You misunderstand me: I wasn't able to find anyone who could provide those specifications, at *any* price level. I was saying, 'Here are our requirements, what will this cost?' And the answer I was getting back was, 'We can't meet your requirements, period. Ask someone else.' The word 'cheap' also never appeared in the specifications.:)
We could lower the requirements. However - in our industry, those requirements are not considered unreasonable. They are what we provide to our own customers. Or we face large contractual fines for failure to perform.
And to answer another poster's question here: the reason we were looking for an outside contractor was purely so that management would have someone to point fingers at when it fails. It's a legal/liability/compliance issue - with the contractual fines if we don't meet the 15 minute SLA. Having an outside contractor to draw on punts the liability to them, since we can say, 'We've contracted the third-party vendor on this issue' to our customers, and then THEY have to address it in a timely manner. Management just wants to be able to shift liability to an outside contractor.
I'm not an actuarial, so I don't know how much that's really worth.;)
It might be paid support, but unfortunately, it's not truly professional support - when I contacted them about it, they were unable to meet the 15 minute SLA response time and 24x7x365 support that our organization was looking for. And even hunting around the recesses of the internet, I have been unable to find anyone who has both experience with Zoneminder and the ability to provide those support terms.
Some people might consider those terms unreasonable. Our industry considers it a minimum. In the meantime, I'm getting stuck with being the 'first responder' for any problems with the system, 24x7x365.
Sorry, but... Zoneminder *is* the state of the art in Linux DVR software.
And for reference, having recently compared many different versions on different operating systems for a project at my company, Zoneminder IS the state of the art in all platforms of DVR software. It's one of the only systems that will work with many varieties of end-point hardware cleanly. Most dedicated embedded systems will only work with their brand of camera, or a single video protocol.
There are systems that will link motion sensors and contact alarms (Zoneminder can do that, too, though it takes some finangling). Again, most of these only work with *their* hardware.
The biggest things to keep in mind are bandwidth, storage consumption, and retention. A camera input card may have a very large 'potential framerate', but when you spread that among the 16 inputs you have coming in, things start to add up *very* rapidly. There are physical limitations on the hardware that you will run into if your deployment is of any large size. Our deployment is one of the largest, having 80 cameras currently (planning on adding another 16 before too long), and we have to spread the load out among 5 high-powered servers with relatively large amounts of RAM. Even with that, we still need to upgrade our switch infrastructure to gigabit in order to be able to view all the cameras simultaneously! We've got fiber to our SANs, though, so storage and later retrieval of footage is no issue.
The only downside is the lack of professional support - Management doesn't have anyone externally that they can point at if something breaks.
If you're a power Linux user, I'd recommend Zoneminder. If you have a few cameras for a small business and are not technically skilled, I'd recommend a pre-packaged solution - but expect to spend more for a similar sized installation. If you have a LOT of cameras (more than about 16) but are not technically skilled... I'd recommend finding a consultant who can deploy Zoneminder and contract long-term support with them.
If it's true you feel that way, then stop giving the government your money. It's one thing to say that the tree of liberty must be watered with the blood of patriots et al. It's another to actually start doing it. Civil disobedience is a form of revolution - and part of civil disobedience is knowing the consequences of it and to willingly suffer them in the name of your principles.
Besides, if enough people refuse to pay their taxes at once due to a lack of faith in the government, the government won't have enough places to put them.
That aside - while I agree that our government is bloated, it's not actually/that/ incompetent, compared to the average corporate environment. I'd say they're pretty average, and quite capable of providing the infrastructure support and freedoms I require for my life. While I grumble about the amount of taxes I pay and believe we should pay less, it's hardly disenfranchising my citizenship at the moment.
A friend of mine has a little micro-webserver application he drops on his computer that changes the routing table for these sites to point at itself, and then serves up a 1x1 transparent png. Works pretty well from what he says.
Sounds like they're saying that putting a BIOS password on a laptop means they don't have to tell anyone the next time they lose 500 million social security records, huh? Or heck, if BIOS passwords are too difficult, it could always just have user accounts. Those count as "access controls", too.
Combined with the idea of the government managing our health care, I'm not terribly encouraged by the idea.
Effectively, if they're between you and your server, 'click here to own this connection.'
I just talked with the resident encryption guru here - as long as the attacker is between you and the server you're connecting to, with this bug you can inject arbitrary data in front of the target encrypted packet. Some of the data you can inject includes commands, such as, 'By the way, send the rest of this connection to this IP over here, keep the authentication details but renegotiate the encryption.' In other words, 'Keep authentication but talk to the attacker's PC instead.'
That depends on where you live, mostly. In Missouri, we had a spat with our legislators about 5 year ago - they were putting gas taxes into the general fund and then spending a much smaller amount of money on road maintenance. When we complained about the state of our roads, they replied, 'Gee, guess we have to raise gas taxes, then.'
So we used citizen's initiative to put an item on the ballot to specifically reserve gas taxes for the Dept. of Transportation. A lot of people were saying that it was going to destroy our schools by taking away their funding. Still, it passed by almost an 80% margin.
Now, our roads are in much better condition. You might want to check in the area where you live how much is gathered in gas taxes, and then how much is spent on road maintenance, and compare the numbers.
The thing is, technology is irrelevant to plot and character. If it wasn't, then the stories they'd be telling would be so alien as to be incomprehensible. Stories are about people, not technology. It's something written into just about any guide to writing science fiction you can find: Don't let the technology overshadow the characters!
Yes, lightsabers and teleporters are cool. But the story is about a boy turning into a man and saving the world (Gee, thanks, Wesley). Or a continuing mission through space, etc. The story isn't about the technology. Sure, it'd be nice to have more realistic tech written into the story to begin with - BUT. I will note that the most popular episodes of TNG always revolved around characters. The episodes oriented towards 'how the teleporters actually work' as a plot device didn't fare so well.
Yeah, I'm going to have to say that IRC is to blame here. Poor typing is endemic on IRC, and is even worse on Second Life, where the graphics detract from the online communication.
If you want to increase or maintain your English skills, socialize with people who put an emphasis on proper grammar, punctuation, and spelling. Without those fundamentals in the people around you, your dialogue will eventually sink to match their levels.
If you're wondering, yes, this would probably be considered elitist by many online neophytes. I personally prefer to call it 'having standards'.:)
Very few people bother with VPNs or the like; most virtual hosting packages I've seen have FTP and other services open to all.
Quite. Our company uses RSA SecureID. I was pretty skeptical at first, but it's turning out to be a fairly robust solution. On the down side, if Security loses their RSA tokens, we can't access the system to assign new ones...:) Which is why we have multiple security personnel.
Most web development companies I've worked with always want to transfer data around over unencrypted FTP, often including database backup files.
One of the biggest problems I've seen are old legacy applications which insist on using the Trivial FTP protocol. As in, 'Password? What password?' If I could do one thing to help out PCI compliance, it would be to wipe TFTP off the map and encrypt all FTP transmissions over a suitable VPN, at a minimum. SFTP would be much better.
Everyone has antivirus installed on their web servers. Wait... you mean they don't? What's this Linux thing?
Trend Micro actually now has anti-virus software available for many flavors of linux. Several others do, as well, to the point you can pretty much make sure you're covered wherever you are. In fact, you can do this yourself - for free - with Clam AV. You just have to manage the updates and everything yourself. It's not that hard if you've got a good bash scripter, but it does get a bit annoying maintaining the documentation that proves you've got the AV and it's up to date.
There's answers to all of these problems. But it really comes down to making sure that your employees know the value of security.
Since when did you have to buy tickets for Burning Man? I thought it was a counter-culture, anti-corporate, neo-society experiment out in the middle of nowhere that sounded like a really cool idea. Now they're saying that they're trying to 'keep it real' and prevent crass commercialism by... putting a highly restrictive EULA on the tickets they're selling for the event at anywhere from $280 to $450?
For that matter, now they're saying they're building a community/city out in the desert. Since when do you get charged a fee for walking into a city?
I was actually thinking about going to Burning Man this year. It sounds like I already missed the good years.
More to the point, verify that they're actually doing the job you hired them for. That's part of being a manager.
Learn how to read access logs, learn how to make sure you're logging what you need to in order to monitor their activities. If you're feeling particularly suspicious, log all file object access on the system, and then forward those logs to a remote server that they don't have access to for later review. (That's actually required by Visa's credit card security standards, btw.)
But to be clear - you're not monitoring this sort of thing because you don't trust them. Trust, but verify. As repeated tests come back clean, you can trust them more and more and be more confident in your decisions. Trusting without testing is what we call 'religion'.
In the "real world", the pump would be replaced by the river or other source of water. This would be powered by the water cycle, primarily sourced by the sun's evaporation of ocean salt water. Unlike a hydroelectric dam, you don't have to create a huge vertical gradient for it to work well, so building along a coastline with river access should be quite sufficient to create enough water pressure to keep the system moving around.
The biggest problem I can think of with this concept is the same problem most any coast-based energy generation system has - hurricanes. Experimental technology tends to stand up poorly to 75mph winds.
What really bothers me about all this though is... that these people are destroying the world's history to turn some quick money now
I have to ask - how are they destroying the world's history? If they're producing such good fakes that even curators are being fooled into thinking that they're genuine, doesn't that mean there's more culture going around?
As a simple example, if I created a near-perfect forgery of the Mona Lisa, such that a curator couldn't tell it from the original, then we'd have two Mona Lisa's floating around to be hung up in museums. How does this damage the world's history and culture? It's no longer as rare, so more people have access to it.
Maybe the individual who owned the original might be a little miffed at the dramatic fall in value of his painting since no one would know which one was real, but isn't that a little bit selfish in terms of the entire world sharing in a culture?
The CDC has 141 confirmed cases of Swine Flu. Of those, 1 death has been recorded, in an infant in Texas who already had serious medical complications.
With 20,000 to 30,000 dying yearly of flu complications in the U.S., 1 death is hardly a significant statistic, and certainly not indicative of a pandemic. The WHO is, again, overreacting and fearmongering. The CDC has the most reliable information on the topic for Americans - not sure what equivalent other countries have. I certainly hope you're not relying on the WHO.
Correct me if I'm wrong, but the Carrington event - mentioned in TFA - was detected a day earlier than the CFE strike. And it was detected by some guy with an earth-bound telescope in the 1800's.
To say that we have only 15 minutes of warning is ludicrous. Lots of people on earth watch the sun through telescopes, not the least of which are all the scientists studying our sun today.
But that young person is closer to school, meaning they learned from not just your mistakes but the mistakes of the industry over the past 30 years and very likely the youngsters were playing with real-world code long before they ever could have counted it experience.
You learned something applicable to actual programming in school? All I learned about was Turing machines.
I coded a lot of useful programs before I ever hit college, up to some fairly sophisticated character generators for my gaming group. While I was in college, I learned that everything I knew about programming was wrong, that I was an idiot for using BASIC, and that everything I really needed to know was in Maths. I graduated with less applicable programming knowledge than when I went in, couldn't get a programming job anywhere, and I've actually applied my college knowledge exactly once in the last eight years since.
College and universities aren't teaching you about the mistakes of the industry over the past 30 years. They're teaching you about the mistakes of the industry made before the last 30 years. Forget about the degrees. Ask them for an example of code that they've written, or ask them to write a simple function for you right there. You'll learn far more about their skill as a programmer than age or resume will tell you.
Problems from Project Euler seem to be a popular choice.
So, why upgrade, for a desktop user? Even for middle business servers, we live with two 8-yrs-old Sun machines which are more than adequate for keeping up all the services we need internally. We never have CPU spikes.
I actually ran into a very good reason to upgrade recently - hardware cycles. Computers last about five years, not due to any particular deficiency in the hardware, but just because eventually the things break. If information is important to your company, you need to be sure that if your computers break, the parts to repair them exist.
Case in point, I have a friend who's a networking consultant, and at one point he had to pull a business's data off of an old XT machine with an MFM hard drive. Yes. Those. No ethernet port. 5 1/4" floppy, which nothing reads these days. No MFM controllers for modern machines. No expansion ports to put in something useful. He ended up finally using the serial port and Xmodem (it didn't have enough memory for Y or Zmodem) to pull the data off.
So for business, the question for upgrading isn't so much about having the latest and greatest as it is about business continuity. For the home user, it's more about running the latest and greatest game. If you don't fall into either of those categories, you may be perfectly happy with an old Pentium 5.
Haven't they noticed the IPv4 exhaustion report yet?
IPv6 will continue to be used until the pain of using IPv4 exceeds the pain of switching to IPv6.
The issues are many, varied, and thoroughly discussed elsewhere. My personal highlights are NAT having eliminated most of the address space limitations - most companies, even medium-large ones, can make do with 4-8 external IPs - and the complete and utter unwieldiness of IPv6 addresses. No way am I going to be able to memorize one of those, ever. DNS will become mandatory to do anything.
That, and nobody uses IPv6 in the first place.
last time i checked metasploit had at least double the attack vectors for linux than it did windows.
so, i would say linux is less secure than windows.
That would be because you need more attack vectors to gain access to a Linux box. In Linux, there's a dozen different ways to do any one thing, so any one attack vector won't neccessarily work. There's also different distributions, etc.
In Windows, everything configured exactly the same way, so a security hole in a service patch is always the same hole, and always will be punctured with the same attack. Therefore, you need fewer types of attacks in total.
I suppose my original question still stands, however. Why is stock that doesn't pay dividends valuable to anyone?
Holding stock provides a stockholder with a number of financial rights - they get to see extra information about the company they're invested in, detailed budgets, balance sheets, are informed of stockholder meetings, etc.
Some people also hold stock based on philosophical reasons - they believe a company can 'Do no evil', for example, and they value the stock accordingly with their beliefs. See also 'Philanthropic Investing'.
And then there's something known as 'Preferred Stock'. This stock carries voting rights, on such votes as 'who serves in our board of directors', and can lead to all sorts of fun consequences, especially if there's a takeover in the wings while you're holding preferred stock.
Slashdot Mirror
You misunderstand me: I wasn't able to find anyone who could provide those specifications, at *any* price level. I was saying, 'Here are our requirements, what will this cost?' And the answer I was getting back was, 'We can't meet your requirements, period. Ask someone else.' The word 'cheap' also never appeared in the specifications. :)
We could lower the requirements. However - in our industry, those requirements are not considered unreasonable. They are what we provide to our own customers. Or we face large contractual fines for failure to perform.
And to answer another poster's question here: the reason we were looking for an outside contractor was purely so that management would have someone to point fingers at when it fails. It's a legal/liability/compliance issue - with the contractual fines if we don't meet the 15 minute SLA. Having an outside contractor to draw on punts the liability to them, since we can say, 'We've contracted the third-party vendor on this issue' to our customers, and then THEY have to address it in a timely manner. Management just wants to be able to shift liability to an outside contractor.
I'm not an actuarial, so I don't know how much that's really worth. ;)
It might be paid support, but unfortunately, it's not truly professional support - when I contacted them about it, they were unable to meet the 15 minute SLA response time and 24x7x365 support that our organization was looking for. And even hunting around the recesses of the internet, I have been unable to find anyone who has both experience with Zoneminder and the ability to provide those support terms.
Some people might consider those terms unreasonable. Our industry considers it a minimum. In the meantime, I'm getting stuck with being the 'first responder' for any problems with the system, 24x7x365.
Sorry, but... Zoneminder *is* the state of the art in Linux DVR software.
And for reference, having recently compared many different versions on different operating systems for a project at my company, Zoneminder IS the state of the art in all platforms of DVR software. It's one of the only systems that will work with many varieties of end-point hardware cleanly. Most dedicated embedded systems will only work with their brand of camera, or a single video protocol.
There are systems that will link motion sensors and contact alarms (Zoneminder can do that, too, though it takes some finangling). Again, most of these only work with *their* hardware.
The biggest things to keep in mind are bandwidth, storage consumption, and retention. A camera input card may have a very large 'potential framerate', but when you spread that among the 16 inputs you have coming in, things start to add up *very* rapidly. There are physical limitations on the hardware that you will run into if your deployment is of any large size. Our deployment is one of the largest, having 80 cameras currently (planning on adding another 16 before too long), and we have to spread the load out among 5 high-powered servers with relatively large amounts of RAM. Even with that, we still need to upgrade our switch infrastructure to gigabit in order to be able to view all the cameras simultaneously! We've got fiber to our SANs, though, so storage and later retrieval of footage is no issue.
The only downside is the lack of professional support - Management doesn't have anyone externally that they can point at if something breaks.
If you're a power Linux user, I'd recommend Zoneminder. If you have a few cameras for a small business and are not technically skilled, I'd recommend a pre-packaged solution - but expect to spend more for a similar sized installation. If you have a LOT of cameras (more than about 16) but are not technically skilled... I'd recommend finding a consultant who can deploy Zoneminder and contract long-term support with them.
If it's true you feel that way, then stop giving the government your money. It's one thing to say that the tree of liberty must be watered with the blood of patriots et al. It's another to actually start doing it. Civil disobedience is a form of revolution - and part of civil disobedience is knowing the consequences of it and to willingly suffer them in the name of your principles.
Besides, if enough people refuse to pay their taxes at once due to a lack of faith in the government, the government won't have enough places to put them.
That aside - while I agree that our government is bloated, it's not actually /that/ incompetent, compared to the average corporate environment. I'd say they're pretty average, and quite capable of providing the infrastructure support and freedoms I require for my life. While I grumble about the amount of taxes I pay and believe we should pay less, it's hardly disenfranchising my citizenship at the moment.
Yeah, seriously... you guys see ads?
A friend of mine has a little micro-webserver application he drops on his computer that changes the routing table for these sites to point at itself, and then serves up a 1x1 transparent png. Works pretty well from what he says.
Sounds like they're saying that putting a BIOS password on a laptop means they don't have to tell anyone the next time they lose 500 million social security records, huh? Or heck, if BIOS passwords are too difficult, it could always just have user accounts. Those count as "access controls", too.
Combined with the idea of the government managing our health care, I'm not terribly encouraged by the idea.
Effectively, if they're between you and your server, 'click here to own this connection.'
I just talked with the resident encryption guru here - as long as the attacker is between you and the server you're connecting to, with this bug you can inject arbitrary data in front of the target encrypted packet. Some of the data you can inject includes commands, such as, 'By the way, send the rest of this connection to this IP over here, keep the authentication details but renegotiate the encryption.' In other words, 'Keep authentication but talk to the attacker's PC instead.'
That depends on where you live, mostly. In Missouri, we had a spat with our legislators about 5 year ago - they were putting gas taxes into the general fund and then spending a much smaller amount of money on road maintenance. When we complained about the state of our roads, they replied, 'Gee, guess we have to raise gas taxes, then.'
So we used citizen's initiative to put an item on the ballot to specifically reserve gas taxes for the Dept. of Transportation. A lot of people were saying that it was going to destroy our schools by taking away their funding. Still, it passed by almost an 80% margin.
Now, our roads are in much better condition. You might want to check in the area where you live how much is gathered in gas taxes, and then how much is spent on road maintenance, and compare the numbers.
The thing is, technology is irrelevant to plot and character. If it wasn't, then the stories they'd be telling would be so alien as to be incomprehensible. Stories are about people, not technology. It's something written into just about any guide to writing science fiction you can find: Don't let the technology overshadow the characters!
Yes, lightsabers and teleporters are cool. But the story is about a boy turning into a man and saving the world (Gee, thanks, Wesley). Or a continuing mission through space, etc. The story isn't about the technology. Sure, it'd be nice to have more realistic tech written into the story to begin with - BUT. I will note that the most popular episodes of TNG always revolved around characters. The episodes oriented towards 'how the teleporters actually work' as a plot device didn't fare so well.
...it is legal to own such a cannon because it does not use a firing pin and is muzzle loaded so the government does not consider the weapon a threat.
He then continued to say, "Also, I use it to hunt deer."
Yeah, I'm going to have to say that IRC is to blame here. Poor typing is endemic on IRC, and is even worse on Second Life, where the graphics detract from the online communication.
If you want to increase or maintain your English skills, socialize with people who put an emphasis on proper grammar, punctuation, and spelling. Without those fundamentals in the people around you, your dialogue will eventually sink to match their levels.
If you're wondering, yes, this would probably be considered elitist by many online neophytes. I personally prefer to call it 'having standards'. :)
So here's to the three millionth stub - congratulations, everybody! Somebody let me know when Wikipedia takes 'notability' seriously.
Very few people bother with VPNs or the like; most virtual hosting packages I've seen have FTP and other services open to all.
Quite. Our company uses RSA SecureID. I was pretty skeptical at first, but it's turning out to be a fairly robust solution. On the down side, if Security loses their RSA tokens, we can't access the system to assign new ones... :) Which is why we have multiple security personnel.
Most web development companies I've worked with always want to transfer data around over unencrypted FTP, often including database backup files.
One of the biggest problems I've seen are old legacy applications which insist on using the Trivial FTP protocol. As in, 'Password? What password?' If I could do one thing to help out PCI compliance, it would be to wipe TFTP off the map and encrypt all FTP transmissions over a suitable VPN, at a minimum. SFTP would be much better.
Everyone has antivirus installed on their web servers. Wait... you mean they don't? What's this Linux thing?
Trend Micro actually now has anti-virus software available for many flavors of linux. Several others do, as well, to the point you can pretty much make sure you're covered wherever you are. In fact, you can do this yourself - for free - with Clam AV. You just have to manage the updates and everything yourself. It's not that hard if you've got a good bash scripter, but it does get a bit annoying maintaining the documentation that proves you've got the AV and it's up to date.
There's answers to all of these problems. But it really comes down to making sure that your employees know the value of security.
Since when did you have to buy tickets for Burning Man? I thought it was a counter-culture, anti-corporate, neo-society experiment out in the middle of nowhere that sounded like a really cool idea. Now they're saying that they're trying to 'keep it real' and prevent crass commercialism by... putting a highly restrictive EULA on the tickets they're selling for the event at anywhere from $280 to $450?
For that matter, now they're saying they're building a community/city out in the desert. Since when do you get charged a fee for walking into a city?
I was actually thinking about going to Burning Man this year. It sounds like I already missed the good years.
More to the point, verify that they're actually doing the job you hired them for. That's part of being a manager.
Learn how to read access logs, learn how to make sure you're logging what you need to in order to monitor their activities. If you're feeling particularly suspicious, log all file object access on the system, and then forward those logs to a remote server that they don't have access to for later review. (That's actually required by Visa's credit card security standards, btw.)
But to be clear - you're not monitoring this sort of thing because you don't trust them. Trust, but verify. As repeated tests come back clean, you can trust them more and more and be more confident in your decisions. Trusting without testing is what we call 'religion'.
In the "real world", the pump would be replaced by the river or other source of water. This would be powered by the water cycle, primarily sourced by the sun's evaporation of ocean salt water. Unlike a hydroelectric dam, you don't have to create a huge vertical gradient for it to work well, so building along a coastline with river access should be quite sufficient to create enough water pressure to keep the system moving around.
The biggest problem I can think of with this concept is the same problem most any coast-based energy generation system has - hurricanes. Experimental technology tends to stand up poorly to 75mph winds.
What really bothers me about all this though is ... that these people are destroying the world's history to turn some quick money now
I have to ask - how are they destroying the world's history? If they're producing such good fakes that even curators are being fooled into thinking that they're genuine, doesn't that mean there's more culture going around?
As a simple example, if I created a near-perfect forgery of the Mona Lisa, such that a curator couldn't tell it from the original, then we'd have two Mona Lisa's floating around to be hung up in museums. How does this damage the world's history and culture? It's no longer as rare, so more people have access to it.
Maybe the individual who owned the original might be a little miffed at the dramatic fall in value of his painting since no one would know which one was real, but isn't that a little bit selfish in terms of the entire world sharing in a culture?
The CDC has 141 confirmed cases of Swine Flu. Of those, 1 death has been recorded, in an infant in Texas who already had serious medical complications.
With 20,000 to 30,000 dying yearly of flu complications in the U.S., 1 death is hardly a significant statistic, and certainly not indicative of a pandemic. The WHO is, again, overreacting and fearmongering. The CDC has the most reliable information on the topic for Americans - not sure what equivalent other countries have. I certainly hope you're not relying on the WHO.
Mod parent up.
Correct me if I'm wrong, but the Carrington event - mentioned in TFA - was detected a day earlier than the CFE strike. And it was detected by some guy with an earth-bound telescope in the 1800's.
To say that we have only 15 minutes of warning is ludicrous. Lots of people on earth watch the sun through telescopes, not the least of which are all the scientists studying our sun today.
Do you really want to elect someone to run the whole country without any principles beyond "whatever gets me elected"?
Apparently, we did. Just look at Congress.
But that young person is closer to school, meaning they learned from not just your mistakes but the mistakes of the industry over the past 30 years and very likely the youngsters were playing with real-world code long before they ever could have counted it experience.
You learned something applicable to actual programming in school? All I learned about was Turing machines.
I coded a lot of useful programs before I ever hit college, up to some fairly sophisticated character generators for my gaming group. While I was in college, I learned that everything I knew about programming was wrong, that I was an idiot for using BASIC, and that everything I really needed to know was in Maths. I graduated with less applicable programming knowledge than when I went in, couldn't get a programming job anywhere, and I've actually applied my college knowledge exactly once in the last eight years since.
College and universities aren't teaching you about the mistakes of the industry over the past 30 years. They're teaching you about the mistakes of the industry made before the last 30 years. Forget about the degrees. Ask them for an example of code that they've written, or ask them to write a simple function for you right there. You'll learn far more about their skill as a programmer than age or resume will tell you.
Problems from Project Euler seem to be a popular choice.
So, why upgrade, for a desktop user? Even for middle business servers, we live with two 8-yrs-old Sun machines which are more than adequate for keeping up all the services we need internally. We never have CPU spikes.
I actually ran into a very good reason to upgrade recently - hardware cycles. Computers last about five years, not due to any particular deficiency in the hardware, but just because eventually the things break. If information is important to your company, you need to be sure that if your computers break, the parts to repair them exist.
Case in point, I have a friend who's a networking consultant, and at one point he had to pull a business's data off of an old XT machine with an MFM hard drive. Yes. Those. No ethernet port. 5 1/4" floppy, which nothing reads these days. No MFM controllers for modern machines. No expansion ports to put in something useful. He ended up finally using the serial port and Xmodem (it didn't have enough memory for Y or Zmodem) to pull the data off.
So for business, the question for upgrading isn't so much about having the latest and greatest as it is about business continuity. For the home user, it's more about running the latest and greatest game. If you don't fall into either of those categories, you may be perfectly happy with an old Pentium 5.
Me, I <3 Fallout 3.
Haven't they noticed the IPv4 exhaustion report yet?
IPv6 will continue to be used until the pain of using IPv4 exceeds the pain of switching to IPv6. The issues are many, varied, and thoroughly discussed elsewhere. My personal highlights are NAT having eliminated most of the address space limitations - most companies, even medium-large ones, can make do with 4-8 external IPs - and the complete and utter unwieldiness of IPv6 addresses. No way am I going to be able to memorize one of those, ever. DNS will become mandatory to do anything. That, and nobody uses IPv6 in the first place.
last time i checked metasploit had at least double the attack vectors for linux than it did windows. so, i would say linux is less secure than windows.
That would be because you need more attack vectors to gain access to a Linux box. In Linux, there's a dozen different ways to do any one thing, so any one attack vector won't neccessarily work. There's also different distributions, etc.
In Windows, everything configured exactly the same way, so a security hole in a service patch is always the same hole, and always will be punctured with the same attack. Therefore, you need fewer types of attacks in total.
I suppose my original question still stands, however. Why is stock that doesn't pay dividends valuable to anyone?
Holding stock provides a stockholder with a number of financial rights - they get to see extra information about the company they're invested in, detailed budgets, balance sheets, are informed of stockholder meetings, etc.
Some people also hold stock based on philosophical reasons - they believe a company can 'Do no evil', for example, and they value the stock accordingly with their beliefs. See also 'Philanthropic Investing'.
And then there's something known as 'Preferred Stock'. This stock carries voting rights, on such votes as 'who serves in our board of directors', and can lead to all sorts of fun consequences, especially if there's a takeover in the wings while you're holding preferred stock.