Well, my iPod just loves to collect the fingerprints from working in the yard, in the barn, on the car, etc. White is an awful color for the way I work. Black is best. Brown is pretty good. Almost anything but white. I don't get the fashion angle. I just don't. For that single reason, I love my SanDisk player. It doesn't grub up as much as my iPod and it works just fine for what I need. Both were gifts so it wasn't my $$$ that supported the price decision.
You are so right. We're in a bank. 85% of the people here run one application...the teller app. Absolutely no need for Aero and all the other stuff. They log in to the network, crank up their teller app and stay in it until they go home. They use e-mail...but not Outlook. Our company doesn't do Word. Our XP PC's are streamlined....no funky Toys 'R Us interface...no balloon help...no shadow cursors...no animated menus. ZIP support is shut off...USB is shut off. These are basic terminals.
We need Vista like we need a delivery of counterfeit money.
Why isn't anyone more than a little upset that the government is mandating that we pretend it's a different time every so often. I like the poster that said if you want more daylight, get up earlier. I just don't get how it's OK that one day, you wake up, and BY LAW, you lose an hour. Give up on DST. What a stupid idea. We're turning into a nation of sheep. At least sheep don't have to figure out this time shifting thing that we do....
We had an executive who consistently played Solitaire and Hearts, even when we tried to convince him that it didn't make him look too good in the eyes of his subordinates. He also HATED PC's and, most especially, spreadsheet programs (he was a pencil and paper kind of guy). Finally, IT went in and changed the shortcuts to his games so that they only opened his spreadsheet program. He sort of guessed that it was done on purpose, so he never made the phone call to "fix" his PC. The effort paid off...he went back to the crosswords in the newspaper, something that at least "looks" like real work!
You are precisely right. Blatantly ignoring policy that you understand and have agreed to abide by is reason enough to get canned. Usually when someone is canned for breaking a rule like this, the company gets criticized for "not working hard enough to keep otherwise good workers". The truth of the matter is that the company set the policy in an attempt to continue to employ people who were finding increasingly creative ways to NOT be good workers. And usually, these people START at the privilege abuse level and get worse from there. Yes, they ruin it for many others...but they had their chance to follow policy. They could have just done as asked or quit. Doing as they please allows the company to do as it must. Your point is well taken.
Count me in. It's only the poster. I actually thought it was FUNNIER than hell!!!!
Re:Be careful! ATM/MAC/Debit is *NOT* Insured!
on
Fake ATM Fraud Expose
·
· Score: 1
You are absolutely right. But the courts provide for stricter penalties when a signature is forged than when a PIN is used fraudulently. Both cases are fraud, but when a signature is used, it's uttering and forgery as well. If one of our customers has their PIN used fraudulently, it's a minor felony in MA. If they forge a check or forge a credit based debit card transaction (POS), it's a major felony. Finally, if a transaction is signed for fraudulently, there is no exposure to the customer (as in the $50 rule). This last item is provided for by federal statute by the way. While the PIN is technically more secure, legal standing goes in favor of the signature (which I wish wasn't the case, but they never listen to me..).
Doesn't matter if you believe me, that's how it works. It also uses the last four digits of the ATM card to figure out which network to settle with....NYCE, SUM, etc. When you use your ATM card, NO transaction begins with the switch until AFTER your PIN has been confirmed. The hash is safe because it still needs the card. That's why if you fail with your PIN, the issuing bank and the servicing network will NOT know about it. Only the owner of the ATM will see the problem on their electronic journal. It also saves bandwidth for the satellite, ISDN and dial-up ATM's which pay for data transfer.
I service these things every day. That's how it works. I can understand why you find it hard to believe, but that's what happens!
PIN's are entered into the ATM through the keypad and they are checked against a hash downloaded into the machine twice a day. A PBF (Positive Balance File) is loaded twice a day as well. This is how you can get cash if the network is down. Your PIN is never transmitted. If the entire machine is stolen, there are still no PIN's in it...only the hash. This is also the reason why those machines that have been entirely stolen in the past have not been compromised to get at the customers PIN's.
ATM' are required to be on the DES III standard by 2006. Meanwhile, they all encrypt using standard DES. Even then, the WAN wired ones re-encrypt on the banks private network on the way out to the switch (NYCE, SUM, VISA, etc.). There is NO current ATM network driver that currently accepts un-encrypted transmission. If they did, thieves wouldn't need to set up little card readers to scoop the data, they'd just crack the lines.
Very few WAN operated ATM's use IP. It's just too insecure. Most run serial cables to a FRAD or something similar inside the bank which then sends out a transmission using IP over private, encrypted lines. No one wants to have to address each ATM since the network provider tends to use their own proprietary scheme anyway (ATM Identifier, Poll Select, etc.).
Data leaving the ATM does NOT include a customers PIN. Authentication is done in the box and never sent out. Again, that's why the thieves need the camera and / or card.
Card swipers are cheaper to make and easier to fix. The real reason they are used instead of eaters is because far too many customers walk away from the ATM leaving their card hanging out of the slot. We get a few every day turned in by honest customers or dropped in the night drops of our branches. Card swipers solve that problem. They also won't eat a card that a customer accidently used...like their department store card instead of their ATM card. We get a lot of those too, especially around these holidays!
Re:Be careful! ATM/MAC/Debit is *NOT* Insured!
on
Fake ATM Fraud Expose
·
· Score: 1
MAC/ATM/DEBIT is not fraud...it's a common exchange medium.
The bank can't guarantee a debit transaction that is originated on the store owners network. They can only guarantee a transaction done at the ATM on their own network. Suppose good old WalMart has someone that tapped into their network and scooped the info on a debit transaction? There is no way that the bank could guarantee against it. It would be like trying to hold your ISP responsible for someone who broke your WEP encryption and used your WLAN for themselves.
BTW....you're still covered against fraud by the switch provider...typically Visa or MasterCard against fraud....including PIN fraud on debit transactions.
Oh...one more thing. If the retailer asks you to use a PIN, don't. Sign for your debit transaction instead (say CREDIT...but not Credit Card). Thiefs HATE to forge a signature and your sig is as good as gold when dealing with fraud.
I just did. My example is not in the standard. Only HTML mail is. Again, the premise stands. Using a format that is not known to my mailer is going to result in your mail falling out. If it's also an insecure and non-standard format that you're using, that's a problem. I'll address it by not supporting. Now, it'll be up to you to fix it. Look, it's not HTML mail that bothers us (although that has more than it's share of problems in the enterprise), it's the loose application of code that is not designed for this use, as well as the inclusion of non-mail AND non-HTML code just because you can. It's un-necessary and clearly causes problems. The solution is not to wait and hope it will all go away. The solution is to not support code that can't be made secure...not support clients that are insecure by design...and to seek alternatives that provide the security. NONE of these options reduce the ability to use e-mail, although they may impact optional functionality. Far better than complete dis-functionality caused by a worm or virus that found it's way in because of a loosely written mail client that an end user simply found fun. I've worked in corporations that have mail filters, ready to roll, that look for Outlook headers. When a major outbreak occurs, they quarantine ALL Outlook mail for a bit until they can be sure that they have all the tools in place to stop whatever bug may be out there. These sysads have learned to suspect the mail client even before the mail message. Now THAT tells you something about security.
Actually, it's the written standard, not my way. You can look it up. Dealing with it is easy. I strip out lazy HTML and, if YOU can't communicate with me it's something for YOU to deal with. The premise stands. Use a compliant mailer, and the Microsoft oriented viruses and worms that tend to be so effective with non-compliant configurations of Outlook go away. It's not even just lazy HTML, it's the rest of the crap that is unnecessary to e-mailing. And don't even think of suggesting that I should be REQUIRED to use a non-compliant piece of software simply because you've chosen to use one to send me mail. Now THAT is a high horse indeed.
Using seatbelts saves lives too. I'm not demanding that everyone use those either. You know the rest of the thought......
And that's about as basic as it gets. E-mail is text. Anything else is un-necessary. Why people just HAVE to use lazy-HTML is completely beyond me. People should use Pegasus or some other compliant mailer...at least to keep life sane for those of us who otherwise give a damn.
Every time I buy a boxed set at CompUSA, I see people watching and I know they're wondering about using it. Certainly, they're seeing that people DO buy this "Linux thing" they've been hearing about. At work, people grab the box...or the manuals and comment on how neat it all looks. They claim to be surprised at how much you get in the package, thinking that only MS can do stuff like that. When vendors come in, I purposely leave the materials laying around and I always get a question or two about where our "commitment" is to Linux, usually followed by a resigned sigh as they realize that they'll have to adapt or lose. Red Hat is seriously underestimating the power of that box, and Linux will suffer because of this.
I put it on a PII 333 yesterday morning with 256 MB RAM. Not a problem. Don't use X terribly much but there really is no speed problem here. Half the time, it's never the CPU speed that is an issue. It's RAM, vid card, etc. I get oh so tired of people who figure that the minimum acceptable hardware standard is what they just bought a little while ago. The fact is that everything goes faster on a faster chip (well...almost everything), but life is still peachy at almost any speed.
This is a distro we're talking about...not a production database machine or compiler.
I live in Massachusetts and I know of a few people gnashing their teeth right now because they wish the Microsoft case would go away. They feel that way because:
1) They know that they are wrong in their support of MS.
2) They know that the AG is SUPPOSED to represent those who have been injured when the law is broken. They just wish it weren't true in this case.
3) They can't find the right words to make "GUILTY" go away...it's a stigma no matter what the punishment to MS is.
4) They are fearful that their true lack of knowledge in the tech world will put them at a competitive disadvantage if ANY non MS (read...non-understood) technology were to become popular. They don't do *nix because they don't understand it. And won't. And don't have to so long as the monopoly keeps them safe.
It doesn't matter if the AG wins or loses. His efforts keep the truth closer to the front page where people read about it. Perception is reality so let the charges fly.
By the way, I just e-mailed Mr. Reilly as well as phoned his office (617-727-2200) thanking him for his efforts and offering my support. He should know we care.
So I came in to this job and they asked me to look at the network and make it better. I looked at the servers..some Netware and some NT. I upgraded the Netware servers to the latest versions and that made the network better. I upgraded the NT boxes to Linux and that made the network better. Since I'm out of magic, I love it when the NOS application people throw some of their magic my way (porting PostgreSQL to Netware).
ps...and I still don't need a &*(%ing mouse on my server!
The company I work for chose WordPerfect back in 1995. We went to Word for a while in 1998 but upgraded back to WordPerfect when MS got into DOJ trouble again (we figured that if MS was on our payroll to develop software and they broke the law, we'd have fired them so why would we go buy their software now?). It turned out that most of the time, WordPerfect can read Word without too much difficulty. Better yet, it can save to nearly any version of Word.
Sadly for Microsoft, Word is not nearly as adept. It can barely convert to WordPerfect 5.1. Because of this (and nearly 40,000 WordPerfect documents on our networks), using MS Word in our organization would be reckless.
Finally, in the last three years, we've acquired 3 other companies. I converted all of them to WordPerfect Office 2000 (upgrading all locations to WordPerfect Office 2002 this week). Some users were so MS Word brainwashed that they panicked...and continue to panic even today. They believe that if it's not MS, it's not good. They also can't understand why we don't use AOL to get online! Needless to say, I don't worry too much about them. The rest of the organization wants to create word processing documents...quickly, reliably and professionally. WordPerfect does exactly that. Yes...you can share files and yes, it is more advanced than Word when it comes to complete control over formatting.
With all this going for it, why wouldn't HP and Dell offer this software? And the more people who go home with it, the better off we all are. We've never regretted our decision and we've never been hurt by it. Kudos to these industry leaders for taking the hard, but high road.
I currently have about 90 gig of total home storage...soon going to about 130 gig. But, there's only about 40 GB actually being used for data...MP3's, digital photo's, photo editing stuff, old book reports...you know what I mean. A lot of space is OS files because my total file storage is across 5 machines. Screw backing up the programs! For the most part, I'm going to need to dig out the CD's/disks anyway.
I spread the backups around. Run a script to handle all the machines sequentially. 10 gig goes to a machine down the hall....runs across the fast ethernet wire sometime at night and gets compressed at it's destination. Another 15GB comes off of that machine and is dropped two floors below on a Samba share. Gets compressed too. So on and so forth. One log file gets written...PGP'd and SMTP'd to greet me when I get to work at 6:00 AM.
Yup...it's a pain sometimes. But I more efficiently use the storage without dedicating any one unit. I always leave enough space for other work. I increase tolerance so that if a box dies for good I only lose a piece of the backup scheme. The whole shebang runs while I'm snoozing and can afford network traffic and CPU cycles to compress. And they're all full backups to boot.
I've been nailed a couple of times, but not fatally with this setup. Oh yeah...all the boxes are on UPS's. That's important. I've lost more to the power company than to ghosts in the machine.....
Keep in mind that the decision to platform most those services was made by committee...including those "suits" that didn't like what we ended up doing. My vote was one of 15. The committee ranged from the CEO to a marketing consultant. I needed to bring to the table all reasonable solutions. Price, performance, security, availability and usability were major factors. It's telling to note that the people upset about the committee not selecting some of their favorite software (Outlook on Exchange, AOL Instant Messenger, NT server) had never even heard of Lotus Notes or Groupwise or Apache. Like a lot of people, they take comfort in what they know. Like a few others, THEY demand that THEIR solution is shoved down peoples throats.
We are certainly not against Microsoft. We run Excel and Access because, out of all the candidates in those areas, they were the best for what we needed. But we don't use Word, PowerPoint or Outlook. Our internet banking product runs on NT. Our telephone banking product runs on OS2...as does every ATM machine. We've never bought an office suite because we invariably discover that one or two pieces of the package aren't as good as someone elses. We're also small enough to **make** things work so we select the best for us. If your decision is to use Outlook/Exchange so be it. That's not my concern. The topic was not why we don't use Outlook.
Really, the loudest complainers make comments like this..and I quote....
"I wish that we would just switch to Microsoft for everything so that we won't have to keep looking at new software every two years or so".
That's not a viable solution. It's a dangerous business precedent. In less than two years we'll be looking at Outlook/Exchange again...maybe sooner. If it's the best solution, then we'll use it. If not, then we won't. That's what makes a business run. Good choices based on core business philosophies. It's neither your fault nor mine that we can't please everyone.
One last note. The two agencies we acquired that ***had*** been using Outlook (and other MS supplied solutions) were doing so because they contracted with a local IT shop that ***only*** installs MS products. They were surprised to see that there were choices available from both an open as well as a closed source perspective. They were also eager to participate in choosing how the solution would help their business. Then, we asked the IT services firm to quote us on alternative products and platforms as we went through the conversion process. They had no familiarity with any other products and couldn't quote. Surprisingly however, they were shocked when we didn't ask them to stay on board to install and support the chosen alternatives. The owner stated that we weren't the only company to jump their corporate ship this year because of their narrow allegiance to one software vendor. I'm pleased that he had the guts to say that. We'll probably stay in touch.
Because the intent of Outlook was (and is) to provide e-mail communication services. The added convenience of being able to schedule meetings, discussions and reserve room locations is great because, as another thread pointed out, the process is very "e-mail" oriented.
We allow users to publish public calendars if they want to. Not everyone wants to. Being primarily a "retail" operation, it's very rare that someone isn't "hard" scheduled to be covering a customer area...be it the teller line, the customer service/sales area, pensions, trusts, lending, etc. Meetings involving more than a few people are generally held for everyone and thus, don't need the granular approach afforded by Outlook.
Calendars are generated using XML on a Java interface that we wrote. Users can have as many calendars as they wish. Some are private..some are public. All reside on a Linux server and are accessed through a browser. When e-mail is required, a mailto extension kick starts Pegasus (using NSProto). Drop down lists provide e-mail address books on each calendar page...personal and private...as well as distribution lists. All calendars are archived. Public event changes are automatically e-mail to affected participants. All calendars are accessible from any other remote location. Calendars needing to be kept private are stored in users home directories. Public calendars are web based (Apache).
The "blind" set of many people is that, because Outlook has this function built in, then ALL e-mail programs must have it. That's why Pegasus will get it soon too. It's not that it doesn't belong there, it's that for scheduling, what most people really need is a calendar/scheduling program that has access to e-mail...not the other way around. And what people REALLY deserve to have is MAPI that works, so that you could deal with any scheduler and any mailer without being cursed with this "Outlook or else" problem.
The problem with these (few) suits is that they seem to think that whatever they grew up on is the ONLY way to go. Anything that they have to learn or adapt to seems to drop them a notch or two and that is unacceptable to them.
By the way, we've always scheduled in this way. Started out using a javascript routine and publishing to an intranet page (at that time, it was on a Netscape Enterprise Web Server). The system was basically "read-only". Kept going from there. Stayed away from Outlook/Exchange due to the proprietary issues like the MS-TNEF junk, the security problems, the default to rich text/HTML...I could go on and on. Outlook works fine...it just wants you to sell your corporate soul. I do the IT stuff...I'm pretty sure that soul selling is NOT in my job description. Shouldn't be in any of ours...
I think a lot of folks are doing stuff like this. We did it a little at a time. MOST of our users haven't noticed anything different except that things tend to run a little better. The firewalls/proxy servers went to a Linux box three years ago. Web based access to corporate mail moved to an open source Linux solution last year. Hardly anyone realizes that the last three years of corporate transactional data (we're a financial institution) now resides on a sub $1,000 Samba box. Can't even remember when I moved that....certainly over two years ago.
This year, we bought some insurance agencies to add to our holdings. BEFORE we bought them they were MS everything....from the mice up. Seems that most of the insurance business likes Redmond a lot. AFTER we bought them, they have Win2K on the desk, Samba as a server, and Linux based firewalls/proxies. Outlook is history..replaced by Pegasus Mail (I know.....not open source or Linux friendly but works great) which will soon host a Python scripting engine for all the stuff that VB does in Outlook.
The stuff runs great. The people don't know the difference...they just say that they're glad they all have a new "computer system". A few suits have trouble because they only know "names" like Exchange or Outlook. They also expect to see a calendar in their e-mail software....although they can't explain why it belongs there. I always have handy, an expense report on what the stuff cost us and a quote from CDW on what it WOULD have cost us using NT Server/Proxy/Exchange, etc. I also remind them that their way would probably cost us more IT staff too.
None of this was hard to do. None of this was technically difficult. None of this hurt our business.
All of this worked. All of this helped our people. All of this saved us money. All of this was the right thing to do.
Pick a project....think it out...do some research and get it done. You'll be happy you did and your company will be better for it. I did it in a very conservative financial institution that HATES to take risk. And now I work for a better company because of that decision.
Slashdot Mirror
Spoken like a true Anonymous Coward. You make yourself irrelevant.
I care...I just don't get why white is stylish (or at least was). Still, I don't wear white pants when I wash my truck...but I do wear my player.
Well, my iPod just loves to collect the fingerprints from working in the yard, in the barn, on the car, etc. White is an awful color for the way I work. Black is best. Brown is pretty good. Almost anything but white. I don't get the fashion angle. I just don't. For that single reason, I love my SanDisk player. It doesn't grub up as much as my iPod and it works just fine for what I need. Both were gifts so it wasn't my $$$ that supported the price decision.
You are so right. We're in a bank. 85% of the people here run one application...the teller app. Absolutely no need for Aero and all the other stuff. They log in to the network, crank up their teller app and stay in it until they go home. They use e-mail...but not Outlook. Our company doesn't do Word. Our XP PC's are streamlined....no funky Toys 'R Us interface...no balloon help...no shadow cursors...no animated menus. ZIP support is shut off...USB is shut off. These are basic terminals.
We need Vista like we need a delivery of counterfeit money.
Why isn't anyone more than a little upset that the government is mandating that we pretend it's a different time every so often. I like the poster that said if you want more daylight, get up earlier. I just don't get how it's OK that one day, you wake up, and BY LAW, you lose an hour. Give up on DST. What a stupid idea. We're turning into a nation of sheep. At least sheep don't have to figure out this time shifting thing that we do....
We had an executive who consistently played Solitaire and Hearts, even when we tried to convince him that it didn't make him look too good in the eyes of his subordinates. He also HATED PC's and, most especially, spreadsheet programs (he was a pencil and paper kind of guy). Finally, IT went in and changed the shortcuts to his games so that they only opened his spreadsheet program. He sort of guessed that it was done on purpose, so he never made the phone call to "fix" his PC. The effort paid off...he went back to the crosswords in the newspaper, something that at least "looks" like real work!
You are precisely right. Blatantly ignoring policy that you understand and have agreed to abide by is reason enough to get canned. Usually when someone is canned for breaking a rule like this, the company gets criticized for "not working hard enough to keep otherwise good workers". The truth of the matter is that the company set the policy in an attempt to continue to employ people who were finding increasingly creative ways to NOT be good workers. And usually, these people START at the privilege abuse level and get worse from there. Yes, they ruin it for many others...but they had their chance to follow policy. They could have just done as asked or quit. Doing as they please allows the company to do as it must. Your point is well taken.
Count me in. It's only the poster. I actually thought it was FUNNIER than hell!!!!
You are absolutely right. But the courts provide for stricter penalties when a signature is forged than when a PIN is used fraudulently. Both cases are fraud, but when a signature is used, it's uttering and forgery as well. If one of our customers has their PIN used fraudulently, it's a minor felony in MA. If they forge a check or forge a credit based debit card transaction (POS), it's a major felony. Finally, if a transaction is signed for fraudulently, there is no exposure to the customer (as in the $50 rule). This last item is provided for by federal statute by the way. While the PIN is technically more secure, legal standing goes in favor of the signature (which I wish wasn't the case, but they never listen to me..).
Doesn't matter if you believe me, that's how it works. It also uses the last four digits of the ATM card to figure out which network to settle with....NYCE, SUM, etc. When you use your ATM card, NO transaction begins with the switch until AFTER your PIN has been confirmed. The hash is safe because it still needs the card. That's why if you fail with your PIN, the issuing bank and the servicing network will NOT know about it. Only the owner of the ATM will see the problem on their electronic journal. It also saves bandwidth for the satellite, ISDN and dial-up ATM's which pay for data transfer.
I service these things every day. That's how it works. I can understand why you find it hard to believe, but that's what happens!
PIN's are entered into the ATM through the keypad and they are checked against a hash downloaded into the machine twice a day. A PBF (Positive Balance File) is loaded twice a day as well. This is how you can get cash if the network is down. Your PIN is never transmitted. If the entire machine is stolen, there are still no PIN's in it...only the hash. This is also the reason why those machines that have been entirely stolen in the past have not been compromised to get at the customers PIN's.
Wait a minute.
ATM' are required to be on the DES III standard by 2006. Meanwhile, they all encrypt using standard DES. Even then, the WAN wired ones re-encrypt on the banks private network on the way out to the switch (NYCE, SUM, VISA, etc.). There is NO current ATM network driver that currently accepts un-encrypted transmission. If they did, thieves wouldn't need to set up little card readers to scoop the data, they'd just crack the lines.
Very few WAN operated ATM's use IP. It's just too insecure. Most run serial cables to a FRAD or something similar inside the bank which then sends out a transmission using IP over private, encrypted lines. No one wants to have to address each ATM since the network provider tends to use their own proprietary scheme anyway (ATM Identifier, Poll Select, etc.).
Data leaving the ATM does NOT include a customers PIN. Authentication is done in the box and never sent out. Again, that's why the thieves need the camera and / or card.
Card swipers are cheaper to make and easier to fix. The real reason they are used instead of eaters is because far too many customers walk away from the ATM leaving their card hanging out of the slot. We get a few every day turned in by honest customers or dropped in the night drops of our branches. Card swipers solve that problem. They also won't eat a card that a customer accidently used...like their department store card instead of their ATM card. We get a lot of those too, especially around these holidays!
MAC/ATM/DEBIT is not fraud...it's a common exchange medium.
The bank can't guarantee a debit transaction that is originated on the store owners network. They can only guarantee a transaction done at the ATM on their own network. Suppose good old WalMart has someone that tapped into their network and scooped the info on a debit transaction? There is no way that the bank could guarantee against it. It would be like trying to hold your ISP responsible for someone who broke your WEP encryption and used your WLAN for themselves.
BTW....you're still covered against fraud by the switch provider...typically Visa or MasterCard against fraud....including PIN fraud on debit transactions.
Oh...one more thing. If the retailer asks you to use a PIN, don't. Sign for your debit transaction instead (say CREDIT...but not Credit Card). Thiefs HATE to forge a signature and your sig is as good as gold when dealing with fraud.
I just did. My example is not in the standard. Only HTML mail is. Again, the premise stands. Using a format that is not known to my mailer is going to result in your mail falling out. If it's also an insecure and non-standard format that you're using, that's a problem. I'll address it by not supporting. Now, it'll be up to you to fix it. Look, it's not HTML mail that bothers us (although that has more than it's share of problems in the enterprise), it's the loose application of code that is not designed for this use, as well as the inclusion of non-mail AND non-HTML code just because you can. It's un-necessary and clearly causes problems. The solution is not to wait and hope it will all go away. The solution is to not support code that can't be made secure...not support clients that are insecure by design...and to seek alternatives that provide the security. NONE of these options reduce the ability to use e-mail, although they may impact optional functionality. Far better than complete dis-functionality caused by a worm or virus that found it's way in because of a loosely written mail client that an end user simply found fun. I've worked in corporations that have mail filters, ready to roll, that look for Outlook headers. When a major outbreak occurs, they quarantine ALL Outlook mail for a bit until they can be sure that they have all the tools in place to stop whatever bug may be out there. These sysads have learned to suspect the mail client even before the mail message. Now THAT tells you something about security.
Actually, it's the written standard, not my way. You can look it up. Dealing with it is easy. I strip out lazy HTML and, if YOU can't communicate with me it's something for YOU to deal with. The premise stands. Use a compliant mailer, and the Microsoft oriented viruses and worms that tend to be so effective with non-compliant configurations of Outlook go away. It's not even just lazy HTML, it's the rest of the crap that is unnecessary to e-mailing. And don't even think of suggesting that I should be REQUIRED to use a non-compliant piece of software simply because you've chosen to use one to send me mail. Now THAT is a high horse indeed.
Using seatbelts saves lives too. I'm not demanding that everyone use those either. You know the rest of the thought......
And that's about as basic as it gets. E-mail is text. Anything else is un-necessary. Why people just HAVE to use lazy-HTML is completely beyond me. People should use Pegasus or some other compliant mailer...at least to keep life sane for those of us who otherwise give a damn.
Every time I buy a boxed set at CompUSA, I see people watching and I know they're wondering about using it. Certainly, they're seeing that people DO buy this "Linux thing" they've been hearing about. At work, people grab the box...or the manuals and comment on how neat it all looks. They claim to be surprised at how much you get in the package, thinking that only MS can do stuff like that. When vendors come in, I purposely leave the materials laying around and I always get a question or two about where our "commitment" is to Linux, usually followed by a resigned sigh as they realize that they'll have to adapt or lose. Red Hat is seriously underestimating the power of that box, and Linux will suffer because of this.
I put it on a PII 333 yesterday morning with 256 MB RAM. Not a problem. Don't use X terribly much but there really is no speed problem here. Half the time, it's never the CPU speed that is an issue. It's RAM, vid card, etc. I get oh so tired of people who figure that the minimum acceptable hardware standard is what they just bought a little while ago. The fact is that everything goes faster on a faster chip (well...almost everything), but life is still peachy at almost any speed.
This is a distro we're talking about...not a production database machine or compiler.
I live in Massachusetts and I know of a few people gnashing their teeth right now because they wish the Microsoft case would go away. They feel that way because:
1) They know that they are wrong in their support of MS.
2) They know that the AG is SUPPOSED to represent those who have been injured when the law is broken. They just wish it weren't true in this case.
3) They can't find the right words to make "GUILTY" go away...it's a stigma no matter what the punishment to MS is.
4) They are fearful that their true lack of knowledge in the tech world will put them at a competitive disadvantage if ANY non MS (read...non-understood) technology were to become popular. They don't do *nix because they don't understand it. And won't. And don't have to so long as the monopoly keeps them safe.
It doesn't matter if the AG wins or loses. His efforts keep the truth closer to the front page where people read about it. Perception is reality so let the charges fly.
By the way, I just e-mailed Mr. Reilly as well as phoned his office (617-727-2200) thanking him for his efforts and offering my support. He should know we care.
So I came in to this job and they asked me to look at the network and make it better. I looked at the servers..some Netware and some NT. I upgraded the Netware servers to the latest versions and that made the network better. I upgraded the NT boxes to Linux and that made the network better. Since I'm out of magic, I love it when the NOS application people throw some of their magic my way (porting PostgreSQL to Netware).
ps...and I still don't need a &*(%ing mouse on my server!
The company I work for chose WordPerfect back in 1995. We went to Word for a while in 1998 but upgraded back to WordPerfect when MS got into DOJ trouble again (we figured that if MS was on our payroll to develop software and they broke the law, we'd have fired them so why would we go buy their software now?). It turned out that most of the time, WordPerfect can read Word without too much difficulty. Better yet, it can save to nearly any version of Word.
Sadly for Microsoft, Word is not nearly as adept. It can barely convert to WordPerfect 5.1. Because of this (and nearly 40,000 WordPerfect documents on our networks), using MS Word in our organization would be reckless.
Finally, in the last three years, we've acquired 3 other companies. I converted all of them to WordPerfect Office 2000 (upgrading all locations to WordPerfect Office 2002 this week). Some users were so MS Word brainwashed that they panicked...and continue to panic even today. They believe that if it's not MS, it's not good. They also can't understand why we don't use AOL to get online! Needless to say, I don't worry too much about them. The rest of the organization wants to create word processing documents...quickly, reliably and professionally. WordPerfect does exactly that. Yes...you can share files and yes, it is more advanced than Word when it comes to complete control over formatting.
With all this going for it, why wouldn't HP and Dell offer this software? And the more people who go home with it, the better off we all are. We've never regretted our decision and we've never been hurt by it. Kudos to these industry leaders for taking the hard, but high road.
I currently have about 90 gig of total home storage...soon going to about 130 gig. But, there's only about 40 GB actually being used for data...MP3's, digital photo's, photo editing stuff, old book reports...you know what I mean. A lot of space is OS files because my total file storage is across 5 machines. Screw backing up the programs! For the most part, I'm going to need to dig out the CD's/disks anyway.
I spread the backups around. Run a script to handle all the machines sequentially. 10 gig goes to a machine down the hall....runs across the fast ethernet wire sometime at night and gets compressed at it's destination. Another 15GB comes off of that machine and is dropped two floors below on a Samba share. Gets compressed too. So on and so forth. One log file gets written...PGP'd and SMTP'd to greet me when I get to work at 6:00 AM.
Yup...it's a pain sometimes. But I more efficiently use the storage without dedicating any one unit. I always leave enough space for other work. I increase tolerance so that if a box dies for good I only lose a piece of the backup scheme. The whole shebang runs while I'm snoozing and can afford network traffic and CPU cycles to compress. And they're all full backups to boot.
I've been nailed a couple of times, but not fatally with this setup. Oh yeah...all the boxes are on UPS's. That's important. I've lost more to the power company than to ghosts in the machine.....
Keep in mind that the decision to platform most those services was made by committee...including those "suits" that didn't like what we ended up doing. My vote was one of 15. The committee ranged from the CEO to a marketing consultant. I needed to bring to the table all reasonable solutions. Price, performance, security, availability and usability were major factors. It's telling to note that the people upset about the committee not selecting some of their favorite software (Outlook on Exchange, AOL Instant Messenger, NT server) had never even heard of Lotus Notes or Groupwise or Apache. Like a lot of people, they take comfort in what they know. Like a few others, THEY demand that THEIR solution is shoved down peoples throats.
We are certainly not against Microsoft. We run Excel and Access because, out of all the candidates in those areas, they were the best for what we needed. But we don't use Word, PowerPoint or Outlook. Our internet banking product runs on NT. Our telephone banking product runs on OS2...as does every ATM machine. We've never bought an office suite because we invariably discover that one or two pieces of the package aren't as good as someone elses. We're also small enough to **make** things work so we select the best for us. If your decision is to use Outlook/Exchange so be it. That's not my concern. The topic was not why we don't use Outlook.
Really, the loudest complainers make comments like this..and I quote....
"I wish that we would just switch to Microsoft for everything so that we won't have to keep looking at new software every two years or so".
That's not a viable solution. It's a dangerous business precedent. In less than two years we'll be looking at Outlook/Exchange again...maybe sooner. If it's the best solution, then we'll use it. If not, then we won't. That's what makes a business run. Good choices based on core business philosophies. It's neither your fault nor mine that we can't please everyone.
One last note. The two agencies we acquired that ***had*** been using Outlook (and other MS supplied solutions) were doing so because they contracted with a local IT shop that ***only*** installs MS products. They were surprised to see that there were choices available from both an open as well as a closed source perspective. They were also eager to participate in choosing how the solution would help their business. Then, we asked the IT services firm to quote us on alternative products and platforms as we went through the conversion process. They had no familiarity with any other products and couldn't quote. Surprisingly however, they were shocked when we didn't ask them to stay on board to install and support the chosen alternatives. The owner stated that we weren't the only company to jump their corporate ship this year because of their narrow allegiance to one software vendor. I'm pleased that he had the guts to say that. We'll probably stay in touch.
Can you explain why it doesn't?
Because the intent of Outlook was (and is) to provide e-mail communication services. The added convenience of being able to schedule meetings, discussions and reserve room locations is great because, as another thread pointed out, the process is very "e-mail" oriented.
We allow users to publish public calendars if they want to. Not everyone wants to. Being primarily a "retail" operation, it's very rare that someone isn't "hard" scheduled to be covering a customer area...be it the teller line, the customer service/sales area, pensions, trusts, lending, etc. Meetings involving more than a few people are generally held for everyone and thus, don't need the granular approach afforded by Outlook.
Calendars are generated using XML on a Java interface that we wrote. Users can have as many calendars as they wish. Some are private..some are public. All reside on a Linux server and are accessed through a browser. When e-mail is required, a mailto extension kick starts Pegasus (using NSProto). Drop down lists provide e-mail address books on each calendar page...personal and private...as well as distribution lists. All calendars are archived. Public event changes are automatically e-mail to affected participants. All calendars are accessible from any other remote location. Calendars needing to be kept private are stored in users home directories. Public calendars are web based (Apache).
The "blind" set of many people is that, because Outlook has this function built in, then ALL e-mail programs must have it. That's why Pegasus will get it soon too. It's not that it doesn't belong there, it's that for scheduling, what most people really need is a calendar/scheduling program that has access to e-mail...not the other way around. And what people REALLY deserve to have is MAPI that works, so that you could deal with any scheduler and any mailer without being cursed with this "Outlook or else" problem.
The problem with these (few) suits is that they seem to think that whatever they grew up on is the ONLY way to go. Anything that they have to learn or adapt to seems to drop them a notch or two and that is unacceptable to them.
By the way, we've always scheduled in this way. Started out using a javascript routine and publishing to an intranet page (at that time, it was on a Netscape Enterprise Web Server). The system was basically "read-only". Kept going from there. Stayed away from Outlook/Exchange due to the proprietary issues like the MS-TNEF junk, the security problems, the default to rich text/HTML...I could go on and on. Outlook works fine...it just wants you to sell your corporate soul. I do the IT stuff...I'm pretty sure that soul selling is NOT in my job description. Shouldn't be in any of ours...
I think a lot of folks are doing stuff like this. We did it a little at a time. MOST of our users haven't noticed anything different except that things tend to run a little better. The firewalls/proxy servers went to a Linux box three years ago. Web based access to corporate mail moved to an open source Linux solution last year. Hardly anyone realizes that the last three years of corporate transactional data (we're a financial institution) now resides on a sub $1,000 Samba box. Can't even remember when I moved that....certainly over two years ago.
/proxies. Outlook is history..replaced by Pegasus Mail (I know.....not open source or Linux friendly but works great) which will soon host a Python scripting engine for all the stuff that VB does in Outlook.
This year, we bought some insurance agencies to add to our holdings. BEFORE we bought them they were MS everything....from the mice up. Seems that most of the insurance business likes Redmond a lot. AFTER we bought them, they have Win2K on the desk, Samba as a server, and Linux based firewalls
The stuff runs great. The people don't know the difference...they just say that they're glad they all have a new "computer system". A few suits have trouble because they only know "names" like Exchange or Outlook. They also expect to see a calendar in their e-mail software....although they can't explain why it belongs there. I always have handy, an expense report on what the stuff cost us and a quote from CDW on what it WOULD have cost us using NT Server/Proxy/Exchange, etc. I also remind them that their way would probably cost us more IT staff too.
None of this was hard to do. None of this was technically difficult. None of this hurt our business.
All of this worked. All of this helped our people. All of this saved us money. All of this was the right thing to do.
Pick a project....think it out...do some research and get it done. You'll be happy you did and your company will be better for it. I did it in a very conservative financial institution that HATES to take risk. And now I work for a better company because of that decision.