Developers with Linux experience are a LOT more dangerous than developers without linux experience. My experience has been (100% of the time) when I give "experienced developers" access to commands like 'chmod', I find all kinds of files mode 777 (among a list of about 10,000 random, stupid things developers do) because, well, I've heard pretty much every excuse you can imagine.
The problem is that as soon as people outside of the core sysadmin team have access to critical system commands (cp, chown, chmod) the integrity of the box is left to chance. There's always the possibility someone is going to do something outside the policy. Sysadmins make it their job to know and understand the impact of every change to a box. Developers tend to make changes in order to get their stuff to work, regardless of the consequence (hey, each group is just trying to do their job, which is "make it work!!" -- I'm not defending either side).
My rule of thumb:
- Developers get root in their dev environments. - Sysadmins get root in the production environments (developers shouldn't even have user-level logins to these machines.) If your company is releasing software (even for internal use) properly, the IT group will be managing the code as a product, using developers as a help desk rather than letting them manage the applications directly.
Being paranoid is fine -- but it's only 1% of the battle -- and it makes no sense to run around closing up every possible hole you find.
A security expert is supposed to identify ALL of the possible ways in which the organization may experience a negative impact as a result of poor security (both logical and physical). His job, brace yourselves kids, is not to close all of the holes!! Rather, his role is centered around determining the cost/benefit of taking care of each specific issue. If there's a 0.5% risk of a particular security hole costing a large organization only $1,000 in damages and cleanup, and closing that hole will cost $5,000 in man-hours and hardware, it's pretty clear what the correct choice is. On the other hand, the risk may be low, and the cost may be low, so you just do it. Or the risk me be high, and the cost high, so you STILL do it... you get the idea.
Being paranoid is fine -- it will help you identify security problems that others may or may not see. However, what to DO about the holes you find is where the real work begins.
I can't imagine a cost-benefit scenario that justifies issuing smart-cards to family members on a home network. This guy has officially achieved 'retard' status.
The consumer mass-market doesn't view viruses and worms as the fault of the operating system. Rather, they blame the guys who write the bad stuff -- not the guys who make it possible.
Same reason the people who hate drunk driving aren't going after auto-manufacturers. Instead, they go after the idiots doing the drunk driving.
I'm not defending either position. Simple stating what I believe is the perception of the public.
So I just saw a post that says IT jobs are getting harder and harder to find.. and now this one complaining that compensation packages are going down.
Do we need to go back to Economics 101 ??
When there are more people than jobs, they don't have to pay you what you're worth, because there's someone out there, probably equally or more qualified, willing to work for a lot less.
The days of being overcompensated are over. Count your blessings if you're paid market average (which no longer includes options). Don't like it? Start your own company.
This guy did nothing but further my belief that Linux is not something I would ever give to my mother. Every point he made was an excuse as to why Linux is hard to use, not a myth-buster.
Before you read this, know that I am a UNIX-lover of 10+ years. I eat, sleep, and breathe in Linux, Solaris, and FreeBSD. I love UNIX, I know how to use it, and I would never give it up.
The REAL myths are in his article:
His Myth 1: Linux is just as easy to install as Windows. -- My mom can install Windows (without any help from me -- I just tell her "If you don't know what to do, just click Next" -- and when she's done, she has a fully functional OS. The linux installation experience is dramatically more complicated, and it's unlikely the end-product will work right if it was done by a novice (he pretty much admits this).
His Myth 2: Linux has lots of great applications -- while Linux has lots of applications, most of them are designed by open-source developer 12-year olds with no concept of interface design, usability, or QA. High quality apps in the OSS world do exist, but they're not the status-quo. (this is a religious argument that I'm sure I'm starting here) -- but there are very few apps for Linux that my mom can use without calling me.
His Myth 3: Installing software is easy with Linux. I find this one the most intriguing becaue he blames the users for not knowing where to look. This only furthers my position that interface design is the most essential element to a user-friendly OS. Listen folks, if the users don't know where to click to un-install apps, that's a design problem, it's not the fault of the "dumb end user who doesn't know how to use the system". The point here is that the system is hard to use -- blaming the users for being too dumb to figure it out isn't the solution to convincing people the OS is ready for broad public use.
I've been a Vonage subscriber for 6 months now. A few notes:
1. I hooked my vonage unit into the core wiring of my house (unplugged the qwest line, and plugged vonage in there instead). This makes it so that my phone infrastructure inside my house remains unchanged. My wife wouldn't even know we didn't have a standard POTS line if I hadn't told her. All of the phone jacks in the house work as one would expect them to. (I even take advantage of the multiple phone-line support provided by the Vonage unit -- the phone jack in my office is wired into the other line).
2. This means my TiVo (all three of them) work great.
3. 911 calling is a feature provided by Vonage. While I've not had to use it yet, Vonage makes it clear that this is included and available.
4. I've never run into a "major fast food" company (pizza hut?) that relied on a phone directory to deliver pizza. My pizza's make it just fine.
5. The guy who wrote this article is a retard who doesn't know anything about consumer VOIP offerings.
Remember, google page-ranks are based on who links to you. This seems like a great way for spammers to get their web-sites ranked higher in search engines.
Of course, I can't remember the last time I had to google for 'penis enlargement'. Companies have been kind enough to save me the trouble and send the results straight to my inbox.
Side note: My blog gets about 2 of these a week now.
After facing the same dilemma you're facing and having a VERY limited (read: no) budget, I stumbled upon Request Tracker. It's got all the features you get in the $20k packages (albeit a little rough around the edges on the GUI, as with most open-source), but it's completely free.
It's scriptable, it has plugins, it's web-based, it has full email management (submit tickets, reply to tickets, and receive ticket status via email -- even have people login to check the status of all their tickets, close tickets, etc.)
It ALSO has a full command-line suite of utilities, the system is completely object oriented (read: easily extended) and it's overall one of the best most complete perl / mod_perl projects I've ever seen. Jesse did a great job with this one.
You'll notice that the data is insecure so much as the database the biometric information is stored in is protected.
All they're saying is that if they have access to that information, they can generate something that can authenticate against it. (DUH!)
The moral of the story is that if you don't want someone to pretend to be Bob's face, don't give anyone access to the database that has the information on what Bob's face looks like to the biometric scanners./. has sure been good at wasting my time with useless news lately.
The airwaves are a slightly different story, since there's a finite amount of space available on which to broadcast FM radio signals that can be received by consumers with a $5 radio. Want to know what happens when someone's not regulating the airwaves? Turn your CB to channel 19 and experience a world where money doesn't control what you can broadcast.
Private infrastructure is a completely different story. You simply can't expect someone to lay out billions of investment and then DEMAND that they let their COMPETITION use it! How would you feel if you bought a house and the government passed a law that said you had no choice but to let transients sleep in your living room if they wanted to. That's YOUR house and YOUR money. You will let whomever you wish sleep there. Why is private infrastructure any different? If you don't want to pay their fees, then don't. The price can't be set any higher than people are willing to pay or nobody would buy it and they wouldn't roll it out in the first place.
Isn't it nice when nobody tells you what you have to do? It goes both ways.
I don't understand how forcing a LEC to share their infrastructure promotes growth. It does the opposite.
Would you pay billions to deploy an infrastructure if you were going to be forced by the FCC to let your competition use it? Hell no.
Come on people. Forcing businesses to share what they build is only going to make them not build it in the first place. Letting them keep what they build will encourage competition and give multiple carriers a fair shot at the same market. Granted, the little guys aren't going to be in a position to deploy billions of dollars in Fiber to homes that are only willing to pay $50/mo for service (I don't see this as a winning venture no matter HOW you look at it) but that's what VC's are for I guess.
If it's a profitable venture, the money will be on the table for more than one person to go after it. If it's not profitable (once again, Fiber to the home at $50 a month? Sorry kids, this isn't magic fairy land) then nobody will touch it anyway.
Still...I'd much rather use something like FreeVo or MythTV and actually burn my shows to cd, stream whatever I want, etc, etc."
The/. crowd is still missing a valuable lesson in "building your own tivo" -- it's freaking EXPENSIVE! I love how all the lists of "needed hardware" included multiple super high-end video capture cards -- each of which costs the same as a full TiVo.
I love my TiVo (I own two of them). The software rocks. My wife can use it. My 2-year old can use it, and yet I'm still amazed at how powerful it is. Then along comes the OSS community. Builds a competitive box at 3x the price, software that's more difficult to use, and a feature-set that still can't compete. (yay for OSS).
It would seem to me that anyone attempting to create an invention that appears on a "to invent" list of this sort would not be an innovator.
Haven't you learned yet that the people who think of the idea get very little. The people who get off their ass and build/market/produce are the ones raking in the cash.
I live and work in Logan as a UNIX engineer/CTO of a technology company -- this is great news. If you guys at Logan high school need some UNIX/Linux expertise, let me know. I'd be happy to donate my time/services.:) (brian@zyx.net)
If you take away the right of Microsoft to present their side, corporations are going to wonder what exactly it is you're trying to hide.
If the open-source products are to become a viable player in the Fortune 500 world, all of the players in the game must be allowed to present their side or mistrust results. The suits aren't about to let a bunch of arrogant open-source biggots tell them how to run their business. If the open-source community wants respect, they're going to have to GIVE respect (even if it means not receiving it in return). It's time to start behaving like professionals, people.
I really dig sun hardware -- it's extremely robust, but when it comes down to price, you can buy an awful lot of intel power for the prices Sun tries to get you to pay.
This won't save Sun for one simple reason... Even if they lower their prices to a point where it's really "worth" the extra dollars to buy the Sun label (again, their hardware is far more robust than anything I've seen on the Intel side) customers aren't going to recognize that.
Sure, bigger companies will still recognize the value of buying more robust hardware, but their mid-market business will dry up and Sun will buckle. IBM will step in to fill the high-end server role (with Linux) and in 6 years, Sun will be a distant memory.
I've been a licensed HAM radio operator for about 11 years now (I got my license back in the days when you had to know morse code)!
Anyway.. HAM operators aren't just a bunch of radio cowboys out there with expensive high-powered gear. The HAM test itself makes sure that people understand a significant amount of theory before they're allowed to use that gear. In addition, while the laws are very flexible in part 97, they also have some interesting wording. For example, what's the maximum amount of power you're allowed to use in any given band? Answer: "The minimum needed to establish reliable communications". My observations of the HAM community are that these are polite, responsible people and I don't think you need to worry about anyone intentionally causing interfernce to your Wi-Fi network. In situations where HAM's need long-distance high-power signals, they often switch to directional beam antennas so as not to interfere with anyone. If anything, they're going to want to help improve the 802.11b spectrum.
No reason for anyone to get their panties in a wad. This is a GOOD thing for the WiFi community as you're going to start seeing some very unique and innovative uses for the spectrum -- you're also going to see a very large community with the ear of the FCC fighting to improve WiFi in general.
I've got a desktop computer hooked into my HDTV media center (a Sony WH11HT HDTV projector with an Onkyo THX receiver). When I hook the output of the computer to the system via S-Video (and keep in mind this is a MASSIVE 120" screen in HDTV) I can only put the resolution as high as 800x600 before the text becomes too blurry to read. This should correct that.. hooray!!
But it failed to point out that the big players in the telecom game are already well aware that their product (voice services via copper) are already obsolete. Why do you think the big boys (MCI, Sprint, Qwest) have such massive investments in the internet backbone? They recognize that the future of communications isn't land-line telephones, it's massive internet backbones. This is where every major player in the telecom game has banked their future. They're not idiots sitting in a smoke-filled conference room with no vision -- these people understand that their revenue stream on the internet side will ultimately replace their revenue stream on the consumer / voice side and they are already geared for it.
The point is that switching to the internet backbone for your voice services doesn't hurt them -- it simply moves your service from column A to column B on their balance sheet.
I wrote a quick perl script to do this for a friend who has a camera phone.
It picks up the incoming mail via a sendmail pipe (in/etc/aliases) which routes it to a perl script which parses out the email content and attachments (pictures from the phone) and posts them to a MySQL database. The front-end of the project involved CGI scripts that would talk to the MySQL database and display the data to the web.
Result? Real-time blogging from the camera with pictures and text! Total lines of code? Less than 100.
Slashdot Mirror
Developers with Linux experience are a LOT more dangerous than developers without linux experience. My experience has been (100% of the time) when I give "experienced developers" access to commands like 'chmod', I find all kinds of files mode 777 (among a list of about 10,000 random, stupid things developers do) because, well, I've heard pretty much every excuse you can imagine.
The problem is that as soon as people outside of the core sysadmin team have access to critical system commands (cp, chown, chmod) the integrity of the box is left to chance. There's always the possibility someone is going to do something outside the policy. Sysadmins make it their job to know and understand the impact of every change to a box. Developers tend to make changes in order to get their stuff to work, regardless of the consequence (hey, each group is just trying to do their job, which is "make it work!!" -- I'm not defending either side).
My rule of thumb:
- Developers get root in their dev environments.
- Sysadmins get root in the production environments (developers shouldn't even have user-level logins to these machines.) If your company is releasing software (even for internal use) properly, the IT group will be managing the code as a product, using developers as a help desk rather than letting them manage the applications directly.
Stick to this and everyone will be happy.
Being paranoid is fine -- but it's only 1% of the battle -- and it makes no sense to run around closing up every possible hole you find.
A security expert is supposed to identify ALL of the possible ways in which the organization may experience a negative impact as a result of poor security (both logical and physical). His job, brace yourselves kids, is not to close all of the holes!! Rather, his role is centered around determining the cost/benefit of taking care of each specific issue. If there's a 0.5% risk of a particular security hole costing a large organization only $1,000 in damages and cleanup, and closing that hole will cost $5,000 in man-hours and hardware, it's pretty clear what the correct choice is. On the other hand, the risk may be low, and the cost may be low, so you just do it. Or the risk me be high, and the cost high, so you STILL do it... you get the idea.
Being paranoid is fine -- it will help you identify security problems that others may or may not see. However, what to DO about the holes you find is where the real work begins.
I can't imagine a cost-benefit scenario that justifies issuing smart-cards to family members on a home network. This guy has officially achieved 'retard' status.
The consumer mass-market doesn't view viruses and worms as the fault of the operating system. Rather, they blame the guys who write the bad stuff -- not the guys who make it possible.
Same reason the people who hate drunk driving aren't going after auto-manufacturers. Instead, they go after the idiots doing the drunk driving.
I'm not defending either position. Simple stating what I believe is the perception of the public.
So I just saw a post that says IT jobs are getting harder and harder to find .. and now this one complaining that compensation packages are going down.
Do we need to go back to Economics 101 ??
When there are more people than jobs, they don't have to pay you what you're worth, because there's someone out there, probably equally or more qualified, willing to work for a lot less.
The days of being overcompensated are over. Count your blessings if you're paid market average (which no longer includes options). Don't like it? Start your own company.
If you need a book to do it, the gap has not been filled.
This guy did nothing but further my belief that Linux is not something I would ever give to my mother. Every point he made was an excuse as to why Linux is hard to use, not a myth-buster.
Before you read this, know that I am a UNIX-lover of 10+ years. I eat, sleep, and breathe in Linux, Solaris, and FreeBSD. I love UNIX, I know how to use it, and I would never give it up.
The REAL myths are in his article:
His Myth 1: Linux is just as easy to install as Windows. -- My mom can install Windows (without any help from me -- I just tell her "If you don't know what to do, just click Next" -- and when she's done, she has a fully functional OS. The linux installation experience is dramatically more complicated, and it's unlikely the end-product will work right if it was done by a novice (he pretty much admits this).
His Myth 2: Linux has lots of great applications -- while Linux has lots of applications, most of them are designed by open-source developer 12-year olds with no concept of interface design, usability, or QA. High quality apps in the OSS world do exist, but they're not the status-quo. (this is a religious argument that I'm sure I'm starting here) -- but there are very few apps for Linux that my mom can use without calling me.
His Myth 3: Installing software is easy with Linux. I find this one the most intriguing becaue he blames the users for not knowing where to look. This only furthers my position that interface design is the most essential element to a user-friendly OS. Listen folks, if the users don't know where to click to un-install apps, that's a design problem, it's not the fault of the "dumb end user who doesn't know how to use the system". The point here is that the system is hard to use -- blaming the users for being too dumb to figure it out isn't the solution to convincing people the OS is ready for broad public use.
I've been a Vonage subscriber for 6 months now. A few notes:
1. I hooked my vonage unit into the core wiring of my house (unplugged the qwest line, and plugged vonage in there instead). This makes it so that my phone infrastructure inside my house remains unchanged. My wife wouldn't even know we didn't have a standard POTS line if I hadn't told her. All of the phone jacks in the house work as one would expect them to. (I even take advantage of the multiple phone-line support provided by the Vonage unit -- the phone jack in my office is wired into the other line).
2. This means my TiVo (all three of them) work great.
3. 911 calling is a feature provided by Vonage. While I've not had to use it yet, Vonage makes it clear that this is included and available.
4. I've never run into a "major fast food" company (pizza hut?) that relied on a phone directory to deliver pizza. My pizza's make it just fine.
5. The guy who wrote this article is a retard who doesn't know anything about consumer VOIP offerings.
Are any of these features NOT copied from PhotoShop?
Remember, google page-ranks are based on who links to you. This seems like a great way for spammers to get their web-sites ranked higher in search engines.
Of course, I can't remember the last time I had to google for 'penis enlargement'. Companies have been kind enough to save me the trouble and send the results straight to my inbox.
Side note: My blog gets about 2 of these a week now.
After facing the same dilemma you're facing and having a VERY limited (read: no) budget, I stumbled upon Request Tracker. It's got all the features you get in the $20k packages (albeit a little rough around the edges on the GUI, as with most open-source), but it's completely free.
It's scriptable, it has plugins, it's web-based, it has full email management (submit tickets, reply to tickets, and receive ticket status via email -- even have people login to check the status of all their tickets, close tickets, etc.)
It ALSO has a full command-line suite of utilities, the system is completely object oriented (read: easily extended) and it's overall one of the best most complete perl / mod_perl projects I've ever seen. Jesse did a great job with this one.
This thing is gold.
You'll notice that the data is insecure so much as the database the biometric information is stored in is protected.
/. has sure been good at wasting my time with useless news lately.
All they're saying is that if they have access to that information, they can generate something that can authenticate against it. (DUH!)
The moral of the story is that if you don't want someone to pretend to be Bob's face, don't give anyone access to the database that has the information on what Bob's face looks like to the biometric scanners.
The airwaves are a slightly different story, since there's a finite amount of space available on which to broadcast FM radio signals that can be received by consumers with a $5 radio. Want to know what happens when someone's not regulating the airwaves? Turn your CB to channel 19 and experience a world where money doesn't control what you can broadcast.
Private infrastructure is a completely different story. You simply can't expect someone to lay out billions of investment and then DEMAND that they let their COMPETITION use it! How would you feel if you bought a house and the government passed a law that said you had no choice but to let transients sleep in your living room if they wanted to. That's YOUR house and YOUR money. You will let whomever you wish sleep there. Why is private infrastructure any different? If you don't want to pay their fees, then don't. The price can't be set any higher than people are willing to pay or nobody would buy it and they wouldn't roll it out in the first place.
Isn't it nice when nobody tells you what you have to do? It goes both ways.
I don't understand how forcing a LEC to share their infrastructure promotes growth. It does the opposite.
Would you pay billions to deploy an infrastructure if you were going to be forced by the FCC to let your competition use it? Hell no.
Come on people. Forcing businesses to share what they build is only going to make them not build it in the first place. Letting them keep what they build will encourage competition and give multiple carriers a fair shot at the same market. Granted, the little guys aren't going to be in a position to deploy billions of dollars in Fiber to homes that are only willing to pay $50/mo for service (I don't see this as a winning venture no matter HOW you look at it) but that's what VC's are for I guess.
If it's a profitable venture, the money will be on the table for more than one person to go after it. If it's not profitable (once again, Fiber to the home at $50 a month? Sorry kids, this isn't magic fairy land) then nobody will touch it anyway.
Capitalism is a beautiful thing.
Still...I'd much rather use something like FreeVo or MythTV and actually burn my shows to cd, stream whatever I want, etc, etc."
/. crowd is still missing a valuable lesson in "building your own tivo" -- it's freaking EXPENSIVE! I love how all the lists of "needed hardware" included multiple super high-end video capture cards -- each of which costs the same as a full TiVo.
The
I love my TiVo (I own two of them). The software rocks. My wife can use it. My 2-year old can use it, and yet I'm still amazed at how powerful it is. Then along comes the OSS community. Builds a competitive box at 3x the price, software that's more difficult to use, and a feature-set that still can't compete. (yay for OSS).
Buy a real TiVo -- you won't regret it.
My PocketPC came with a terminal services client. Exactly what does this do that I can't do out of the box?
It would seem to me that anyone attempting to create an invention that appears on a "to invent" list of this sort would not be an innovator.
Haven't you learned yet that the people who think of the idea get very little. The people who get off their ass and build/market/produce are the ones raking in the cash.
I live and work in Logan as a UNIX engineer/CTO of a technology company -- this is great news. If you guys at Logan high school need some UNIX/Linux expertise, let me know. I'd be happy to donate my time/services. :) (brian@zyx.net)
If you take away the right of Microsoft to present their side, corporations are going to wonder what exactly it is you're trying to hide.
If the open-source products are to become a viable player in the Fortune 500 world, all of the players in the game must be allowed to present their side or mistrust results. The suits aren't about to let a bunch of arrogant open-source biggots tell them how to run their business. If the open-source community wants respect, they're going to have to GIVE respect (even if it means not receiving it in return). It's time to start behaving like professionals, people.
Free speech is a right. Being heard is a privilege.
I really dig sun hardware -- it's extremely robust, but when it comes down to price, you can buy an awful lot of intel power for the prices Sun tries to get you to pay.
This won't save Sun for one simple reason... Even if they lower their prices to a point where it's really "worth" the extra dollars to buy the Sun label (again, their hardware is far more robust than anything I've seen on the Intel side) customers aren't going to recognize that.
Sure, bigger companies will still recognize the value of buying more robust hardware, but their mid-market business will dry up and Sun will buckle. IBM will step in to fill the high-end server role (with Linux) and in 6 years, Sun will be a distant memory.
I've been a licensed HAM radio operator for about 11 years now (I got my license back in the days when you had to know morse code)!
Anyway.. HAM operators aren't just a bunch of radio cowboys out there with expensive high-powered gear. The HAM test itself makes sure that people understand a significant amount of theory before they're allowed to use that gear. In addition, while the laws are very flexible in part 97, they also have some interesting wording. For example, what's the maximum amount of power you're allowed to use in any given band? Answer: "The minimum needed to establish reliable communications". My observations of the HAM community are that these are polite, responsible people and I don't think you need to worry about anyone intentionally causing interfernce to your Wi-Fi network. In situations where HAM's need long-distance high-power signals, they often switch to directional beam antennas so as not to interfere with anyone. If anything, they're going to want to help improve the 802.11b spectrum.
No reason for anyone to get their panties in a wad. This is a GOOD thing for the WiFi community as you're going to start seeing some very unique and innovative uses for the spectrum -- you're also going to see a very large community with the ear of the FCC fighting to improve WiFi in general.
I've got a desktop computer hooked into my HDTV media center (a Sony WH11HT HDTV projector with an Onkyo THX receiver). When I hook the output of the computer to the system via S-Video (and keep in mind this is a MASSIVE 120" screen in HDTV) I can only put the resolution as high as 800x600 before the text becomes too blurry to read. This should correct that.. hooray!!
But it failed to point out that the big players in the telecom game are already well aware that their product (voice services via copper) are already obsolete. Why do you think the big boys (MCI, Sprint, Qwest) have such massive investments in the internet backbone? They recognize that the future of communications isn't land-line telephones, it's massive internet backbones. This is where every major player in the telecom game has banked their future. They're not idiots sitting in a smoke-filled conference room with no vision -- these people understand that their revenue stream on the internet side will ultimately replace their revenue stream on the consumer / voice side and they are already geared for it.
The point is that switching to the internet backbone for your voice services doesn't hurt them -- it simply moves your service from column A to column B on their balance sheet.
I wrote a quick perl script to do this for a friend who has a camera phone.
/etc/aliases) which routes it to a perl script which parses out the email content and attachments (pictures from the phone) and posts them to a MySQL database. The front-end of the project involved CGI scripts that would talk to the MySQL database and display the data to the web.
It picks up the incoming mail via a sendmail pipe (in
Result? Real-time blogging from the camera with pictures and text! Total lines of code? Less than 100.
"It looks like he's shipping his grandmother a CD-R of 'Rock Around the Clock' remixed 13 times... ARREST THIS MAN!"