convert/correlate them with the hashed versions.)
All that is needed is a unique identifier. The detector for BT devices can just create a salt it stores internally and changes every 12-24 hours, hashes the MACs it sees with the salt, and passes a list of the hashes up as unique IDs to check if there are any traffic jams.
Of course, even this can easily lead to devices to make speed traps, but at least after the internal salt changes, it would be hard to find what device made what hash.
Just a run in the server room to grab hard drives and memory cards out of the router/switches would sell more than the jacked Escalade with the 30" wheels.
I wonder if it is a proof that security theater does work. The movies show the server rooms with the high-tech locks [1], and this does a good job at discouraging the gangstas from even trying. However, if they knew how vulnerable places were, they would be a primary target as opposed to the local credit union branch or liquor store.
In my past, I've done things to help mitigate at that last line where everything is compromised, but it seems that a lot of PHBs consider it "technically impossible" for someone to get past the glass doors.
[1]: One place I worked at had biometric readers, man traps, card access tied to Active Directory (which would lock out remote access if you are in the building)... etc. But, the mechanical backup locks were a basic design without any real pick resistance... And during part of a pen test, a guy with a bump key managed to get his way in all the way to the tape safe... which was unlocked. Needless to say the SFIC cylinders became Medeco3 cylinders shortly afterwards.
1: The fact that people in IT tend to value their reputations, so are generally honest. They know that the people they spit on in the morning may be their bosses or giving them a recommendation come the afternoon.
2: The fact that the gangbangers on the streets don't realize that jacking a server room is easier and more lucrative than a bank or a 7-11. I thought this would change when a data center in Chicago kept getting hit so often that the city had to pass a law allowing security guards to carry firearms. If a gang cased a data center out as they do people's houses in a neighborhood, they could easily hit the jackpot. Moreso if they partner with criminal organizations who are good at extortion and blackmail with the data stolen. Right now, this isn't an issue because the people who know the value of stuff in a data center tend to be the types who are not going to be popping caps, and the gangbangers don't have the knowledge to separate a server worth grabbing versus a cast off terminal server. However, this can easily change.
Slashdot Mirror
I've had decent luck with CFLs, with the only downside being that one has to be careful due to the small amount of mercury in them if they get broken (so I would try to find enclosed bulbs for safety reasons.)
The latest generation of LED bulbs is heads and shoulders above CFLs in almost every respect that I tossed all the glass tube lights. If dropped, it might dent the heat sink, or at worst dent the bulb portion, no broken glass. The life expectancy is a lot longer than CFLs, and they do not use much electricity, especially compared to incandescent bulbs. Of course, color temperature matters a lot. The cheapies have the undead-looking blue-white while the more expensive ones have a warmer white.
LEDs are also a must when RV-ing. LED bulbs use 1/5 to 1/7 as much electricity as incandescent bulbs, which make a big difference when boondocking in the middle of nowhere.
LEDs are also sensitive to voltage spikes. A light bulb filament can handle somewhat dirty power, but a LED, once it crosses its absolute voltage threshold, is done for. With salt water corrosion, there is always the chance of a short or some electrical glitch which might cause the LEDs to fail.
I've seen some interesting heating element solutions. A small electrical resistance heater that is turned on when the temperature is low is a lot more efficient than a regular light bulb. Of course, when the weather is above freezing, the heater turns off, so that is more energy saved.
Keeping LED lights in traffic signals visible might take little engineering, but it isn't something insanely difficult.
Nail, head, hit.
LEDs are used for fiber optic transceivers, and flip on and off millions of times a second. If they would end up frying in a short time. Being in IT, I have never encountered failure of a LED (if multiple mode) or laser diode (if single mode, "don't look down fiber with remaining eye") in a network adapter. It either fails immediately, or it works indefinitely. Of course, this isn't 100%, but in my experience, LEDs can handle a lot of switching, far more so than a light bulb filament.
To boot, it isn't hard to make decent security. I was using NetBotz over ten years ago and never have heard of any security problems with their design.
I would say that TC is above almost all security software in that the source is available at all. There are a lot of utilities out there that there is no source available for unless one is a large government.
TC at least has a level playing field. China might have the source code, but at least you do too.
Sometimes it is good to have recorders. A crash happens, lawsuits fly, but the truck's dash cam sees it was a another car doing a swoop and squat from the breakdown lane in an attempt to run the semi off the road. This is not uncommon on I-35 in Austin where there have been semis jack-knifed by people deliberately wanting to cause wrecks.
There has to be a balance somewhere. I've wondered about mandatory data expiration laws, but this would take a lot of crafting so as to actually be usable, have teeth, and not be easily weaseled out of.
If I read the article correctly, this would allow supercap batteries to be placed on the chip die. This doesn't sound like much, but it would be useful in keeping DRAM refreshed if there is a power outage for a brief bit, or enough juice to dump the DRAM to permanent storage (a small SSD.) If the processor state can be saved as well, this would allow a computer to start right back up almost exactly where it was before.
Of course, this wouldn't be enough power to keep a modern day CPU like a POWER7 running at full tilt for any significant length of time, but it might be enough to get the machine's components to save its state and shut down cleanly.
Then, there are the obvious uses for supercap batteries. A buffer for solar cells that can charge the regular batteries at exactly the power they need is one example, especially if combined with a MPPT controller. If the supercap cells are good enough with energy density, they could even be the primary batteries, although there was a patent application with working prototypes I read mentioned a bit ago [1] about high temperature batteries with a large energy density, and these would be a great candidate as primaries, while the supercaps would be additional storage, a buffer for optimal charging, and giving the ability to continue charging for a little bit of time once the solar panels stop receiving usable light.
[1]: http://arxiv.org/ftp/arxiv/papers/1307/1307.1305.pdf
I'd be leery of saying that a big name means security. This happened in the past with "too big to fail", and it can happen with security.
Cloud provider clients have other concerns as well: Sarbanes-Oxley, FERPA, PCI-DSS2, HIPAA, and other regs make using a cloud provider more complicated, especially come audit time.
Then there is ultimate responsibility for data. I know how my data is stored, and a cloud provider is just one piece of media, just like a DVD or a tape. If it all gets rendered inaccessible [1], I reach for a Blu-Ray disk that I burned stuff on. May not be as up to date as an always-online cloud copy, but it is still usable in almost all cases.
How does one know how well a cloud provider stores data? It could be on someone's spanned JBOD array cobbled from cast-off USB flash drives on a pirated copy of Windows Server 2003. It could be on multiple EMC VNX SANs in multiple geographic locations that replicate writes asynchronously. It could be any combination in between.
Unlike a tape or CD where one generally knows how long the media life is, a cloud provider is an unknown where at best, you can depend on someone's unverified promise. This works well with banks because they have to answer to multiple governments, but a cloud provider, in general, is not under any regulation to do much, if anything.
[1]: There is always the chance of one losing access to their account and never getting it back. Lose access to the recovery E-mail address or forget a recovery question, and good luck trying to pursuade an offshored phone support person, who is there to read scripts and get you off the line, to get your account access back.
There is also the fact that if an employee drops the ball and causes a disaster, it can be remedied at once. With a disaster at a cloud provider, the cloud provider may not be able to stop the data from being leaked or corrupted... or they might just not give a hoot because their TOS protects them from lawsuits from stupidity on their end.
Since there are a lot more Captain JC Masons than there are Scotties, it is good to have the ability to take swift action, even if the swift action is dashing downstairs and unplugging network cables.
Cloud providers coupled with clientside encryption are useful. At least there is something controlled on the client side, as cloud provider SLAs are worthless. All they need to do is go into receivership, another company buys the servers, and all the stored cloud data can be put for anyone to download as a BitTorrent file, and there is nothing legally to stop that from being done.
At least one should use a service like Viivo, just as a minimum, as a secondary layer of protection. The ideal would be to stuff everything in a TrueCrypt volume, or at least PGP/gpg all stashed files.
Without some encryption, a person is one password away from disaster.
Some consumer oriented printers have drivers limiting their file-sharing ability. Why should a printer maker (whom will remain nameless) artificially reduce the number of people who can print to a device to five?
Of course, some printers that have Wi-Fi are doubly cursed. Unless you tell the printer to change IP and Wi-Fi preshared key before you changed the password on the router, you are forced to plug the printer in to the local machine, toss on 300+ megs of drivers, just in order to get the printer to change a few basic settings.
This is good advice. I bought a HP Color Laserjet with a network port that groks PCL and PostScript in 2008. Said printer still will happily print out a color picture when needed, and it is still running with its original toner cartridges. Yes, it was about $200 for the printer on closeout, and toner cartridges would cost about $300 to replace all four, but I can print hundreds to thousands of color photos with it, while most color inkjet cartridges are sucked completely dry after a few pages of photos.
I've had good luck with HP, even their low end line. However, for the best bang per buck, the printer really needs to have a network port and to be able to work via Postscript so a special driver is not needed unless one wants to use a feature like capture/release or some printer specific item.
The way car audio is, not even the dopeheads will try to rip out radios anymore. In a way, this is a lot like the market for phones circa 2006, where there was little improvement other than perhaps a slightly thinner RAZR variant or perhaps a new feature here and there.
A company like Apple, Microsoft or Google could easily announce a product and sweep all the competition aside. If they made a 1 DIN audio head that could handle BT audio (and I mean handle it, not "support" it half-assed), have a good navigation system, and perhaps a 3G/4G antenna built in to autodownload maps via a Whispernet-like network, run some apps, and provide the usual amenities (XM radio, local FM radio, local AM radio, a CD player, USB connection, maybe even a Wi-Fi network using the above mentioned 3G/4G antenna with a subscription.
An audio head made by one of the above companies would utterly change the car audio industry, just like iPhones and Android devices swept out the dumbphones as mainstream devices in just a couple years. In the past one bought an Alpine for the name. Now, most OEM car audio systems are decent enough for most people. So, with the "good enough" reached, there isn't much innovation in this market segment.
Any decent IDS/IPS can notice oddball encrypted traffic and put the kibosh on it. Even moreso in a lot of places which use Bluecoat or something similar as an active MITM (where the BlueCoat's appliance key is propagated in the root of AD.)
I wouldn't be surprised if the PLA didn't have something in place that would throttle/log/stop VPNs without having to keep an IP blacklist. They have had decades to work on the technology, and have leapfrogged the US in a lot of respects.
I think Apple is going with the razor and blade model. The OS with the store comes at no cost because it helps sell the hardware, while the money coming in will be from the App Store.
So, it pays Apple to get people onto the same version of OS X, just so they can push store changes out and entice more developers to the platform.
All and all, a win/win/win for all parties involved. $0 upgrades are a benefit, developers get more people who can run their programs, and Apple gets more money from the 30% cut from people buying stuff.
The ironic thing is when one compares, feature by feature, Apple hardware against workstations by Dell or HP, Apple is actually slightly cheaper. Yes, it is more expensive than consumer level PCs, but with all the items a Mac tends to have, comparing Apple hardware to its peers is a different story.
Of course, who knows how this will hold true come the new Mac Pro form factor. They are more expensive than the previous generation, and stuff like working with FPGA boards is out of the question unless you want to work with a limited set of the PCIe lanes that are on a Thunderbolt breakout box.
There is storage capacity. Not many Android devices support 64 gig, much less 128 gig, although if the device is 64 gig internally and it has a SD card slot, then this is less of an issue.
Austin has a supercharger station between it and San Antonio, and another between it and Dallas. Now, if they can locate that in the city proper, it would be quite useful.
Another place where superchargers are needed is the I-10 route from El Paso. I don't know how any Tesla can make it in/out of the state on that route, barring pulling over and trickle charging on a motel's 110 volt circuit.
I live about 2-3 miles from the Tesla service depot in Austin. One thing that seems to sell the vehicles is the fact that they are "so good, they had to be banned." Even with all the hoops one has to jump through, if one wants a runabout vehicle, a Tesla is hard to beat (assuming one can afford the ticket to entry.)
So, the prohibition on Tesla vehicles in Texas just makes people seem to want them more. Especially with the fact that in Austin, charging stations are popping up in odd but useful places, such as credit union parking lots.
Resistance isn't just being a luddite, it is managing the technology, and not having it manage you. It is 100% healthy for the phone to be powered off at times.
It is an addiction for some. When RV-ing, a RV park could be perfect in every way, but if they don't have a good Wi-Fi signal, they get one-starred. Sometimes it is good to leave the devices in the car and actually do something that doesn't consist of using a computer HID, be it a touch screen, mouse, keyboard, or Siri.
ZFS is exciting and useful.
However, things like Instagram are pointless to me. When I take photos, I want them stored privately until I choose to deal with them, and if I want to apply filters, I will do so with a local program, or if I need detailed editing, I just pull up Photoshop and do it right.
What I'm tired of is being viewed as a product, so I keep my use of services that are ad-served to a minimum. I try to pay a sub for sites I use frequently (if they offer that), my primary E-mail provider is paid for, and my Web hosting is on a Linux VPS. This way, I'm the end customer and there is nothing in the TOS about my content being sifted through by marketdroids.
I just have no interest in technology that benefits me not that much, but benefits someone interested in prying into details of my life (to package up and sell) a lot more.
I have a CS degree. Does it help in IT? It helps the same way that knowing the specifics of the Otto engine cycle help with cleaning the carb of gunk from bad gasoline.
One lesson I learned is that no, degrees and certificates don't mean a person is clueless. However, the people with the purse strings that hire and promote don't see a person's work unless they epically fail. However, they do see the MCSE, BS, BA, CISSP, TS/SCI clearance, and other certs. So, in my experience, one can be totally clueless, but if they have the pieces of paper, there will be jobs for them. In fact, I've worked at places which fired people on the spot if their certs expire, saying they "lacked the authority to operate the equipment."
So, the cert treadmill is important, in my experience.
Depends what part they strip out. If they drop the manufacturer ID, whoop-de-do, that can be guessed later on.
Instead of just dropping a chunk that can be possibly rebuilt, how about at the minimum, using a hash of the ID? The ideal would be a salted hash, with the salt a secret (so someone later on can't grab a list of MACs and convert/correlate them with the hashed versions.)
All that is needed is a unique identifier. The detector for BT devices can just create a salt it stores internally and changes every 12-24 hours, hashes the MACs it sees with the salt, and passes a list of the hashes up as unique IDs to check if there are any traffic jams.
Of course, even this can easily lead to devices to make speed traps, but at least after the internal salt changes, it would be hard to find what device made what hash.
Just a run in the server room to grab hard drives and memory cards out of the router/switches would sell more than the jacked Escalade with the 30" wheels.
I wonder if it is a proof that security theater does work. The movies show the server rooms with the high-tech locks [1], and this does a good job at discouraging the gangstas from even trying. However, if they knew how vulnerable places were, they would be a primary target as opposed to the local credit union branch or liquor store.
In my past, I've done things to help mitigate at that last line where everything is compromised, but it seems that a lot of PHBs consider it "technically impossible" for someone to get past the glass doors.
[1]: One place I worked at had biometric readers, man traps, card access tied to Active Directory (which would lock out remote access if you are in the building)... etc. But, the mechanical backup locks were a basic design without any real pick resistance... And during part of a pen test, a guy with a bump key managed to get his way in all the way to the tape safe... which was unlocked. Needless to say the SFIC cylinders became Medeco3 cylinders shortly afterwards.
I'd say there are two saving graces in addition:
1: The fact that people in IT tend to value their reputations, so are generally honest. They know that the people they spit on in the morning may be their bosses or giving them a recommendation come the afternoon.
2: The fact that the gangbangers on the streets don't realize that jacking a server room is easier and more lucrative than a bank or a 7-11. I thought this would change when a data center in Chicago kept getting hit so often that the city had to pass a law allowing security guards to carry firearms. If a gang cased a data center out as they do people's houses in a neighborhood, they could easily hit the jackpot. Moreso if they partner with criminal organizations who are good at extortion and blackmail with the data stolen. Right now, this isn't an issue because the people who know the value of stuff in a data center tend to be the types who are not going to be popping caps, and the gangbangers don't have the knowledge to separate a server worth grabbing versus a cast off terminal server. However, this can easily change.