Sounds like you are on the right track. If you are running a Linux-based gateway I'll be happy to share my recipes. It's a simple SQUID configutation and a pile of IPTABLES rules assembled by a TCL script.
Ok smart guy, and what enforcement system do you propose for following up on that trust? Whack-a-mole?
There are folks who have a genuine problem with web porn. I have, unfortunately, had a hand in marching them out the door. Warnings after warnings don't work, and it turns into a giant game of he-said she-said. Monitoring software lets you arbitrate and maintain a healty work environment. Do I sit on logs and reign in evil-doers? No. HR needs to authorize me to gleen the logs.
Simply throwing your ass in the air and saying "ALL MONITORING IS EVIL" is niave. At best.
For the record, I run the network at a [Prominint Cultural Institution]. We continually run into that fine line between academic freedom and reigning in abuse.
We tackle it a few ways. One is a transparent proxy. With the right IP tables rules your firewall can redirect port 80 to Squid. That a) economized bandwidth because images, movies, and stuff are loaded once. b) You can quietly slip in rules to kill certain sites, and the users gets the message in no uncertain terms that the particular site is not cool.
We also lock off internet access to any workstation that is in direct view of the customer, like in the box office, exhibit galleries, etc. Firstly it HAS cut down on the number of viruses we have to clean up. (And you don't want to think about how much damage a keyboard logger on a station that processes credit cards can do.) Yes, the floor staff bellyache. Until we point out that they are paid to do a job so why are they downloading games?
The locked off machines don't even hit the proxy server. Their traffic isn't allowed to be forwarded (and we have internal IP addresses for all of our public sites.)
The logging function comes in handy with certain interactions between IT and HR over inappropriate use of a machine by a user. Was a user on a particular site on what date? It's a good for confronting someone as clearing them. I've used it for both. And just because the date is there doesn't mean you have to constantly watch it. I keep 2 weeks of log, and let the rest quietly go to the bitbucket in the sky.
It's non-intrusive, but we can still police our network and maintain a friendly work environment.
From what I understand the problem in Japan is not "can't" have children as "won't" have children. Post-industrial society makes child rearing so expensive and resource consuming that the truely successful members of society can't be bothered.
Japan is on the vanguard of this phenominon, Europe isn't far behind, and despite my comments about the backwardness of the United States, there are signs of it starting here.
Except that a truely open ended self-learning system would AT BEST be as good as a human. Give nature some credit it's taken 750,000 years to get it right with us. Though looking around, maybe the smart ones are an anomoly... but I digress.
The major takeway is that if we could barf up scheme and howtos on how open-ended thought works we would have done it by now. Our brains are far more complex and capable of far richer thought patterns, and thought patterns about the process of formulation thought patterns, than a computer ever will. Designing a robot to simply emulate our learning styles is simply building a human out of silicon, with all the limitations, sin, flaws, and genious.
I don't think there is much to be learned that requires a mechanical mind to achieve. We could do it now with the brain we have.
The people who get by with "less" than 10 years of experience have something called "the knack." They pick it up and if feel right. And they have been toying with it since childhood. At 32 I presently have about 8 years of job experience, but close to 25 years of programming experience.
I was one of this sick and twisted types who would write his own games in BASIC. At 7.
So short if inventing a time machine and taking an interest in a subject at a young age, NO THERE IS NO SHORTCUT TO 10 YEARS OF EXPERIENCE.
From what I'm seeing, this chucklehead got into the offices and sniffed the network.
When someone bluffs his way into the vault, I'll be shocked. If he tried to monkey with the IT systems, he would probably have been snagged faster than a spawning salmon. Bank, Casinos, etc have people watching the people who watch the people.
Simple: You never ever ever ever ever trust a chunk of the network that doesn't have a lock on the door.
We don't secure our wireless because it is a pain, and futile. Anyone who wanted to seriously crack into the system would use a hard line, an idle terminal, MAC spoofing, etc.
We secure the servers, and monitor for odd behavior. Mostly because most or our problems aren't foriegn invasion, they are inside jobs, mistakes, etc.
Our facility has been a Linux shop since before Linux was cool.
We just dropped in an Exchange server to handle calendaring. And that was after spending years writing our own web calendar from scratch.
The problem is, all of the Open sources solutions are f'ing chimeras of 9 or 10 different projects, and it's impossible to make them consistant. Zimbra was an absolute mess. I shudder when I think about the number of pipes. bypasses, hash tables, and whatnot go into our Linux mail system.
I did get one concession. Exchange is only being used as a calendar. I managed to persuasively argue that an exchange box tied into the outside world is a bomb waiting to go off. People have 2 windows open, Thunderbird and Exchange. As far as they know, Exchange is a calendar and only a calendar. Fortunately most of upper management has been here long enough to remember the bad old days of computing when we would be up, and the likes of Ford and Citibank would be down because of the Virus of the week.
I have hope for the new collaboration suite Apple is putting together for Leopard. Though if I could be given a million dollars and a mission, I would want to sit down and write the difinitive email and collaboration system.
The worst part is I have most of the pieces lying around in various states of disrepair from my own project. Advantage is it's all written on one programming language with one development framework.
They fall into 2 categories: Mouth breathers who know Photoshop like the back of their hand but can't be trusted with scissors, and ubergeeks who use Mac because they consider it the Mercedes Benz of hardware and software.
Slashdot Mirror
To be far, the English and the French have bad blood that goes back for centuries.
The Americans never had a beef with the Russians, just the Communists.
Very carefully
Sounds like you are on the right track. If you are running a Linux-based gateway I'll be happy to share my recipes. It's a simple SQUID configutation and a pile of IPTABLES rules assembled by a TCL script.
It comes under the heading of, the reason the rules treat you like a child is because there are idiots who insist on acting like them.
Ok smart guy, and what enforcement system do you propose for following up on that trust? Whack-a-mole?
There are folks who have a genuine problem with web porn. I have, unfortunately, had a hand in marching them out the door. Warnings after warnings don't work, and it turns into a giant game of he-said she-said. Monitoring software lets you arbitrate and maintain a healty work environment. Do I sit on logs and reign in evil-doers? No. HR needs to authorize me to gleen the logs.
Simply throwing your ass in the air and saying "ALL MONITORING IS EVIL" is niave. At best.
Before you can trust someone, you have to be able to detect when the screw up.
Otherwise it is you who is getting screwed.
For the record, I run the network at a [Prominint Cultural Institution]. We continually run into that fine line between academic freedom and reigning in abuse.
We tackle it a few ways. One is a transparent proxy. With the right IP tables rules your firewall can redirect port 80 to Squid. That a) economized bandwidth because images, movies, and stuff are loaded once. b) You can quietly slip in rules to kill certain sites, and the users gets the message in no uncertain terms that the particular site is not cool.
We also lock off internet access to any workstation that is in direct view of the customer, like in the box office, exhibit galleries, etc. Firstly it HAS cut down on the number of viruses we have to clean up. (And you don't want to think about how much damage a keyboard logger on a station that processes credit cards can do.) Yes, the floor staff bellyache. Until we point out that they are paid to do a job so why are they downloading games?
The locked off machines don't even hit the proxy server. Their traffic isn't allowed to be forwarded (and we have internal IP addresses for all of our public sites.)
The logging function comes in handy with certain interactions between IT and HR over inappropriate use of a machine by a user. Was a user on a particular site on what date? It's a good for confronting someone as clearing them. I've used it for both. And just because the date is there doesn't mean you have to constantly watch it. I keep 2 weeks of log, and let the rest quietly go to the bitbucket in the sky.
It's non-intrusive, but we can still police our network and maintain a friendly work environment.
I think when it is requested at the end of a weapon, or with a trachea crushing action to the throat.
From what I understand the problem in Japan is not "can't" have children as "won't" have children. Post-industrial society makes child rearing so expensive and resource consuming that the truely successful members of society can't be bothered.
Japan is on the vanguard of this phenominon, Europe isn't far behind, and despite my comments about the backwardness of the United States, there are signs of it starting here.
Except that a truely open ended self-learning system would AT BEST be as good as a human. Give nature some credit it's taken 750,000 years to get it right with us. Though looking around, maybe the smart ones are an anomoly... but I digress.
The major takeway is that if we could barf up scheme and howtos on how open-ended thought works we would have done it by now. Our brains are far more complex and capable of far richer thought patterns, and thought patterns about the process of formulation thought patterns, than a computer ever will. Designing a robot to simply emulate our learning styles is simply building a human out of silicon, with all the limitations, sin, flaws, and genious.
I don't think there is much to be learned that requires a mechanical mind to achieve. We could do it now with the brain we have.
Not to mention human lefts.
I agree, Illuminous is not an answer to Aero. It's Apple using a page out of Disney's playbook: The best way to predict the future is to create it.
The people who get by with "less" than 10 years of experience have something called "the knack." They pick it up and if feel right. And they have been toying with it since childhood. At 32 I presently have about 8 years of job experience, but close to 25 years of programming experience.
I was one of this sick and twisted types who would write his own games in BASIC. At 7.
So short if inventing a time machine and taking an interest in a subject at a young age, NO THERE IS NO SHORTCUT TO 10 YEARS OF EXPERIENCE.
Nah, go for an MBA. Requires even LESS of an interest in the subject.
Meh. This is a lovely theory, but it neglects the reality that as soon as the origional moon race was over progress stagnated.
You are a gentleman and a scholar. /Network admin who is trying to figure out if next year's equipment budget need to include a RAID for the RAID
No, just directing everyone's attention to your document retention policy.
You had be going there, right up until "Speaking from the Whitehouse Lawn..."
I don't give cash.
He'll get the coat off my back. And an invitation to lunch.
Sounds too much like a porn star.
From what I'm seeing, this chucklehead got into the offices and sniffed the network.
When someone bluffs his way into the vault, I'll be shocked. If he tried to monkey with the IT systems, he would probably have been snagged faster than a spawning salmon. Bank, Casinos, etc have people watching the people who watch the people.
Simple: You never ever ever ever ever trust a chunk of the network that doesn't have a lock on the door.
We don't secure our wireless because it is a pain, and futile. Anyone who wanted to seriously crack into the system would use a hard line, an idle terminal, MAC spoofing, etc.
We secure the servers, and monitor for odd behavior. Mostly because most or our problems aren't foriegn invasion, they are inside jobs, mistakes, etc.
And a good number of have tried this an know first hand.
Our facility has been a Linux shop since before Linux was cool.
We just dropped in an Exchange server to handle calendaring. And that was after spending years writing our own web calendar from scratch.
The problem is, all of the Open sources solutions are f'ing chimeras of 9 or 10 different projects, and it's impossible to make them consistant. Zimbra was an absolute mess. I shudder when I think about the number of pipes. bypasses, hash tables, and whatnot go into our Linux mail system.
I did get one concession. Exchange is only being used as a calendar. I managed to persuasively argue that an exchange box tied into the outside world is a bomb waiting to go off. People have 2 windows open, Thunderbird and Exchange. As far as they know, Exchange is a calendar and only a calendar. Fortunately most of upper management has been here long enough to remember the bad old days of computing when we would be up, and the likes of Ford and Citibank would be down because of the Virus of the week.
I have hope for the new collaboration suite Apple is putting together for Leopard. Though if I could be given a million dollars and a mission, I would want to sit down and write the difinitive email and collaboration system.
The worst part is I have most of the pieces lying around in various states of disrepair from my own project. Advantage is it's all written on one programming language with one development framework.
Where have you ever met an "Average" mac user.
They fall into 2 categories: Mouth breathers who know Photoshop like the back of their hand but can't be trusted with scissors, and ubergeeks who use Mac because they consider it the Mercedes Benz of hardware and software.