You're completely, frighteningly correct. You wouldn't imagine how much time I've spent, (often successfully) trying to convince customers that, if some dude's looking at net porn all day, their problem goes deeper than anything that could be solved by looking over his shoulder.
Kind of goes along the same line as blaming parents for delinquent kids--it's fascinating, how few senior management types are willing to hold lower management accountable for what their people do all day, instead preferring quick-fix surveillance "solutions".
...or at least my customers think so. I am a security consultant, and I certainly do not believe that you'll get anywhere through removal of users' freedom. Nor do most of my "expert" colleagues. In fact, that viewpoint I've most frequently heard from fairly clueless middle management most concerned with immediate, bandaid fixes to deeper problems.
Like it or not, that's what it comes down to--freedom and choice. Our job is not, like in other fields, to "get to the bottom of the problem", but to fix the symptoms. Because, frankly, the cure would be worse than the disease.
Currently, you and I, as "clued" users, have access to the resources we need. We would be needlessly crippled by DRM, technical restrictions, whatnot. We all saw how effective US export controls on encryption technology were in the long run, and a lot of us have run into situations at work where we simply couldn't do the job with the given tools (all of which had to go through months of committees and acceptance testing, whatever.)
I'll grant you that corporations have more leeway in this; a company environment is more likely (and legitimately so) to be less flexible regarding software tools available to employees. But for general use?
I've been following loads of discussions among ISPs, for example, who see nothing fundamentally wrong with limiting traffic to ports 25, 110 and 143. Nice prospects, you say? Well take this a step further--when "someone" decides that the grannies of this world, whose PCs are currently spitting worms left and right, should be locked down, do you think that the type of legislation and technological restrictions necessary to do this will differentiate between the grannies and the "clued" users?
I don't have the answers, but I strongly suspect they go in the direction of continuing education. A few years ago, most people couldn't spell "virus" (well, they probably still can't, but they at least know what it is.) Putting the spotlight on security holes and spam and and and for the average joe is what gets results, not locking shit down.
Well, you're utterly correct. However, you make the same fallacy that most space warfare scholars base their studies on.
That being, controlling space is no different from controlling the hilltop fortress in medieval warfare. You don't need to send fancy weaponry up there--ever read Heinlein's "The Moon is a Harsh Mistress"? Once you're king of the hill, you just drop big rocks on people. Surprisingly effective tactic, that.
Great--then Alan Ralsky wouldn't just have the FBI, CAUCE, Habeas' Lawyers, the FCC, and five hundred thousand magazine subscriptions and pepperoni pizza home deliveries to contend with, but he'd also be pursued by hordes upon hordes of the Emperor's deadly ninja assassin squad on his ass.
I think you're getting a bit huffy over nothing, to be honest. Yes, the majority of the population is fairly tech-illiterate, but on the other hand, many slimy/dishonest sales people exist. Think "commission".
Coming right out and asking, "why do you want this?" is an offensive statement
No, it's not. The way you put it, yes, it's a bit direct and maybe inappropriately straightforward, but trying to find out what your client is trying to do is high up there for good customer service. If a sales drone has some crap like "customer consultant" on his nametag, he'd better damn well try to consult.
As for the extended warranty, there were a lot of cases in the UK recently (back-search theregister.co.uk) about hilariously bad customer service from electronics stores in the warranties department. Overpriced store warranties are a fact of life, albeit appropriate in a few situations--google for "overpriced warranty". Her response, while a bit snippy and, as you say, unrealistic for items like monitors and hard drives, is founded on some fair examples.
to one day replace planes and very noisy TGVs with levitation trains...
Points taken, but ICEs, for example, are definitely not noisy compared to either US or UK passenger trains that I've encountered (at least outside the stations.) This is probably due to their requiring special (and thus new) track for high-speed runs.
It's a pretty common misconception that wheeled trains need be noisy--the commuter trains around Zurich (Switzerland) are whisper-quiet.
Re:Perhaps it's really about energy..,,
on
The Future of NASA
·
· Score: 1
and beam the power back to Earth orbit via microwave, then relay down to the surface...
...straight into al-Qaeda regional commander Ali Hassan al-Akhbar's jeep in the Yemeni desert.
-An evil supervillain too arrogant to hire a 6 year old to spot obvious flaws in his plan -Obnoxiously saccharine aliens -An equally obnoxious kid -Bad guys who aim like drunkards -Good guys who can't get their shit together enough to make sure the bad guys don't keep coming back
Stir vigorously, bake at 320 degrees and voila.
Or, as the man said in the song, "...but there's this contract I had to sign, that I'll be making these movies till the end of time..."
True. However, I bought the big-ass TIE interceptor a little while back, and spent a whole afternoon/evening putting it together.
I'm 30 years old, having spent a lot of my childhood (until about 2 years ago) playing with legos. I'd completely forgotten how much fun they were, even with instructions to follow.
Seriously though, I've made some good friends through online games (hey, we're coming to xxx, want to get beers?) I noticed that I don't really feel a sense of separation from friends if I have the possibility of using a combination of email, phone, postcards, games, letters, chat, cu-seeme, whatever.
In fact, I enjoy staying in touch with people via short emails more than big massive long letters every odd week--those sort of drive home the point that no, you can't just pop down to the pub with them after work.
That said, something like Xbox live shouldn't replace any means of communication between families, but if they're separated anyway, hey, why not?
I have a firewall and fileserver at home; there's a KVM switch on them, with an old-ish Packard-Bell 15" monitor. It was free, and gives me console access to the boxes, in lieu of having to have buy PC hardware to allow true serial console connections (these are low-end whiteboxes.)
Old monitors are great for this stuff--when they die, you just dump them (here in Switzerland, there is a recycling tax on all electronic equipment; anyone who sells anything electrical or electronic is obliged by law to take it back, no questions asked--usually via a big crate in the back of the store.)
Monitors are ugly and take up space, which (at least in my office) is at a premium, and you gotta drag them along when you move. Unless you're a student or unemployed, there's really not much cause to use an old monitor for daily tasks, unless (a) you're perfectly happy with it, (b) it rocks (see point a) or (c) it's for this sort of console thing on rarely used boxes.
It's not a job, it's a contract position. Contractors are brought in to fill very specific tasks over a limited period of time, get paid a lot of money (that's how it's suppose to be; I'm a consultant, and let me tell you, the things people try...) and don't have any of the regular protections an employee has (paid holidays, sick leave, severance pay, training, whatever.) Stokely has some good things to say here.
It has nothing to do with Europe vs. America--the ADA is actually quite strict about this sort of thing for salaried employees.
As for good social security programs, they died out in the US about the time good railways died out in the UK, for some perspective.
The first two are objectively measurable over time. The latter covers peoples' reluctance to, say, put a DNA probe in their mouth, or put their eye to a retinal scanner for fear of catching pinkeye, or whatnot.
Biometrics themselves can be used to _identify_ someone, but relying on them as a catch-all solution to _authenticate_ is lame (authentication is performed by a combination of what you know, what you have, or what you are--think ATM card + PIN code.) Biometric systems are, under certain circumstances, a good complement to another ID mechanism, no different, for example, than using a GSM card for your mobile phone.
That said, I don't like biometric systems for something like timesheet checking. Aside from the fact that it's undignified and ham-handed (looks great on powerpoint!) there is the danger of non-repudiation in the case of a false positive. Most technical types understand this concet, but do you really think your average manager will believe Joe Frycook that he was present, if for some reason the handprint scanner had a glitch?
The other thing I take issue with is the possibility of a leak or misuse of sensitive data. A time card or ID is a physical object, usually limited to a specific use. However, if an employer has, say, a perfect thumbprint scan of mine, what's stopping him from sharing it? From using it in other, less legitimate areas (hiring a private security firm to check my laptop to see if I'm letting my girlfriend use it, whatever.) Sound paranoid?
It bugs me to see responses along the lines of "if you've nothing to hide, why are you concerned?" I'm concerned because, first, I'm a bit of a naive idealist and believe that people should be treated like human beings, not innately distrusted. And second, I've seen some fairly catastrophic examples of what can go wrong with any technology.
That said, there's a sociological theory that every human being has an innate tendency to want to sabotage authority in some small way--riding the bus without a ticket, cheating on their taxes, etc. My own insignificant little tactics involve trying to make factor #3, acceptance, lower for biometric ID systems--sneeze on eyeball scanners, smear boogers on hand readers, stick gum on camera lenses, whatever.
A few years ago, some German state had to hire private security guards to watch speed cameras, because the locals were taking shotguns to 'em. Cost them a lot of money, and sent a bit of a signal. I'm no anarchist, but occasionally the yay-biometrics mob could use a bit of the same medicine.
Timmy: (in front of yard-a-pult loaded with dog-shaped black trash bag) "Daddy, where's sparky going?" Rick Moranis: "Sparky's going to heaven, Timmy." *pulls lever* (trash bag goes flying into neighbor's yard)
Nice way to make assumptions. Buuut, I'll let myself be trolled here.
a) I didn't 'bash' an OS. I pointed out that a given version doesn't run cleanly on one particular model of a laptop, and that I'm using a prior release.
b) I've been using FreeBSD for > 5 years now. All my personal machines run on it; I have installed it at numerous customer sites. Draw your own conclusions.
c) There's no such thing as a regular 'puter'. There are different types of hardware, which aren't always supported right off the bat.
Cool, does this mean that when their intermediate root RFID numbers expire, we get free stuff? Or does it just mean that the cash register will pop up error messages when they try to verify my purchases?
Your reasoning is correct, but you're overlooking the possibility of them using some sort of front-end accelerator or loadbalancers which port-forward traffic x to box 'a' and traffic y to box 'b'. That's pretty common, in order to split load and functionality.
It's not that complicated though--you'll note that ftp.sco.com is 216.250.120.13 and www is 216.250.120.12. I don't know how netcraft would get http header info from ftp, as it's not listening on ports 80 or 443. You should also note that Netcraft's records date from 2000--they list the IPs as 209.1.8.x.
Slashdot Mirror
You're completely, frighteningly correct. You wouldn't imagine how much time I've spent, (often successfully) trying to convince customers that, if some dude's looking at net porn all day, their problem goes deeper than anything that could be solved by looking over his shoulder.
Kind of goes along the same line as blaming parents for delinquent kids--it's fascinating, how few senior management types are willing to hold lower management accountable for what their people do all day, instead preferring quick-fix surveillance "solutions".
...or at least my customers think so. I am a security consultant, and I certainly do not believe that you'll get anywhere through removal of users' freedom. Nor do most of my "expert" colleagues. In fact, that viewpoint I've most frequently heard from fairly clueless middle management most concerned with immediate, bandaid fixes to deeper problems.
Like it or not, that's what it comes down to--freedom and choice. Our job is not, like in other fields, to "get to the bottom of the problem", but to fix the symptoms. Because, frankly, the cure would be worse than the disease.
Currently, you and I, as "clued" users, have access to the resources we need. We would be needlessly crippled by DRM, technical restrictions, whatnot. We all saw how effective US export controls on encryption technology were in the long run, and a lot of us have run into situations at work where we simply couldn't do the job with the given tools (all of which had to go through months of committees and acceptance testing, whatever.)
I'll grant you that corporations have more leeway in this; a company environment is more likely (and legitimately so) to be less flexible regarding software tools available to employees. But for general use?
I've been following loads of discussions among ISPs, for example, who see nothing fundamentally wrong with limiting traffic to ports 25, 110 and 143. Nice prospects, you say? Well take this a step further--when "someone" decides that the grannies of this world, whose PCs are currently spitting worms left and right, should be locked down, do you think that the type of legislation and technological restrictions necessary to do this will differentiate between the grannies and the "clued" users?
I don't have the answers, but I strongly suspect they go in the direction of continuing education. A few years ago, most people couldn't spell "virus" (well, they probably still can't, but they at least know what it is.) Putting the spotlight on security holes and spam and and and for the average joe is what gets results, not locking shit down.
Sorry for the ramble.
Well, you're utterly correct. However, you make the same fallacy that most space warfare scholars base their studies on.
That being, controlling space is no different from controlling the hilltop fortress in medieval warfare. You don't need to send fancy weaponry up there--ever read Heinlein's "The Moon is a Harsh Mistress"? Once you're king of the hill, you just drop big rocks on people. Surprisingly effective tactic, that.
Well learning how to quietly sneak up behind people with a knife has proven to be an invaluable skill for me in the business world.
Great--then Alan Ralsky wouldn't just have the FBI, CAUCE, Habeas' Lawyers, the FCC, and five hundred thousand magazine subscriptions and pepperoni pizza home deliveries to contend with, but he'd also be pursued by hordes upon hordes of the Emperor's deadly ninja assassin squad on his ass.
I think you're getting a bit huffy over nothing, to be honest. Yes, the majority of the population is fairly tech-illiterate, but on the other hand, many slimy/dishonest sales people exist. Think "commission".
No, it's not. The way you put it, yes, it's a bit direct and maybe inappropriately straightforward, but trying to find out what your client is trying to do is high up there for good customer service. If a sales drone has some crap like "customer consultant" on his nametag, he'd better damn well try to consult.
As for the extended warranty, there were a lot of cases in the UK recently (back-search theregister.co.uk) about hilariously bad customer service from electronics stores in the warranties department. Overpriced store warranties are a fact of life, albeit appropriate in a few situations--google for "overpriced warranty". Her response, while a bit snippy and, as you say, unrealistic for items like monitors and hard drives, is founded on some fair examples.
to one day replace planes and very noisy TGVs with levitation trains...
Points taken, but ICEs, for example, are definitely not noisy compared to either US or UK passenger trains that I've encountered (at least outside the stations.) This is probably due to their requiring special (and thus new) track for high-speed runs.
It's a pretty common misconception that wheeled trains need be noisy--the commuter trains around Zurich (Switzerland) are whisper-quiet.
and beam the power back to Earth orbit via microwave, then relay down to the surface...
Zot!
Ok, and here's some content to flesh it out:
-An evil supervillain too arrogant to hire a 6 year old to spot obvious flaws in his plan
-Obnoxiously saccharine aliens
-An equally obnoxious kid
-Bad guys who aim like drunkards
-Good guys who can't get their shit together enough to make sure the bad guys don't keep coming back
Stir vigorously, bake at 320 degrees and voila.
Or, as the man said in the song, "...but there's this contract I had to sign, that I'll be making these movies till the end of time..."
True. However, I bought the big-ass TIE interceptor a little while back, and spent a whole afternoon/evening putting it together.
I'm 30 years old, having spent a lot of my childhood (until about 2 years ago) playing with legos. I'd completely forgotten how much fun they were, even with instructions to follow.
Seriously though, I've made some good friends through online games (hey, we're coming to xxx, want to get beers?) I noticed that I don't really feel a sense of separation from friends if I have the possibility of using a combination of email, phone, postcards, games, letters, chat, cu-seeme, whatever.
In fact, I enjoy staying in touch with people via short emails more than big massive long letters every odd week--those sort of drive home the point that no, you can't just pop down to the pub with them after work.
That said, something like Xbox live shouldn't replace any means of communication between families, but if they're separated anyway, hey, why not?
I have a firewall and fileserver at home; there's a KVM switch on them, with an old-ish Packard-Bell 15" monitor. It was free, and gives me console access to the boxes, in lieu of having to have buy PC hardware to allow true serial console connections (these are low-end whiteboxes.)
Old monitors are great for this stuff--when they die, you just dump them (here in Switzerland, there is a recycling tax on all electronic equipment; anyone who sells anything electrical or electronic is obliged by law to take it back, no questions asked--usually via a big crate in the back of the store.)
Monitors are ugly and take up space, which (at least in my office) is at a premium, and you gotta drag them along when you move. Unless you're a student or unemployed, there's really not much cause to use an old monitor for daily tasks, unless (a) you're perfectly happy with it, (b) it rocks (see point a) or (c) it's for this sort of console thing on rarely used boxes.
It's not a job, it's a contract position. Contractors are brought in to fill very specific tasks over a limited period of time, get paid a lot of money (that's how it's suppose to be; I'm a consultant, and let me tell you, the things people try...) and don't have any of the regular protections an employee has (paid holidays, sick leave, severance pay, training, whatever.) Stokely has some good things to say here.
It has nothing to do with Europe vs. America--the ADA is actually quite strict about this sort of thing for salaried employees.
As for good social security programs, they died out in the US about the time good railways died out in the UK, for some perspective.
I've peripherally dealt with a few biometric identification systems deployments, and there are three major factors to consider:
-False positives (%)
-False negatives (%)
-Acceptance
The first two are objectively measurable over time. The latter covers peoples' reluctance to, say, put a DNA probe in their mouth, or put their eye to a retinal scanner for fear of catching pinkeye, or whatnot.
Biometrics themselves can be used to _identify_ someone, but relying on them as a catch-all solution to _authenticate_ is lame (authentication is performed by a combination of what you know, what you have, or what you are--think ATM card + PIN code.) Biometric systems are, under certain circumstances, a good complement to another ID mechanism, no different, for example, than using a GSM card for your mobile phone.
That said, I don't like biometric systems for something like timesheet checking. Aside from the fact that it's undignified and ham-handed (looks great on powerpoint!) there is the danger of non-repudiation in the case of a false positive. Most technical types understand this concet, but do you really think your average manager will believe Joe Frycook that he was present, if for some reason the handprint scanner had a glitch?
The other thing I take issue with is the possibility of a leak or misuse of sensitive data. A time card or ID is a physical object, usually limited to a specific use. However, if an employer has, say, a perfect thumbprint scan of mine, what's stopping him from sharing it? From using it in other, less legitimate areas (hiring a private security firm to check my laptop to see if I'm letting my girlfriend use it, whatever.) Sound paranoid?
It bugs me to see responses along the lines of "if you've nothing to hide, why are you concerned?" I'm concerned because, first, I'm a bit of a naive idealist and believe that people should be treated like human beings, not innately distrusted. And second, I've seen some fairly catastrophic examples of what can go wrong with any technology.
That said, there's a sociological theory that every human being has an innate tendency to want to sabotage authority in some small way--riding the bus without a ticket, cheating on their taxes, etc. My own insignificant little tactics involve trying to make factor #3, acceptance, lower for biometric ID systems--sneeze on eyeball scanners, smear boogers on hand readers, stick gum on camera lenses, whatever.
A few years ago, some German state had to hire private security guards to watch speed cameras, because the locals were taking shotguns to 'em. Cost them a lot of money, and sent a bit of a signal. I'm no anarchist, but occasionally the yay-biometrics mob could use a bit of the same medicine.
Great, then you get mad wolves.
so let the French have it
Rather, I think the French let the English have it.
"Fetchez la vache".
"Quoi?"
"Fetchez la vache!" *sproing* MOOOOOOooooosplat
And then, all your dead cow are belong to us!
From Saturday Night Live
Timmy: (in front of yard-a-pult loaded with dog-shaped black trash bag) "Daddy, where's sparky going?"
Rick Moranis: "Sparky's going to heaven, Timmy." *pulls lever*
(trash bag goes flying into neighbor's yard)
Nice way to make assumptions. Buuut, I'll let myself be trolled here.
a) I didn't 'bash' an OS. I pointed out that a given version doesn't run cleanly on one particular model of a laptop, and that I'm using a prior release.
b) I've been using FreeBSD for > 5 years now. All my personal machines run on it; I have installed it at numerous customer sites. Draw your own conclusions.
c) There's no such thing as a regular 'puter'. There are different types of hardware, which aren't always supported right off the bat.
d) You're an idiot.
Cheers for the amusement.
Cool, does this mean that when their intermediate root RFID numbers expire, we get free stuff? Or does it just mean that the cash register will pop up error messages when they try to verify my purchases?
Yes, except someone got a decimal point wrong. Slashdot readers still have their souls, but no lives.
(-:
All flat maps of the US are lies.
You bet they are. I've spent hours looking for the gigantic 'M' that's supposed to be near the immense yellow dotted line crossing through my town.
They are. Check out how far down below the surface of the earth that map goes.
Your reasoning is correct, but you're overlooking the possibility of them using some sort of front-end accelerator or loadbalancers which port-forward traffic x to box 'a' and traffic y to box 'b'. That's pretty common, in order to split load and functionality.
It's not that complicated though--you'll note that ftp.sco.com is 216.250.120.13 and www is 216.250.120.12. I don't know how netcraft would get http header info from ftp, as it's not listening on ports 80 or 443. You should also note that Netcraft's records date from 2000--they list the IPs as 209.1.8.x.
Good thinking, but try again, grasshopper (-:
..."but this one goes to eleven..!"