They will know by the results and feedback they get from the individuals, the team, from other managers, published articles, etc. A good manager knows what to look for and it doesn't have to be specialized knowledge.
Wow. Someone who actually advocates that non-technical managers look in "published articles" for insight.
My experience has been completely the opposite. I have to continually fight to stop management from wanting whatever magic bullet they just read about in an in-flight magazine.
So your "manager" doesn't manage much.
on
Fire Your IT Boss
·
· Score: 1
The relevant lead person would make the final decision - and if it goes wrong, it's his responsibility.
So your situation is more like 2 technically knowledgeable managers (one Windows and one Unix) and a rubber stamp from the guy who is "above" them.
Now, what happens when the rubber stamp guy has a limited budget... but the Windows manager wants to spend 51% of it on a Windows project... and the Unix manager wants to spend 51% of it on a Unix project?
You have the kind of manager that you describe. He is is charge of two people. Those people are telling him two different things. How does he choose what to do? Why?
I have been in that situation many times.
The problem is that the less technical the manager is, the easier he is to be swayed by vague promises and hand-waving.
What surrounding yourself with civilians does is make the US army more hesitant to simply blow you away.That seems to be the part you have a problem understanding.
No, it does not.
There are enough examples of dead civilians to show you how wrong you are.
Yet there is not a single instance that you can show where someone was not killed because they were near civilians.
I can even provide examples where civilians (reporters) were targeted where no "insurgent" was.
How do you know they know their job?
on
Fire Your IT Boss
·
· Score: 1
Yep, what matters to me is a manager who listens to the people who know their job.
And without the specialized knowledge of that field yourself, how do you know that they know their job?
As long as the communication's right, a manager doen't need the technical skills.
See above.
Anyone who believes that technical knowledge is superfluous to a manager is deluding themselves.
In any case it in no way negates my argument that insurgents are safest when surrounded by civilians.
Actually it does.
You may still end up killed, but if you can drag women and children into the casualties, you'll at least give the US a black eye in press.
So by "safest" you mean "killed".
That's a usage of "safe" that I was previously unfamiliar with.
Leaving morality aside (because that's a harder argument to make and a lot more charged), in just a practical sense they'd have to be *amazingly* stupid not to avoid it.
Read your remark about "a black eye in the press".
By your "logic", that means that...
Leaving morality aside (because that's a harder argument to make and a lot more charged), in just a practical sense they'd have to be *amazingly* stupid not to avoid it.
Well, those are your words.
But that's what happens when you start believing in fantasies such as "human shields". Try to stick to the facts and basic logic in the future.
For industries that aren't feeling those pressures, sometimes breaches of security will motivate them.
From TFA:
25% of the respondents reported that their data had been breached, with an overwhelming 42% of respondents who could not exclude the possibility of a breach
I'd be more interested in those who DID believe they could spot a cracker after the fact.
I'm not talking "what's this daemon running on my server" or "why are all these warez on my server".
I'm talking someone cracking your server and copying your data last year. Without installing anything that could be traced.
There are very few people who really know that their systems have not been cracked. And those people would be the ones who would be instantly aware if they were cracked tomorrow.
I'm fighting with our programmers right now about how they should put confidential information on our website. They want to link from the website in our DMZ to the database server behind our firewall. So anyone who can crack the webserver has a direct line to our database server.
But all of the other approaches are "too hard" or "too time consuming".
Nevertheless, there have been a lot of civilian deaths, so to explain that you could argue that the world's foremost military is actually a wildly irrational organization incapable of grasping that it's helping its enemies.
So you admit that there have been lots of civilian deaths.
Or you can argue that insurgents have worked out a good way to avoid getting shot.
Ummm, did you somehow miss your own statement about "a lot of civilian deaths"?
It doesn't seem like it is "a good way to avoid getting shot" when we are shooting them and anyone near them.
Personally I'd employ Occam's razor at this point and go with the latter.
Seeing as how that would require that the "insurgents" be both dead (lots of civilian deaths) and alive (good way to avoid getting shot) I think you should really review what "Occam's razor" is.
Which gets back to my other post. It's not "anonymous" when it is "fraudulent". We can protect anonymity but we should be punishing fraud.
If you're sending email to a spamtrap, it's spam.
If you're sending email to a dozen or so individuals who you have PERSONALLY selected based upon some criteria other than you have their email address, then it is probably allowable under "anonymous".
100,000 messages... fake domains... spoofed IP addresses... I don't care what you're sending, it's spam.
Agee noted that in order to send an anonymous e-mail, the sender must "enter a false IP address or domain name."
No. That is wrong. You can be anonymous without spoofing IP addresses or faking domain names.
And "the right to engage in anonymous speech, particularly anonymous political or religious speech, is 'an aspect of the freedom of speech protected by the First Amendment," Agee wrote, citing a 1995 U.S. Supreme Court opinion.
Correct your usage of "anonymous" first and then I might agree with you.
The court noted that "were the 'Federalist Papers' just being published today via e-mail, that transmission by Publius would violate the [current Virginia] statute."
It appears that the idiot "boss" is attempting to generate support for the claim that this guy is a "problem" by paying unreasonable amounts to "repair" the "damage" he did.
It's difficult to "prove" that a guy did millions of dollars of "damage"... without a bill for millions of dollars of "repairs".
Any competent network admin could map out the network and document it for FAR less than the hundreds of thousands of dollars that is being thrown about.
a) What is critical to you may not be critical to me
And who are you? Seriously. Why is your opinion of what is "critical" worth anything in this discussion?
b) Keeping them offline might make sense for security, but it makes servicing them more difficult, and so more people need to be hired, and so it is more expensive (which is bad, apparently)
And the cost of hiring those people vs the cost of cleaning up after an attack? Skipping security is ALWAYS cheaper. As long as you never consider the cost of an attack.
c) Sometimes, critical systems need to be online, and widespread. For example, if banking wasn't networked, then ATMs wouldn't work. If you had your license suspended, it would take hours to get that information to all the other cops, and you could keep driving without penalty. Also, work-from-home wouldn't 'work', and corporate VPNs would be pointless.
#1. ATM's. No. They were not originally connected to the Internet.
#2. Driving license. So what? That would catch up to you after the traffic tickets were entered into their system.
#3. Corporate VPN's. We're talking critical systems here.
Critical systems *should* be connected to the 'net, so we can have access to them. But, they should also be better protected, and backed up offline.
Wrong. There is access to them without having them connected to the Internet. Just as it was back in 1990.
All of your reasons come down to "cheaper".
"Cheaper" should not have more weight than "secure".
I use email because: #1. It is self-documenting. If you ask me the same question next week, I'll forward you the email I sent you last week.
#2. It is self-documenting. If you want to claim that you didn't agree with something next week, I'll forward you the email where you did agree with it last week.
#3. It requires a LOT more thought than talking. That means that people have to THINK about what they want to say rather than calling me and uh, well, I was, uh, that thing, it, uh, was, uh....... Why waste MY time for YOU to get YOUR thoughts in order?
#4. It allows me to send you lists like this. I can identify each point and if you have points to add, you can add them. You can reply to my points, by number.
#5. All of the above WHEN IT IS CONVENIENT FOR ME. (and when you consider it convenient for you). You have a RECORD that YOU involved me. Now the ball is in my court. I will get to it as soon as I deal with the issues that are more important. And I expect the same from you.
FUCK "immediate human contact". The people I've encountered are (generally) not pre-disposed to clear communication. They are easily distracted and LOVE personal anecdotes and trivia. That's fine when I'm at lunch or grabbing coffee or whatever. NOT when I'm trying to fix a problem before it impacts the entire company.
When I'm working, I am WORKING. I expect the same from you.
Put it in email. That way we'll have documentation for who was involved in the decision, what the decision was, why we decided that way, what criteria we considered and what options we discarded.
If we have a "face to face" meeting, then SOMEONE is going to have to take notes about that and THEN write up those notes and get everyone's sign-off on them so they can be used as documentation.
My current CIO hates the way I use email. I believe it is because he hates having a papertrail of his decisions.
The benefits of analysis-based energy management include lower costs for energy, decreased equipment maintenance costs, a reduced carbon footprint, consistency across the real estate portfolio, and increased effectiveness and decreased cost of the extended enterprise, says Dan Sharplin, CEO at Site Controls, a building automation supplier.
In order: No. No. Maybe. WTF does that mean? No. and no.
Saving energy in IT means two things. #1. Reducing usage. #2. Buying more efficient components.
Since, if anything, usage demands grow over time the only thing you're left with is hoping that someone develops components that deliver the same performance at a lower power cost.
If you want to cut the power usage of the IT department, encourage remote workers. It doesn't help overall, but it moves the power usage to the user's home.
Since the "reward" offered seems to be less than the regular fee that a company would charge for such, why would any recovery company waste resources on it?
Why not teach pre-scientific belief as pre-scientific belief to put the science in context?
Okay class, this week we will be covering the beliefs of the pre-European Native Americans of the Pacific Northwest.
Now imagine how long it would take to cover every belief.
That's why.
Teach what people believed before science, when science began to predict it better, and people's reaction to science (e.g. Catholic persecution of Galileo Galilei).
I attended a small high school in central Missouri. Galileo's persecution was covered. Why wasn't it covered in your's?
This might help students appreciate the contributions of Charles Darwin and other pioneers of evolution theory.
Again, wasn't that covered in your's?
I think we spent less than a minute on the "Scopes Monkey Trial".
And we did go through the early Geocentric model of the universe. Again, less than a minute.
WHY teach non-science in a science class? There isn't much time for teaching real science. Just look at the moderation points in this thread to see that.
Teach who Darwin was and what he did and how it was VERIFIED. Then, if you have a minute or so, you can teach how he was persecuted for his work.
But do NOT waste time teaching non-science in a science class. If you must teach it, put it in the appropriate class. Such as comparative religions.
It's not just about 3D. As you implied, we use more than our sense of sight to grab and hold something. But computers can only provide visual information.
Why can't I reach into my jacked to get the pistol that I can FEEL against my chest?
And if we're going to be using "first aid spray" as a healing potion, does anyone really care if it's equipped to a status bar on your screen or if you have to flip to a different screen view to choose it?
Slashdot Mirror
Wow. Someone who actually advocates that non-technical managers look in "published articles" for insight.
My experience has been completely the opposite. I have to continually fight to stop management from wanting whatever magic bullet they just read about in an in-flight magazine.
So your situation is more like 2 technically knowledgeable managers (one Windows and one Unix) and a rubber stamp from the guy who is "above" them.
Now, what happens when the rubber stamp guy has a limited budget ... but the Windows manager wants to spend 51% of it on a Windows project ... and the Unix manager wants to spend 51% of it on a Unix project?
You have the kind of manager that you describe.
He is is charge of two people.
Those people are telling him two different things.
How does he choose what to do?
Why?
I have been in that situation many times.
The problem is that the less technical the manager is, the easier he is to be swayed by vague promises and hand-waving.
And without the specialized knowledge of that field yourself, how do you know that they know their job?
See above.
Anyone who believes that technical knowledge is superfluous to a manager is deluding themselves.
Actually it does.
So by "safest" you mean "killed".
That's a usage of "safe" that I was previously unfamiliar with.
Read your remark about "a black eye in the press".
By your "logic", that means that ...
Well, those are your words.
But that's what happens when you start believing in fantasies such as "human shields". Try to stick to the facts and basic logic in the future.
From TFA:
I'd be more interested in those who DID believe they could spot a cracker after the fact.
I'm not talking "what's this daemon running on my server" or "why are all these warez on my server".
I'm talking someone cracking your server and copying your data last year. Without installing anything that could be traced.
There are very few people who really know that their systems have not been cracked. And those people would be the ones who would be instantly aware if they were cracked tomorrow.
I'm fighting with our programmers right now about how they should put confidential information on our website. They want to link from the website in our DMZ to the database server behind our firewall. So anyone who can crack the webserver has a direct line to our database server.
But all of the other approaches are "too hard" or "too time consuming".
So you admit that there have been lots of civilian deaths.
Ummm, did you somehow miss your own statement about "a lot of civilian deaths"?
It doesn't seem like it is "a good way to avoid getting shot" when we are shooting them and anyone near them.
Seeing as how that would require that the "insurgents" be both dead (lots of civilian deaths) and alive (good way to avoid getting shot) I think you should really review what "Occam's razor" is.
The "terrorists" were using "human shields".
Despite the fact that such tactics NEVER seem to stop us. You would think that the "terrorists" would learn, wouldn't you?
They certainly seem capable of learning in ever other situation.
No, the "human shields" line is a lie. It's something they can repeat to themselves and others to justify the killing of innocents.
Without ever acknowledging that it is the killing of innocents that turns people into "terrorists".
"Volume" as in "number of messages".
Which gets back to my other post. It's not "anonymous" when it is "fraudulent". We can protect anonymity but we should be punishing fraud.
If you're sending email to a spamtrap, it's spam.
If you're sending email to a dozen or so individuals who you have PERSONALLY selected based upon some criteria other than you have their email address, then it is probably allowable under "anonymous".
100,000 messages ... fake domains ... spoofed IP addresses ... I don't care what you're sending, it's spam.
Why do you believe that it is the only method?
You can nail it to a telephone pole.
You can print it and leave it at bus stops.
People have even nailed things to church doors.
What is it about this subject that makes people turn off their brains?
What part of that concerns sending a million unsolicited \/1agr4 messages?
In your world, is it considered okay to use hire a dozen people with bullhorns to spew political rhetoric around someone's house at midnight?
No?
OMG! They're taking away FReedom of SPEech!!!111
No one said that he could not publish whatever he wants.
The problem is his DELIVERY of it to people who do NOT want it.
No. That is wrong. You can be anonymous without spoofing IP addresses or faking domain names.
Correct your usage of "anonymous" first and then I might agree with you.
Bullshit. You still don't understand "anonymous".
What happens when the customer comes back NEXT weekend and tries to get the "guru" that gave him the advice to buy the Vista box?
Okay, grab a different "guru". Why can't you answer my question? The other guy said that it WOULD work.
It's not going to take many episodes like that before this becomes a disaster for them.
The "hero" is the guy who rushes in in the middle of the day to fix the "problem" that is costing the company so much money.
Never mind that he is the one who caused the problem in the first place.
The ninja does the upgrades during the night/weekends and the users never see any difference.
Now, which admin is seen as more valuable?
The lesson is that even ninjas need to market themselves to their organizations.
It appears that the idiot "boss" is attempting to generate support for the claim that this guy is a "problem" by paying unreasonable amounts to "repair" the "damage" he did.
It's difficult to "prove" that a guy did millions of dollars of "damage" ... without a bill for millions of dollars of "repairs".
Any competent network admin could map out the network and document it for FAR less than the hundreds of thousands of dollars that is being thrown about.
What would you think of a doctor who, because some exec somewhere decided he should, pushed the WRONG medication / procedure to you?
Where does your ethical responsibility end and the boss's desires begin?
To me there isn't even a question. Fire me. Go ahead. I will get another job.
From what I've read, his "hijacking" was limited to refusing to give the passwords to his boss whom he considered an idiot.
Given that they cannot hunt down a single device on the network, I'd have to agree with that assessment.
MAC address ... switch port ... it should be easy.
And who are you? Seriously. Why is your opinion of what is "critical" worth anything in this discussion?
And the cost of hiring those people vs the cost of cleaning up after an attack? Skipping security is ALWAYS cheaper. As long as you never consider the cost of an attack.
#1. ATM's. No. They were not originally connected to the Internet.
#2. Driving license. So what? That would catch up to you after the traffic tickets were entered into their system.
#3. Corporate VPN's. We're talking critical systems here.
Wrong. There is access to them without having them connected to the Internet. Just as it was back in 1990.
All of your reasons come down to "cheaper".
"Cheaper" should not have more weight than "secure".
I don't care WHAT the reasons for connecting them to the Internet are.
The fact that it allows anyone in the world, anywhere, anytime, a chance to attack your systems is the only reason needed to refuse that.
Fortunately, I don't care about reviews any more.
I use email because:
#1. It is self-documenting. If you ask me the same question next week, I'll forward you the email I sent you last week.
#2. It is self-documenting. If you want to claim that you didn't agree with something next week, I'll forward you the email where you did agree with it last week.
#3. It requires a LOT more thought than talking. That means that people have to THINK about what they want to say rather than calling me and uh, well, I was, uh, that thing, it, uh, was, uh ....... Why waste MY time for YOU to get YOUR thoughts in order?
#4. It allows me to send you lists like this. I can identify each point and if you have points to add, you can add them. You can reply to my points, by number.
#5. All of the above WHEN IT IS CONVENIENT FOR ME. (and when you consider it convenient for you). You have a RECORD that YOU involved me. Now the ball is in my court. I will get to it as soon as I deal with the issues that are more important. And I expect the same from you.
FUCK "immediate human contact". The people I've encountered are (generally) not pre-disposed to clear communication. They are easily distracted and LOVE personal anecdotes and trivia. That's fine when I'm at lunch or grabbing coffee or whatever. NOT when I'm trying to fix a problem before it impacts the entire company.
When I'm working, I am WORKING. I expect the same from you.
Put it in email. That way we'll have documentation for who was involved in the decision, what the decision was, why we decided that way, what criteria we considered and what options we discarded.
If we have a "face to face" meeting, then SOMEONE is going to have to take notes about that and THEN write up those notes and get everyone's sign-off on them so they can be used as documentation.
My current CIO hates the way I use email. I believe it is because he hates having a papertrail of his decisions.
From TFA:
In order:
No.
No.
Maybe.
WTF does that mean?
No.
and no.
Saving energy in IT means two things.
#1. Reducing usage.
#2. Buying more efficient components.
Since, if anything, usage demands grow over time the only thing you're left with is hoping that someone develops components that deliver the same performance at a lower power cost.
If you want to cut the power usage of the IT department, encourage remote workers. It doesn't help overall, but it moves the power usage to the user's home.
It's about money.
Since the "reward" offered seems to be less than the regular fee that a company would charge for such, why would any recovery company waste resources on it?
Okay class, this week we will be covering the beliefs of the pre-European Native Americans of the Pacific Northwest.
Now imagine how long it would take to cover every belief.
That's why.
I attended a small high school in central Missouri. Galileo's persecution was covered. Why wasn't it covered in your's?
Again, wasn't that covered in your's?
I think we spent less than a minute on the "Scopes Monkey Trial".
And we did go through the early Geocentric model of the universe. Again, less than a minute.
WHY teach non-science in a science class? There isn't much time for teaching real science. Just look at the moderation points in this thread to see that.
Teach who Darwin was and what he did and how it was VERIFIED.
Then, if you have a minute or so, you can teach how he was persecuted for his work.
But do NOT waste time teaching non-science in a science class. If you must teach it, put it in the appropriate class. Such as comparative religions.
It's not just about 3D. As you implied, we use more than our sense of sight to grab and hold something. But computers can only provide visual information.
Why can't I reach into my jacked to get the pistol that I can FEEL against my chest?
And if we're going to be using "first aid spray" as a healing potion, does anyone really care if it's equipped to a status bar on your screen or if you have to flip to a different screen view to choose it?