The security of your wireless network is essential. You have to linux routers setup at either end. You may have done so already, but don't depend on the WAP builtin to the wireless cards. It is easily circumvented. You strong encryption on the router-router connection. Perhaps obvious, but I would rather state the obvious and be sure you are aware of the matter.
I work for a small private college and we have been looking at VoIP solutions. We are currently on a Centrex (sp.) setup which is basically a situation where we rent our lines from the phone company for a per month charge. No PBX or any similiar equipment. The solution is extremely expensive for 1200 phone lines (800 are inactive 4 months out of the year and are turned off to save $$ - dorms). We have looked at both VoIP and PBXs. VoIP provides consolidation of your voice and data networks which can be quite convenient. I have read of security issues with VoIP, but I cannot really say much about them without further study. The payback on VoIP vs. PBX is pretty substantial. VoIP payback 3 years, PBX 5 years. VoIP is easy to scale and grows with you pretty easily. PBXs require planning because if you buy too small a PBX and fill it to capacity, you have to buy another PBX with another 5 year payback when you may only need a few extra lines. VoIP doesn't have this problem.
Cisco bought a VoIP software company a few years back and has open sourced all of the software necessary to setup a VoIP solution on your own. The website is vovida.org. Also, O'Reilly sells a book (referenced on the vovida.org website) that describes how to use vovida.org to setup a solution.
You will still need to buy some hardware. VoIP phones or VoIP phone software will be needed for the new building. VoIP phones are between $200-???/unit. The phone software is cheaper and essentially gives you a softphone. There are free softphones for linux, for windows, you can purchase them for under $100 I believe.
I don't know how difficult to setup the free voip software is, it is probably best to pay someone to support a solution for you. Be sure to shop around, we encountered many subpar vendors. Also, PBX solution providers get pretty cooperative when you start talking about VoIP. It really depends on how many phone lines you require and what your future plans are. If you planned on upgrading your data network or expanding, VoIP can fit nicely into those plans. But if you only need to add 10 phone lines, then it would seem kind of drastic unless you are going VoIP company wide. Since we lease all our lines and want to upgrade our data network anyway, VoIP will save us alot of $$$. The quicker payback also saves us alot of $$$. The scalability also saves us alot of $$$. We can just buy what we need.
You just need a way to get a few lines over a wireless link from the sound of it. I hope this helps a little.
Maybe you could patch something together from vovida.org for those few lines. Check it out.
If 5% of your customers use a different browser than IE, and you want to get the most value from your website, create pages that work for both. Getting ROI from a website is hard enough without throwing away the opportunity to catch that 5% by making your pages compliant. If you spend money on your website to make it valuable to you and your customers, why not spend some extra $$$ to make it viewable by everyone. Other browsers do have a user base no matter that 95% use IE. That 5% is not going away. If you start designing standards compliant and then introduce browser specific variations as needed, it is much easier than designing a page against and quarky and moving implementation and then trying to make it work with another browser. Remember, the browsers are trying to implement the standards, so it makes more sense to start with the standards and alter them as necessary. Microsoft has stated its support for web standards, so each new version of its browser is going to be moving closer to web standards.
If you like sci-fi, look at the changes in the explanation of evolution over the past two decades as delivered in sci-fi tv series/movies. Compare Star Trek TNG series (80s) to the x-men movie. TNG pushes theory (1) [see above] while the x-men movie pushes theory (2). From the x-men movie, the rapid changes would seem to happen w/o any obvious external catalyst. Perhaps like garbage collection in some programming languages, it produces a rapid change when enough changes in memory usage occur and/or the need for space to continue expanding. While sci-fi may not be the best source of information on scientific theories, it certainly is useful in providing historical insight into how science has changed.
Observing evolution everyday? The underlying explanation of the evolutionary processes at work has been in a state of flux for the past 200 years.
(1) Evolution happens over a long period of time with small evolutionary changes over 100s of millions of years.
(2) Evolution happens over a long period of time, but instead of small evolutionary changes, rapid change occurs for several thousands of years every several million year or so.
Number (1) is being slowly displaced due to a lack of sufficient fossil evidence for all of the necessary intermediate forms required by the small change model.
Number (2) is currently the more widely embraced theory. So if the definition of what is happening keeps changing, how can you see it everyday?
Evolution is a theory for a reason. Facts don't change, theories change.
The comment below explains RC4-HMACs role in the kerberos authentication process.
For ACLs as they relate to vms and nt/2k was what I was referring to and should have clarified since the material I referenced was a reference from an article about nt/2k/vms ACLs and historical difficulties with ACLs.
As for your comments on kerberos and rc4, see the paper I reference in my other post for an introductory reference.
Concerning rc4's vulnerabilities, the suggestions you gave are mentioned in the rc4 link, and also list references to cryptanalysis papers concerning rc4 and possible attack methods. The one concerning the statistical attack was the one of particular interest.
I will list more references in the future with my posts. One solid one seemed sufficient at the time.
My intention was to point out issues in active directory.
"Designed for" and "successfully does so" are two entirely separate matters. The material you reference is a statement on the website. No reference to any cryptanalysis papers stating to the contrary. Just a statement of design intention from the creators.
Here is a paper that starts to suggest some problems with kerberos as implemented in active directory.
The author of the above article references dictionary attacks. Recent developments in the cryptanalysis of rc4 and it's variants make the situation much more grim.
http://www.wisdom.weizmann.ac.il/~itsik/RC4/rc4. ht ml
It is not necessarily kerberos itself that creates the problem. It is the mechanism surround the exchange of the encrypted timestamp that poses the threat. PKI is an existing option in active directory that eliminates the issue. SRP would be a nice additional option.
Example: Instead of the mechanism that uses rc4-hmac, PKI or SRP would be used instead.
Why are people that post about supposed numbers from organization x saying that product y is lost z% of it's market share always post as anonymous cowards with no reference links.
ACLs have been proven to be considerably less secure and harder to audit than UNIX permissions.
http://www.wikipedia.com/wiki/Computer_Security
There have been several papers examining the subject. See the above article and the confused deputy problem for details.
ACLs are certainly more flexible in certain cases than UNIX permissions. But flexibility usually has a cost, as aforementioned.
I agree with you on LDAP, it is a great way to centralize security. UNIX would certainly benefit from a clean way of tying the two together (PAM is only part of the puzzle and is certainly not simple to setup in my opinion).
Kerberos? It was never designed to resist attacks in which a listener can capture packets. That pretty much means how secure active directory is depends on the physical security of your network. If someone can get onto your network you out of luck. Why? Well, because your domain controller encrypts an ascii timestamp with your password when a request is sent to it to logon as a certain user. An RC4 cipher is used and given that RC4 has been torn apart cryptographically, that you know atleast a 80% part of the ascii timestamp because the dc will happily tell you the time, you have plenty of info to crack the password.
Since MCSE's like defaults, I would imagine and as far as I have seen, most admins use the out of the box kerberos authentication as is. In there defense, Microsoft does offer the use of PKI in place of RC4 which is resistance to these particular attacks, but it generally requires a smart card reader and smart cards to deploy. There is an additional substitution option, but I cannot vouch for the strength of it either. Hopefully, microsoft will use a strong authentication protocol like SRP in the future in place of the weak mechanism included in there kerberos implementation.
I think that the parent post says it all, despite the remix attempts in the child post. A very old industry who has historically fought technological changes that it perceived as harmful to its archaic business model is at it again. The ??? reminded me of the dotcom posts in the last year concerning open source business models. Economically, adapt or die applies to all companies, even well funded and well lobbied ones. As before, the parent post says it all.
A major piece of information people seem to be ignoring concerning the peru legislation and the california legislation is that the proposals are not saying we will only use gpl/open source software only. The law merely states that the government will not purchase software from companies who place restrictions on the use of there software/source code which will prevent the government from acting in the public interest. A company selling a product with draconian licensing terms gets quite a bit of pull by handling a large government contract since all businesses that interact with the government will most likely be forced into using the same software. A government should not create monopolies in this manner with public funds. Such an attitude goes against all the trust-buster legislation we have in place. The government is here to service the people, not to help aging businesses protect there obsolete business models.
I agree. The sapdb uses a non-standard build system instead of open source tools like automake, autoconf, make and/or ant. Actually, ant would be a nice build tool for sapdb. Converting to a standard build tool would really help get more open source developers interested in trying to unravel and improve the code. While the pascal/c++ mix might be strange, I think someone would hack-a-way at it (I would) anyway if the build tools had an atleast familiar feel. When I setup sapdb, it was definitely more difficult to setup than mysql. I really liked the feature set and I almost used it for a production project I am working on now. It has a lot of potential, but sap is going to need to push towards using the tools the open source community is familiar with.
This guy actually posts a perfectly legitimate question and he gets "ragged on" for doing so. I see about 3 *possibly* helpful posts and the rest are just putting the guy down and saying he is incompetent. Could those people please shutup? Only answer if you can help him. Otherwise you are just a moron who knows less than he does and wastes a lot of posts with non-sense. Be more professional and just answer the guys post if you have something beneficial to helping him with a solution instead of posting crap. The guy asked a question and he admits he could use some help making the best possible and most informed decision. That makes him by no means an idiot. I am reminded of a saying my 7th grade teacher had posted on his fall back in junior high school, "He that asks a question is a fool for 5 minutes. He who does not is a fool for a lifetime."
Some many consultants fit the latter in that they think they know it all and won't ask anyone for help. Funny how sayings stick with you for so long in life.
I can suggest an alternative. Use net folders in Outlook and a standard mail server (smtp/pop3/imap) and you can get most of Exchange's features (shared calendaring being a big one).
I haven't seen too many developments in technology (consumer applications) for the consumer to get excited about. How is Microsoft Windows XP going to inspire the excitement that Microsoft Windows 95 did? The pc has been around a long time now. The Tablet PC that Bill Gates demonstrated at Comdex looks pretty impressive. I would put it in the webpad class of devices. I have used various pdas and I have checked out the specs on a lot of the webpad prototypes that various companies have developed. For me, the devices are all missing something, ethernet. Some of them use wireless 802.11b which is fine. But connectivity is expensive, especially from a consumer point of view. I would buy a webpad class device right now if they would include ethernet as a built in feature. LCD screens are very expensive still. How does Microsoft intend to create tablet pcs with attractive feature sets and yet keep the cost low enough for people to buy?
The post I am replying to is by far one of the best explanations of what makes a science different from a religion that I have ever heard. Most stop at saying something like:
"Only problem is, Creationism is the basis for a religion. Evolution is not. "
This is a very empty statement. Many religions are based on explanations of reality based upon things one cannot observe. It involves believing an explanation for an aspect of the real world that you cannot directly or even indirectly observe or perceive (either that conclusion is stated in the explanation or is deduced by the individual believing the explanation).
"Science is not "proved". Science can only be disproved."
The above phrase does an excellent job of describing what science is at its core. Science involves making observations and formulating an explanation based on consistent or inconsistent empirical evidence. When enough empirical evidence is gathered to provide an explanation, an explanation gains plausibility and is taken as the best explanation until other observations and empirical evidence state otherwise. Essentially, "Science may only be proven wrong."
The sciences began with early philosopher's such as Socrates, Plato, Descartes. Even earlier than those individuals. At one point in time, the composition of substances was attributed to 4 elements (earth, wind, fire, and water). The idea was that when wood was "burned"--the wind and fire within the wood was released--however, until burned, earth and maybe water were the only evident elements. The observations made were very superficial and certainly not empirical in nature. However, scientific thought and processes improved to focus on empirical evidence over superficial observations and the aforementioned theory was disproved by overwhelming evidence.
I have heard proponents of religion present arguments that concentrate on the "observation" part of science. Christians often compare saying "we believe in what we cannot see" and you science people "choose to believe in what you can see". There by an argument is made that both "science" and "christianity" and "islam" and all other "religions" are built on faith in something. That is very true for all "religions". But science is not just about "observation".
Science is about observation, repetition, different people doing the same experiment and getting the same results consistently. Science is about stepping back and using the process of reason to look at every aspect of the collected observations and experiments and making a solid conclusion which is then improved upon by the same process.
Science "evolved" from the thought processes and tools of the early philosophers. Science is based on reason, the core of the human mind.
So many great technologies that we enjoy today are products of the approaches developed by and furthered by the human race.
"Science can only be disproved."
Science provides explanations for the real world. They make sense of the real world. Engineering, chemistry, physics, biology, etc. all have developed to the point they are now because of the work of these early philosophers.
Science provides observations and repeatable experiments that define rules that can be repeatedly observed over and over again. It is this technique that has allowed the development of genetic technologies, modern medicines, electronic equipment, etc.
"Science can only be disproved." That is science's strength and perhaps the greatest truth about it. Science is improving the world and in doing so, science is being improved. Some of the changes are radical, some miniscule. If science is always improving, that also means that it is also always being disproven. I have never seen a comprehensive scientific explanation that lacks holes in explanation, evidence, or consistency.
Socrates believed in starting from the foundation and building on correct premises all the way from the beginning in order to obtain a correct conclusion. However, his initial premise was that the process of reason itself was truth. Of course one has to start somewhere. Reason itself dictates that a conclusion of a premise cannot be the premise itself. So by the rules of reason, reason cannot be proven.
As humans, we put faith in what gets results. At whatever level that may be. Some find the idea of "going to a better place" comforting while mourning a passing relative.
Science has gotten results in many areas throughout history. We certainly would not be where we are today technologically without it. However, it has implied limitations in the very aspect of it that makes it so powerful. "Science can only be disproven."
Socrates and the other philosophers put faith in reason. By faith I mean they accepted that something was true w/o seeing it--I believe that is the definition portrayed throughout most poetry and art as well as being a christian definition.
We all depend on reason and put faith on it at some level. But at some level, we all abandon it as well. Is every decision a human makes rational? Of course I would have to define each word, but that very statement alone is a deep philosophical question.
Is science a religion? Science is based in reason and observation and historically emerged from the work of early philosophers. Other religions are based on similiar ideas but also incorporate explanations not based on reason or observation. Assuming science is not based on explanations based outside of reason and observation, is it unique?--YES.
Does uniqueness make something more truthful or a better approach? No. Historical evidence says otherwise.
So why is it that when science is defended, it's uniqueness from other approaches is stressed, while the very aspect of science that makes it powerful is ignored?
Does the fact that science is based on empirical evidence and observation make it a better approach for developing an accurate understanding of the real world? YES-if the problem is one that is rationally solvable.
However, as humans, are very nature indicates that we are not rational people. So while science is a good tool for developing many kinds of solid explanations in the real world, it can do little for the problems we humans face in dealing with ourselves. Whether we know why we act irrationally is irrevelant since it is incapable of helping us deal with ourselves any better.
Now as for creationism vs. evolution, the question is, does science offer a better explanation than creation? What is a better explanation for you? Science starts from the ground up and tries to work up to an explanation for creation. Christianity and other religions start at the top and work down. This is also why so many arguments are mismatched when the two sides debate. Science says "we want the details", "we have ours, where's yours?". Christianity says "we have the big picture", "where's yours?" The problem is that science will never have a big picture because it will continually disprove itself to improve itself causing large amounts of the big picture to get shifted so much that it will never look the same way twice (think about the butterfly flapping its wings and its impact on the weather--see chaos theory if you don't understand). Christianity on the other hand will never have the details to fulfill our rational minds leaving us always searching. Science and Christianity will never see eye to eye for those very reasons.
Either approach has it's drawbacks. The big issue is, what should be taught in school? Since both beliefs supply explanations for the certain groups of problems, and since both techniques are practiced, both must be taught to uphold the constitution.
The toughest part of that whole problem is that science and technology have become essential in sustaining human life at certain quality levels. It also drives much of the economy. Lobbyists are so effective at keeping it in schools and christianity out for this very reason. It is not a, oh, this one's better because it is staying in schools while creationism is out.
Anyone who believes it provides better explanations for all aspects of human existence and reality is deceiving themselves?
Even if you don't believe in Christianity, scientists will sometimes assume a basic principle is false in order to expose hidden opporunities for better explanations. So at the very least, other religions are valuable to expose students to for that very reason.
Anyone that makes it this far, thank you for reading.
I hope something I said will encourage you to think about the ideas you have accepted and taken for granted, and it will make you take an interest in truly learning about the ideas you have ignored.
Trying to apply a real world analogy to the digital world is like designing filesystems like file cabinets which in itself is a bad analogy. Imagine a corporation that sells padlocks. You buy a padlock for your home, your neighbor buys one, pretty soon, 60% of the people in your city have one, then the state, then the country. Now the locks are everywhere. A thief by trade discovers that all the locks open with the same key. The keys look different when examined, but they all have the needed notch to open any of the locks. The thief will keep this secret quiet most likely since it is an unknown. He will break into homes with those locks and have his pick of any home using them. He can go one at a time and steal whatever he wants with ease. Now let's say a customer reports to lock maker corporation that he noticed the problem. The corporation says, oh, it is just a bad batch of locks, we only sold a few with that problem. We will send you a new lock. The customer receives his new lock and tells a his friends/neighbors. Some of them hear it and also receive new locks. But eventually, as communications theory goes, the lock problem won't go much further outside the center individual. It may even be ignored. The corporation will not alert its customers since it would cost them both refund/replacement money and future sales. They would rather wait and let you buy their next product in a few years than give you the safety you thought you payed for. The might even use the info in a watered down form (diverting their responsibility) to sell the latest model in a few years. Now suppose the thief made the information public. Now the corporation has to respond to its customers for the low quality product they sold them. Now customers will be aware of the problem. However, more thieves will also be aware of the problem. However, the customers have a chance to respond to the danger they believe they are safe from. The incident costs the company a lot of money and increase the number of break ins that would have occurred if customers ignore the warning. The corporation selling the product hurts financially. If the customer doesn't respond to the warning, they hurt financially as well since their house may be broken into. But the customer has a chance to respond where if the information is not disclosed, no such chance exists. The company won't tell. I believe that is what this whole criticism of hackers is about. It is keeping sysadmins on their toes. It is keeping companies on their toes to fix their products and test them better. That is what is making the industry angry. I believe their are a lot of sysadmins who should be saying "May I help you", not running a company/school network. So the new version of that product has cool and easy to use interface, do you know anything about what you are configuring? Do you keep yourself well informed on security issues or depend on a vendor or an "it won't happen here" policy to save you? If you are, you should choose another line of work. The benefits to consumers and computer science in general are enormous when security systems are open to public scrutiny. A "black hat hacker" may not be stopped since he is capable of finding his own exploits and will take the time to find and code tools to exploit them. All the other individuals who attempt to wreak havoc, steal information, etc. from your company will flock to these premade tools. Premade tools encourage many who wouldn't attempt such a feat for lack of skill/tools to wreak havoc. But the premade tools also cause the rest of them to gravitate towards tools that because the exploits/tools are documented publicly, provide you company/school a defense against intrusion and a easier path to detecting intrusion so that damage and theft can be minimized if not eliminated. Most of the time, the information will cause the individuals to gravitate around the exploit, preventing them from using their creativity to locate new security holes and build tools themselves that are significantly more difficult to detect. It prevents in that they are less likely to think outside the box once they have been contaminated by the contents of a publicly known exploit. Openness is the only way to be secure. But it will cost unprepared organizations and sysadmins a great deal of money and trouble. But maybe those sysadmins should be working at McDonalds anyway.
Assuming this is setup, with that high of a voltage, I wouldn't want any physical connection between the dsl modem and my computer. Let them convert it to optical and run a fiber line into the pc (fiber nic in pc) or maybe use an infrared or other wireless technique. No physical connection electricity can travel in though-not me...:0
Isn't anything that is available electronically being devalued by the ease of duplication? The reason for purchasing an item is because (You cannot produce the item yourself (lack of skill to produce the item, higher cost to produce it yourself, too much time to produce it yourself (or saves you the time). There seem to be to parts to an item, the blueprint that tells how to make the item and the finished item. A car company keeps the blueprints for its vehicles secretive. Another car company could reverse engineer the design or steal the plans, but legal action can be taken because the other car company is known to be the guilty party. A single entity. A record company records a master for an artist. They then distribute it on cd. Efficiently duplicating the item and with good quality was difficult and expensive. Such as a taped recording of a cd or record for use in a car. People become able to burn their own cds, so efficient copying is now possible but still pretty expensive and somewhat technical in nature for less than savy computer users. Now comes mp3s. Ripping a file off a cdrom becomes easy, but still may be beyond a lot of computer users capabilities in terms of understanding. But copying a file that someone else made and makes freely available, that is easy. The previous model for making money off recordings ceases to work because value has been taken away from the model itself. Duplication is easy. Unlike a car, in the case of music, the blueprints and finished item are one and the same. So what do you do? When this type of devaluing has occurred, historically, legal approaches have failed. They only incite anger and uprising. Trying to restrict technology also fails (e.g. DIVX). I would say the best approach would be for record companies to merge with internet portals. If you want to get attention, the internet is becoming the place to be. If I were an artist, I would say focus on laws/agreements that permit you to track the amount of attention your music is getting (number of downloads, page visits, etc.). Make deals with one of the portal companies to record/distribute or just distribute your music exclusively on first distribution. By first distribution I mean the first time your music is made available electronically. A lot of people would love to send money to an artist whose song they have in there possession in mp3 format. There is no method for doing so currently. People want some way of doing that that is as easy as downloading the file. The portal could provide that service to the artist and take a cut (let the user know what % though!!!). Also, people would like to know that what they are downloading is the real thing. That is something that will draw people to the portal--to know that the music they are getting is authentic. There are so many possibilities with the internet--I cannot come up with it all on my own. But one thing is for certain, any item that is distributable electronically loses a lot of its value, value must be preserved, but it won't be preserved with legal proceedings and technological restrictions. Historically they have failed and will continue to fail. Those who do not understand the business end will lose--Lars said that. What if the business end doesn't understand the business end and the artist depends on them? I agree with Lars that napster-like portals shouldn't profit at the artists expense. They are using value that they didn't create. However, when you try to apply that to consumers using value that they didn't create, that model fails because consumers are the f(0)=0, f(1)=1 in the fibonnaci sequence. Laws and technology restrictions work for Fn = Fn-1 + Fn-2 companies in the world, but the consumer is a special case that makes the whole thing work. The same rules cannot be applied and be expected to work.
I don't use Windows 2000 Professional on any of the systems I use as of yet. However, I am using a Windows 98 machine where I work as a file server. I started out sharing a few simple files and it turned into a file server. NT 4.0 was not worth the time to install it. For what I needed, 98 did fine with permissions. It does crash from time to time though. I intend on loading Windows 2000 professional in the near future and using it as a file server. I have talked to several people that use it as a desktop os and they seem to be pretty happy with the results so far. I push a system a lot harder than a normal user, so I will know very quickly how Windows 2000 fairs as an OS. Stability seems to have definitely improved according to several friends. However, you better have some decent hardware to run it on. A pentium 400+ w/ 64mb+ ram and 6gig hd+ (larger drive usually means faster data access-helps a ton w/ virtual memory). I also use linux here at work. It works great for masquerading and proxying. I installed samba on a bunch of old 486s and set them up to share a printer. I won't go into detail, but in our particular situation, this beats a centralized print server. In my 3 years experience with linux, I have never had it crash for reasons other than a hardware failure. I have configured over 100 systems with various applications. One thing about linux is the learning curve. It is not the easiest thing to jump into and learn. A lot of my friends are interested in linux but don't even know where to begin. I did ALOT of reading and had some help from a linux guru friend--that is how I learned linux and my knowledge of it continues to grow. Linux is great for any type of server application I have seen to date. It scales well and requires minimal hardware. That will be a problem for M$ if embedded systems become dominant (NC, set-top boxes, etc.). Windows is easy to use--easier to use than linux. Linux requires you to have a good understanding of how a large portion of it works before you can use it. I know I know, Redhat, Suse, Caldera all make linux a bit easier by setting up the gui ahead of time for you. Things are improving in that respect. I have used Redhat, I have tried helping someone setup Suse (tar didn't work--eek), they have a ways to go. Debian is my distribution of choice. I couldn't believe how much better Debian is than the other distros I have seen. Sure, it might not be the most user friendly distro, but it works. Linux requires you to understand a good portion of how it works before you can use it, Debian is the same way. The other distros are more a DO-or-DIE based on what I have seen. If the distro doesn't recognize your nic, graphics card, etc., most normal users will toss it on a shelf after attempting an install and will reload an M$ OS. Linux's design is much more refined than M$. I can go throughout linux and step by step figure out exactly what is going on from bootup to shutdown. I can trace through all the scripts and find a path of execution. I can fix it easily or alter it's behavior and will and KNOW that it will work the way I have set it up to work. On the other hand, I setup a M$ operating system. It is easy to use, stable enough to use for a while (atleast a work day), but when I try to secure desktops to use in a computer lab, eek. Registry keys are changed that I have locked. It is interesting, some keys in the registry refer back to a single key. If you lock that single key, the value can still be changed through one of its aliases. Also, if you have a corrupt registry, you are usually done. There are some tricks at the DOS prompt w/ regedit, but usually, it is a reload (or a reghost in our case). We have found as our college has grown that it is easier just to reghost in most situations than to figure out why it happened. The answer is usually not worthwhile and certainly not worth the time. It is more cost efficient just to reghost a windows machine. Windows is a graph. I read where that the average path of one web page to another on the WWW is 19. Windows has had so many fixes and hacks applied, that it is more like spaghetti than anything else. But it is more user friendly and wins out on the desktop and will continue to do so. I am glad to see M$ decided to focus on stability and less reboots, those were much needed changes. But getting the spaghetti out will be a lot of work, if it ever happens. Linux and Windows each have their place. Windows is great because you can pull any intermediate/advanced windows user and turn them into a network admin. I watched to comp sci students that have never worked with windows nt, setup their own domain with pdc and bdc--they setup NT server 4.0 with ease. It may crash, everything may not work correctly, but you can pull Bob from accounting and have him setup your network for you when you get beyond the workgroup stage. That is the value of NT. At some point as you grow, bob becomes fulltime sysadmin. Then either bob is sent to M$ training or you hire in an MCSE. Then as you grow more, you add more M$ technologies. You go from exchange in pop3 mode to exchange in native mode. You add outlook 98 and calendaring. Then your domain becomes so big and your requirements so large, and manageability and stability start becoming serious issues and your system becomes difficult to maintain. You start incorporating linux, solaris, ibm technologies, or novell into your network. You hire in highly skilled personal to run those new systems. You do more with less people and less machines. Eventually, you are doing 10x the work w/ 1/20 of the people and 1/3 of the equipment. However, a lot of businesses don't hit that last stage, so they stay with M$ and that is where Microsoft is experiencing the most demand and growth for their server products. The enterprise will belong to IBM, Sun, Linux, and Novell because the products are more stable and scalable than M$. Well that is my $.02. Oh, one more thing, anyone that posts anonymously I ignore. If you won't back your statement with an identity, I don't really care what you have to say. Oh, just in case something happens to my post so that my id doesn't get posted: Login Name: Dark Fire Later...
If I am not mistaken, most credit cards make their money from interest payed on borrow money (very high interest). Some charge annual fees, but their real money is made on people paying late fees, other types of fees, and very high interest rates. Sure, a credit card could be used responsibly, I know many who do, but the credit card itself would not exist in its current (and profitable) form w/o irresponsible people. My theory is that credit cards started out as a bank service and when it was realized how irresponsible so many people would be with them and how profitable such a service could be, VISA, MasterCard, etc. were born. That is just my theory though. My great-uncle is a banker, but I do not like banks either. I put them into the same boat. I like credit unions much better. Credit unions are more community minded-money keeps circulating to-and-fro w/i the community. It is a great idea. Banks and Credit Card companies are siphons. Of course, the guy in the article will have to be tried by the letter of the law. If credit card companies know so many people are irresponsible, maybe someone needs to protect those people from such predators. Or maybe we just need to quit providing ways for people to circumvent responsibility in our society. That is my babbling for today...
Slashdot Mirror
Good point. If the power goes out and the wireless equipment/VoIP phones are not on a UPS, the phone system to that whole building goes down.
Sorry about the bad grammar, I was editing my posts alot.
You have to linux routers ==> You have two linux routers
You strong encryption on the router-router ==> Use strong encryption on the router-router
etc.
The security of your wireless network is essential. You have to linux routers setup at either end. You may have done so already, but don't depend on the WAP builtin to the wireless cards. It is easily circumvented. You strong encryption on the router-router connection. Perhaps obvious, but I would rather state the obvious and be sure you are aware of the matter.
I work for a small private college and we have been looking at VoIP solutions. We are currently on a Centrex (sp.) setup which is basically a situation where we rent our lines from the phone company for a per month charge. No PBX or any similiar equipment. The solution is extremely expensive for 1200 phone lines (800 are inactive 4 months out of the year and are turned off to save $$ - dorms). We have looked at both VoIP and PBXs. VoIP provides consolidation of your voice and data networks which can be quite convenient. I have read of security issues with VoIP, but I cannot really say much about them without further study. The payback on VoIP vs. PBX is pretty substantial. VoIP payback 3 years, PBX 5 years. VoIP is easy to scale and grows with you pretty easily. PBXs require planning because if you buy too small a PBX and fill it to capacity, you have to buy another PBX with another 5 year payback when you may only need a few extra lines. VoIP doesn't have this problem.
Cisco bought a VoIP software company a few years back and has open sourced all of the software necessary to setup a VoIP solution on your own. The website is vovida.org. Also, O'Reilly sells a book (referenced on the vovida.org website) that describes how to use vovida.org to setup a solution.
You will still need to buy some hardware. VoIP phones or VoIP phone software will be needed for the new building. VoIP phones are between $200-???/unit. The phone software is cheaper and essentially gives you a softphone. There are free softphones for linux, for windows, you can purchase them for under $100 I believe.
I don't know how difficult to setup the free voip software is, it is probably best to pay someone to support a solution for you. Be sure to shop around, we encountered many subpar vendors. Also, PBX solution providers get pretty cooperative when you start talking about VoIP. It really depends on how many phone lines you require and what your future plans are. If you planned on upgrading your data network or expanding, VoIP can fit nicely into those plans. But if you only need to add 10 phone lines, then it would seem kind of drastic unless you are going VoIP company wide. Since we lease all our lines and want to upgrade our data network anyway, VoIP will save us alot of $$$. The quicker payback also saves us alot of $$$. The scalability also saves us alot of $$$. We can just buy what we need.
You just need a way to get a few lines over a wireless link from the sound of it. I hope this helps a little.
Maybe you could patch something together from vovida.org for those few lines. Check it out.
If 5% of your customers use a different browser than IE, and you want to get the most value from your website, create pages that work for both. Getting ROI from a website is hard enough without throwing away the opportunity to catch that 5% by making your pages compliant. If you spend money on your website to make it valuable to you and your customers, why not spend some extra $$$ to make it viewable by everyone. Other browsers do have a user base no matter that 95% use IE. That 5% is not going away. If you start designing standards compliant and then introduce browser specific variations as needed, it is much easier than designing a page against and quarky and moving implementation and then trying to make it work with another browser. Remember, the browsers are trying to implement the standards, so it makes more sense to start with the standards and alter them as necessary. Microsoft has stated its support for web standards, so each new version of its browser is going to be moving closer to web standards.
My $.02.
If you like sci-fi, look at the changes in the explanation of evolution over the past two decades as delivered in sci-fi tv series/movies. Compare Star Trek TNG series (80s) to the x-men movie. TNG pushes theory (1) [see above] while the x-men movie pushes theory (2). From the x-men movie, the rapid changes would seem to happen w/o any obvious external catalyst. Perhaps like garbage collection in some programming languages, it produces a rapid change when enough changes in memory usage occur and/or the need for space to continue expanding. While sci-fi may not be the best source of information on scientific theories, it certainly is useful in providing historical insight into how science has changed.
Observing evolution everyday? The underlying explanation of the evolutionary processes at work has been in a state of flux for the past 200 years.
(1) Evolution happens over a long period of time with small evolutionary changes over 100s of millions of years.
(2) Evolution happens over a long period of time, but instead of small evolutionary changes, rapid change occurs for several thousands of years every several million year or so.
Number (1) is being slowly displaced due to a lack of sufficient fossil evidence for all of the necessary intermediate forms required by the small change model.
Number (2) is currently the more widely embraced theory. So if the definition of what is happening keeps changing, how can you see it everyday?
Evolution is a theory for a reason. Facts don't change, theories change.
The comment below explains RC4-HMACs role in the kerberos authentication process.
For ACLs as they relate to vms and nt/2k was what I was referring to and should have clarified since the material I referenced was a reference from an article about nt/2k/vms ACLs and historical difficulties with ACLs.
As for your comments on kerberos and rc4, see the paper I reference in my other post for an introductory reference.
Concerning rc4's vulnerabilities, the suggestions you gave are mentioned in the rc4 link, and also list references to cryptanalysis papers concerning rc4 and possible attack methods. The one concerning the statistical attack was the one of particular interest.
I will list more references in the future with my posts. One solid one seemed sufficient at the time.
My intention was to point out issues in active directory.
This paper references the pluggable authentication capabilities of Kerberos and mentions one possible scenario of the problem I spoke of above.
a ly sis.html
http://www-cs-students.stanford.edu/~tjw/srp/an
"Designed for" and "successfully does so" are two entirely separate matters. The material you reference is a statement on the website. No reference to any cryptanalysis papers stating to the contrary. Just a statement of design intention from the creators.
w 2k _kerberos_attack.htm
. ht ml
Here is a paper that starts to suggest some problems with kerberos as implemented in active directory.
http://www.brd.ie/papers/w2kkrb/feasibility_of_
The author of the above article references dictionary attacks. Recent developments in the cryptanalysis of rc4 and it's variants make the situation much more grim.
http://www.wisdom.weizmann.ac.il/~itsik/RC4/rc4
It is not necessarily kerberos itself that creates the problem. It is the mechanism surround the exchange of the encrypted timestamp that poses the threat. PKI is an existing option in active directory that eliminates the issue. SRP would be a nice additional option.
Example:
Instead of the mechanism that uses rc4-hmac, PKI or SRP would be used instead.
Why are people that post about supposed numbers from organization x saying that product y is lost z% of it's market share always post as anonymous cowards with no reference links.
ACLs have been proven to be considerably less secure and harder to audit than UNIX permissions.
http://www.wikipedia.com/wiki/Computer_Security
There have been several papers examining the subject. See the above article and the confused deputy problem for details.
ACLs are certainly more flexible in certain cases than UNIX permissions. But flexibility usually has a cost, as aforementioned.
I agree with you on LDAP, it is a great way to centralize security. UNIX would certainly benefit from a clean way of tying the two together (PAM is only part of the puzzle and is certainly not simple to setup in my opinion).
Kerberos? It was never designed to resist attacks in which a listener can capture packets. That pretty much means how secure active directory is depends on the physical security of your network. If someone can get onto your network you out of luck. Why? Well, because your domain controller encrypts an ascii timestamp with your password when a request is sent to it to logon as a certain user. An RC4 cipher is used and given that RC4 has been torn apart cryptographically, that you know atleast a 80% part of the ascii timestamp because the dc will happily tell you the time, you have plenty of info to crack the password.
Since MCSE's like defaults, I would imagine and as far as I have seen, most admins use the out of the box kerberos authentication as is. In there defense, Microsoft does offer the use of PKI in place of RC4 which is resistance to these particular attacks, but it generally requires a smart card reader and smart cards to deploy. There is an additional substitution option, but I cannot vouch for the strength of it either. Hopefully, microsoft will use a strong authentication protocol like SRP in the future in place of the weak mechanism included in there kerberos implementation.
I think that the parent post says it all, despite the remix attempts in the child post. A very old industry who has historically fought technological changes that it perceived as harmful to its archaic business model is at it again. The ??? reminded me of the dotcom posts in the last year concerning open source business models. Economically, adapt or die applies to all companies, even well funded and well lobbied ones. As before, the parent post says it all.
A major piece of information people seem to be ignoring concerning the peru legislation and the california legislation is that the proposals are not saying we will only use gpl/open source software only. The law merely states that the government will not purchase software from companies who place restrictions on the use of there software/source code which will prevent the government from acting in the public interest. A company selling a product with draconian licensing terms gets quite a bit of pull by handling a large government contract since all businesses that interact with the government will most likely be forced into using the same software. A government should not create monopolies in this manner with public funds. Such an attitude goes against all the trust-buster legislation we have in place. The government is here to service the people, not to help aging businesses protect there obsolete business models.
I agree. The sapdb uses a non-standard build system instead of open source tools like automake, autoconf, make and/or ant. Actually, ant would be a nice build tool for sapdb. Converting to a standard build tool would really help get more open source developers interested in trying to unravel and improve the code. While the pascal/c++ mix might be strange, I think someone would hack-a-way at it (I would) anyway if the build tools had an atleast familiar feel. When I setup sapdb, it was definitely more difficult to setup than mysql. I really liked the feature set and I almost used it for a production project I am working on now. It has a lot of potential, but sap is going to need to push towards using the tools the open source community is familiar with.
Apple is an entirely different situation. The try to control the hardware and the operating system.
This guy actually posts a perfectly legitimate question and he gets "ragged on" for doing so. I see about 3 *possibly* helpful posts and the rest are just putting the guy down and saying he is incompetent. Could those people please shutup? Only answer if you can help him. Otherwise you are just a moron who knows less than he does and wastes a lot of posts with non-sense. Be more professional and just answer the guys post if you have something beneficial to helping him with a solution instead of posting crap. The guy asked a question and he admits he could use some help making the best possible and most informed decision. That makes him by no means an idiot. I am reminded of a saying my 7th grade teacher had posted on his fall back in junior high school, "He that asks a question is a fool for 5 minutes. He who does not is a fool for a lifetime."
Some many consultants fit the latter in that they think they know it all and won't ask anyone for help. Funny how sayings stick with you for so long in life.
So help the guy, or don't say anything at all.
My $.02.
I can suggest an alternative. Use net folders in Outlook and a standard mail server (smtp/pop3/imap) and you can get most of Exchange's features (shared calendaring being a big one).
I haven't seen too many developments in technology (consumer applications) for the consumer to get excited about. How is Microsoft Windows XP going to inspire the excitement that Microsoft Windows 95 did? The pc has been around a long time now. The Tablet PC that Bill Gates demonstrated at Comdex looks pretty impressive. I would put it in the webpad class of devices. I have used various pdas and I have checked out the specs on a lot of the webpad prototypes that various companies have developed. For me, the devices are all missing something, ethernet. Some of them use wireless 802.11b which is fine. But connectivity is expensive, especially from a consumer point of view. I would buy a webpad class device right now if they would include ethernet as a built in feature. LCD screens are very expensive still. How does Microsoft intend to create tablet pcs with attractive feature sets and yet keep the cost low enough for people to buy?
The post I am replying to is by far one of the best explanations of what makes a science different from a religion that I have ever heard. Most stop at saying something like:
"Only problem is, Creationism is the basis for a religion. Evolution is not. "
This is a very empty statement. Many religions are based on explanations of reality based upon things one cannot observe. It involves believing an explanation for an aspect of the real world that you cannot directly or even indirectly observe or perceive (either that conclusion is stated in the explanation or is deduced by the individual believing the explanation).
"Science is not "proved". Science can only be disproved."
The above phrase does an excellent job of describing what science is at its core. Science involves making observations and formulating an explanation based on consistent or inconsistent empirical evidence. When enough empirical evidence is gathered to provide an explanation, an explanation gains plausibility and is taken as the best explanation until other observations and empirical evidence state otherwise. Essentially, "Science may only be proven wrong."
The sciences began with early philosopher's such as Socrates, Plato, Descartes. Even earlier than those individuals. At one point in time, the composition of substances was attributed to 4 elements (earth, wind, fire, and water). The idea was that when wood was "burned"--the wind and fire within the wood was released--however, until burned, earth and maybe water were the only evident elements. The observations made were very superficial and certainly not empirical in nature. However, scientific thought and processes improved to focus on empirical evidence over superficial observations and the aforementioned theory was disproved by overwhelming evidence.
I have heard proponents of religion present arguments that concentrate on the "observation" part of science. Christians often compare saying "we believe in what we cannot see" and you science people "choose to believe in what you can see". There by an argument is made that both "science" and "christianity" and "islam" and all other "religions" are built on faith in something. That is very true for all "religions". But science is not just about "observation".
Science is about observation, repetition, different people doing the same experiment and getting the same results consistently. Science is about stepping back and using the process of reason to look at every aspect of the collected observations and experiments and making a solid conclusion which is then improved upon by the same process.
Science "evolved" from the thought processes and tools of the early philosophers. Science is based on reason, the core of the human mind.
So many great technologies that we enjoy today are products of the approaches developed by and furthered by the human race.
"Science can only be disproved."
Science provides explanations for the real world. They make sense of the real world. Engineering, chemistry, physics, biology, etc. all have developed to the point they are now because of the work of these early philosophers.
Science provides observations and repeatable experiments that define rules that can be repeatedly observed over and over again. It is this technique that has allowed the development of genetic technologies, modern medicines, electronic equipment, etc.
"Science can only be disproved." That is science's strength and perhaps the greatest truth about it. Science is improving the world and in doing so, science is being improved. Some of the changes are radical, some miniscule. If science is always improving, that also means that it is also always being disproven. I have never seen a comprehensive scientific explanation that lacks holes in explanation, evidence, or consistency.
Socrates believed in starting from the foundation and building on correct premises all the way from the beginning in order to obtain a correct conclusion. However, his initial premise was that the process of reason itself was truth. Of course one has to start somewhere. Reason itself dictates that a conclusion of a premise cannot be the premise itself. So by the rules of reason, reason cannot be proven.
As humans, we put faith in what gets results. At whatever level that may be. Some find the idea of "going to a better place" comforting while mourning a passing relative.
Science has gotten results in many areas throughout history. We certainly would not be where we are today technologically without it. However, it has implied limitations in the very aspect of it that makes it so powerful. "Science can only be disproven."
Socrates and the other philosophers put faith in reason. By faith I mean they accepted that something was true w/o seeing it--I believe that is the definition portrayed throughout most poetry and art as well as being a christian definition.
We all depend on reason and put faith on it at some level. But at some level, we all abandon it as well. Is every decision a human makes rational? Of course I would have to define each word, but that very statement alone is a deep philosophical question.
Is science a religion? Science is based in reason and observation and historically emerged from the work of early philosophers. Other religions are based on similiar ideas but also incorporate explanations not based on reason or observation. Assuming science is not based on explanations based outside of reason and observation, is it unique?--YES.
Does uniqueness make something more truthful or a better approach? No. Historical evidence says otherwise.
So why is it that when science is defended, it's uniqueness from other approaches is stressed, while the very aspect of science that makes it powerful is ignored?
Does the fact that science is based on empirical evidence and observation make it a better approach for developing an accurate understanding of the real world? YES-if the problem is one that is rationally solvable.
However, as humans, are very nature indicates that we are not rational people. So while science is a good tool for developing many kinds of solid explanations in the real world, it can do little for the problems we humans face in dealing with ourselves. Whether we know why we act irrationally is irrevelant since it is incapable of helping us deal with ourselves any better.
Now as for creationism vs. evolution, the question is, does science offer a better explanation than creation? What is a better explanation for you? Science starts from the ground up and tries to work up to an explanation for creation. Christianity and other religions start at the top and work down. This is also why so many arguments are mismatched when the two sides debate. Science says "we want the details", "we have ours, where's yours?". Christianity says "we have the big picture", "where's yours?" The problem is that science will never have a big picture because it will continually disprove itself to improve itself causing large amounts of the big picture to get shifted so much that it will never look the same way twice (think about the butterfly flapping its wings and its impact on the weather--see chaos theory if you don't understand). Christianity on the other hand will never have the details to fulfill our rational minds leaving us always searching. Science and Christianity will never see eye to eye for those very reasons.
Either approach has it's drawbacks. The big issue is, what should be taught in school? Since both beliefs supply explanations for the certain groups of problems, and since both techniques are practiced, both must be taught to uphold the constitution.
The toughest part of that whole problem is that science and technology have become essential in sustaining human life at certain quality levels. It also drives much of the economy. Lobbyists are so effective at keeping it in schools and christianity out for this very reason. It is not a, oh, this one's better because it is staying in schools while creationism is out.
Anyone who believes it provides better explanations for all aspects of human existence and reality is deceiving themselves?
Even if you don't believe in Christianity, scientists will sometimes assume a basic principle is false in order to expose hidden opporunities for better explanations. So at the very least, other religions are valuable to expose students to for that very reason.
Anyone that makes it this far, thank you for reading.
I hope something I said will encourage you to think about the ideas you have accepted and taken for granted, and it will make you take an interest in truly learning about the ideas you have ignored.
Trying to apply a real world analogy to the digital world is like designing filesystems like file cabinets which in itself is a bad analogy. Imagine a corporation that sells padlocks. You buy a padlock for your home, your neighbor buys one, pretty soon, 60% of the people in your city have one, then the state, then the country. Now the locks are everywhere. A thief by trade discovers that all the locks open with the same key. The keys look different when examined, but they all have the needed notch to open any of the locks. The thief will keep this secret quiet most likely since it is an unknown. He will break into homes with those locks and have his pick of any home using them. He can go one at a time and steal whatever he wants with ease. Now let's say a customer reports to lock maker corporation that he noticed the problem. The corporation says, oh, it is just a bad batch of locks, we only sold a few with that problem. We will send you a new lock. The customer receives his new lock and tells a his friends/neighbors. Some of them hear it and also receive new locks. But eventually, as communications theory goes, the lock problem won't go much further outside the center individual. It may even be ignored. The corporation will not alert its customers since it would cost them both refund/replacement money and future sales. They would rather wait and let you buy their next product in a few years than give you the safety you thought you payed for. The might even use the info in a watered down form (diverting their responsibility) to sell the latest model in a few years. Now suppose the thief made the information public. Now the corporation has to respond to its customers for the low quality product they sold them. Now customers will be aware of the problem. However, more thieves will also be aware of the problem. However, the customers have a chance to respond to the danger they believe they are safe from. The incident costs the company a lot of money and increase the number of break ins that would have occurred if customers ignore the warning. The corporation selling the product hurts financially. If the customer doesn't respond to the warning, they hurt financially as well since their house may be broken into. But the customer has a chance to respond where if the information is not disclosed, no such chance exists. The company won't tell. I believe that is what this whole criticism of hackers is about. It is keeping sysadmins on their toes. It is keeping companies on their toes to fix their products and test them better. That is what is making the industry angry. I believe their are a lot of sysadmins who should be saying "May I help you", not running a company/school network. So the new version of that product has cool and easy to use interface, do you know anything about what you are configuring? Do you keep yourself well informed on security issues or depend on a vendor or an "it won't happen here" policy to save you? If you are, you should choose another line of work. The benefits to consumers and computer science in general are enormous when security systems are open to public scrutiny. A "black hat hacker" may not be stopped since he is capable of finding his own exploits and will take the time to find and code tools to exploit them. All the other individuals who attempt to wreak havoc, steal information, etc. from your company will flock to these premade tools. Premade tools encourage many who wouldn't attempt such a feat for lack of skill/tools to wreak havoc. But the premade tools also cause the rest of them to gravitate towards tools that because the exploits/tools are documented publicly, provide you company/school a defense against intrusion and a easier path to detecting intrusion so that damage and theft can be minimized if not eliminated. Most of the time, the information will cause the individuals to gravitate around the exploit, preventing them from using their creativity to locate new security holes and build tools themselves that are significantly more difficult to detect. It prevents in that they are less likely to think outside the box once they have been contaminated by the contents of a publicly known exploit. Openness is the only way to be secure. But it will cost unprepared organizations and sysadmins a great deal of money and trouble. But maybe those sysadmins should be working at McDonalds anyway.
Assuming this is setup, with that high of a voltage, I wouldn't want any physical connection between the dsl modem and my computer. Let them convert it to optical and run a fiber line into the pc (fiber nic in pc) or maybe use an infrared or other wireless technique. No physical connection electricity can travel in though-not me... :0
Isn't anything that is available electronically being devalued by the ease of duplication? The reason for purchasing an item is because (You cannot produce the item yourself (lack of skill to produce the item, higher cost to produce it yourself, too much time to produce it yourself (or saves you the time). There seem to be to parts to an item, the blueprint that tells how to make the item and the finished item. A car company keeps the blueprints for its vehicles secretive. Another car company could reverse engineer the design or steal the plans, but legal action can be taken because the other car company is known to be the guilty party. A single entity. A record company records a master for an artist. They then distribute it on cd. Efficiently duplicating the item and with good quality was difficult and expensive. Such as a taped recording of a cd or record for use in a car. People become able to burn their own cds, so efficient copying is now possible but still pretty expensive and somewhat technical in nature for less than savy computer users. Now comes mp3s. Ripping a file off a cdrom becomes easy, but still may be beyond a lot of computer users capabilities in terms of understanding. But copying a file that someone else made and makes freely available, that is easy. The previous model for making money off recordings ceases to work because value has been taken away from the model itself. Duplication is easy. Unlike a car, in the case of music, the blueprints and finished item are one and the same. So what do you do? When this type of devaluing has occurred, historically, legal approaches have failed. They only incite anger and uprising. Trying to restrict technology also fails (e.g. DIVX). I would say the best approach would be for record companies to merge with internet portals. If you want to get attention, the internet is becoming the place to be. If I were an artist, I would say focus on laws/agreements that permit you to track the amount of attention your music is getting (number of downloads, page visits, etc.). Make deals with one of the portal companies to record/distribute or just distribute your music exclusively on first distribution. By first distribution I mean the first time your music is made available electronically. A lot of people would love to send money to an artist whose song they have in there possession in mp3 format. There is no method for doing so currently. People want some way of doing that that is as easy as downloading the file. The portal could provide that service to the artist and take a cut (let the user know what % though!!!). Also, people would like to know that what they are downloading is the real thing. That is something that will draw people to the portal--to know that the music they are getting is authentic. There are so many possibilities with the internet--I cannot come up with it all on my own. But one thing is for certain, any item that is distributable electronically loses a lot of its value, value must be preserved, but it won't be preserved with legal proceedings and technological restrictions. Historically they have failed and will continue to fail. Those who do not understand the business end will lose--Lars said that. What if the business end doesn't understand the business end and the artist depends on them? I agree with Lars that napster-like portals shouldn't profit at the artists expense. They are using value that they didn't create. However, when you try to apply that to consumers using value that they didn't create, that model fails because consumers are the f(0)=0, f(1)=1 in the fibonnaci sequence. Laws and technology restrictions work for Fn = Fn-1 + Fn-2 companies in the world, but the consumer is a special case that makes the whole thing work. The same rules cannot be applied and be expected to work.
I don't use Windows 2000 Professional on any of the systems I use as of yet. However, I am using a Windows 98 machine where I work as a file server. I started out sharing a few simple files and it turned into a file server. NT 4.0 was not worth the time to install it. For what I needed, 98 did fine with permissions. It does crash from time to time though. I intend on loading Windows 2000 professional in the near future and using it as a file server. I have talked to several people that use it as a desktop os and they seem to be pretty happy with the results so far. I push a system a lot harder than a normal user, so I will know very quickly how Windows 2000 fairs as an OS. Stability seems to have definitely improved according to several friends. However, you better have some decent hardware to run it on. A pentium 400+ w/ 64mb+ ram and 6gig hd+ (larger drive usually means faster data access-helps a ton w/ virtual memory). I also use linux here at work. It works great for masquerading and proxying. I installed samba on a bunch of old 486s and set them up to share a printer. I won't go into detail, but in our particular situation, this beats a centralized print server. In my 3 years experience with linux, I have never had it crash for reasons other than a hardware failure. I have configured over 100 systems with various applications. One thing about linux is the learning curve. It is not the easiest thing to jump into and learn. A lot of my friends are interested in linux but don't even know where to begin. I did ALOT of reading and had some help from a linux guru friend--that is how I learned linux and my knowledge of it continues to grow. Linux is great for any type of server application I have seen to date. It scales well and requires minimal hardware. That will be a problem for M$ if embedded systems become dominant (NC, set-top boxes, etc.). Windows is easy to use--easier to use than linux. Linux requires you to have a good understanding of how a large portion of it works before you can use it. I know I know, Redhat, Suse, Caldera all make linux a bit easier by setting up the gui ahead of time for you. Things are improving in that respect. I have used Redhat, I have tried helping someone setup Suse (tar didn't work--eek), they have a ways to go. Debian is my distribution of choice. I couldn't believe how much better Debian is than the other distros I have seen. Sure, it might not be the most user friendly distro, but it works. Linux requires you to understand a good portion of how it works before you can use it, Debian is the same way. The other distros are more a DO-or-DIE based on what I have seen. If the distro doesn't recognize your nic, graphics card, etc., most normal users will toss it on a shelf after attempting an install and will reload an M$ OS. Linux's design is much more refined than M$. I can go throughout linux and step by step figure out exactly what is going on from bootup to shutdown. I can trace through all the scripts and find a path of execution. I can fix it easily or alter it's behavior and will and KNOW that it will work the way I have set it up to work. On the other hand, I setup a M$ operating system. It is easy to use, stable enough to use for a while (atleast a work day), but when I try to secure desktops to use in a computer lab, eek. Registry keys are changed that I have locked. It is interesting, some keys in the registry refer back to a single key. If you lock that single key, the value can still be changed through one of its aliases. Also, if you have a corrupt registry, you are usually done. There are some tricks at the DOS prompt w/ regedit, but usually, it is a reload (or a reghost in our case). We have found as our college has grown that it is easier just to reghost in most situations than to figure out why it happened. The answer is usually not worthwhile and certainly not worth the time. It is more cost efficient just to reghost a windows machine. Windows is a graph. I read where that the average path of one web page to another on the WWW is 19. Windows has had so many fixes and hacks applied, that it is more like spaghetti than anything else. But it is more user friendly and wins out on the desktop and will continue to do so. I am glad to see M$ decided to focus on stability and less reboots, those were much needed changes. But getting the spaghetti out will be a lot of work, if it ever happens. Linux and Windows each have their place. Windows is great because you can pull any intermediate/advanced windows user and turn them into a network admin. I watched to comp sci students that have never worked with windows nt, setup their own domain with pdc and bdc--they setup NT server 4.0 with ease. It may crash, everything may not work correctly, but you can pull Bob from accounting and have him setup your network for you when you get beyond the workgroup stage. That is the value of NT. At some point as you grow, bob becomes fulltime sysadmin. Then either bob is sent to M$ training or you hire in an MCSE. Then as you grow more, you add more M$ technologies. You go from exchange in pop3 mode to exchange in native mode. You add outlook 98 and calendaring. Then your domain becomes so big and your requirements so large, and manageability and stability start becoming serious issues and your system becomes difficult to maintain. You start incorporating linux, solaris, ibm technologies, or novell into your network. You hire in highly skilled personal to run those new systems. You do more with less people and less machines. Eventually, you are doing 10x the work w/ 1/20 of the people and 1/3 of the equipment. However, a lot of businesses don't hit that last stage, so they stay with M$ and that is where Microsoft is experiencing the most demand and growth for their server products. The enterprise will belong to IBM, Sun, Linux, and Novell because the products are more stable and scalable than M$. Well that is my $.02. Oh, one more thing, anyone that posts anonymously I ignore. If you won't back your statement with an identity, I don't really care what you have to say. Oh, just in case something happens to my post so that my id doesn't get posted: Login Name: Dark Fire Later...
If I am not mistaken, most credit cards make their money from interest payed on borrow money (very high interest). Some charge annual fees, but their real money is made on people paying late fees, other types of fees, and very high interest rates. Sure, a credit card could be used responsibly, I know many who do, but the credit card itself would not exist in its current (and profitable) form w/o irresponsible people. My theory is that credit cards started out as a bank service and when it was realized how irresponsible so many people would be with them and how profitable such a service could be, VISA, MasterCard, etc. were born. That is just my theory though. My great-uncle is a banker, but I do not like banks either. I put them into the same boat. I like credit unions much better. Credit unions are more community minded-money keeps circulating to-and-fro w/i the community. It is a great idea. Banks and Credit Card companies are siphons. Of course, the guy in the article will have to be tried by the letter of the law. If credit card companies know so many people are irresponsible, maybe someone needs to protect those people from such predators. Or maybe we just need to quit providing ways for people to circumvent responsibility in our society. That is my babbling for today...