For some things that might be possible, it might even be cool if that mechanic were used with a motion controller. I think that it might be harder to come up with a good way to quantify high skill in non-melee classes though.
Having been a dedicated healer in a few MMOs, the skill lies in resource management at least as much as just keeping people up. Letting a tank get down to 10% health (assuming it wasn't a 1 hit) is a sign of failure, running out of power is a sign of failure, in a bad situation, wasting power on healing the wrong guy is a sign of failure.
The AC has a very good list, I'll see if I can add anything to it.
Network diagrams should be at a network, physical and datalink layers. Only the simplest networks can have all this information on a single diagram and have it be useful. Seperate the network drawing from the datalink and physical drawings as requred but be sure to leave enough detail to connect the drawings (Visio has a nice linking feature for this). Also keep a spreadsheet or database of assigned networks, IP ranges, and assigned static IPs, including a responsible POC for each entry. Also, a spreadsheet of all infrastructure devices with model and options documented along with firmware versions, and support contract information. All ports should have a description entry for what it connects to, and the project/request/change identifier that created the connection.
System documentation starts with the system name, project, admin, data owner, system specs, OS and application software name/vendor/version information, as well as support contracft information. Then comes backup and recovery procedures. After that you have the build procedure, including all configuration changes, and scripts. Also include any system standards i.e. all sofware added is in/opt or D:, all scheduled scripts send output to admin-report mail list, all tape drives are DLT. Supplement with the afore mentioned RCA documents.
Domain/authentication system documentation should include a description behind the premission model and standard premission and logging settings for all systems related. There should be procedures for credential and access changes that are documented and understood by everyone with administrative privilege. All systems should be build to not share credentials, and imperitive credetials should be in a sealed, tamper evident envelope in a secure location (a safe typlically). Things like root and domain admin passwords can be made by 2 or more people and added to the envelope, so no person can make changes without an audit trail.
Databases should have all the system documentation along with schema information, connection parameters, and roll back procedures. Any configuration made for logging transaction logging should be docuemntated and scripted where possible (anyone who has had to custom roll persistent trace logging for MSSQL databases will empathize).
Logging and managment systems should have procedures for adding new systems and new metrics. Managed systems should be baselined, using system thresholds where possible.
Patching and patch testing should have procedures and deployment schedules (i.e. MS patch Tuesday patches should be full deployed within X days/hours of release, Sun patches will be applied to the dev environment within 24 hours of release and deployed to production after 7 days etc.)
Whenever possible use a central system for this information. A Sharepoint, Zope/Plone, or even a wiki can make the information accessible. If the support folks use the docuemntation, it will be maintained. If nobody uses it, no procedures mandate it, it will die. If you have a change management system that enforces documentation updates then people will use what you've done for years to come.
The point about hoarding is a big one. The amount of address space held by US governement entiies ie huge. I've worked with/in several.gov networks and the address allocation in most can chartiably called ineffecient. There are networks of 25K - 50K hosts that use multiple class B and class C allocations, with everything using routable IP addresses, regardless of need.
IPv6 will create some serious growing pains. We have more 20 years of the world wide web and IPv4 w/VLSM experience as an industry. There's a number of things we take for granted in the conventions, and even the protocols that IPv6 can put into question.
I thought I saw this kind of thing at Blackhat US 2006, as a browser expliot.
The difference is that it's "weaponized" now. We start patching, tracking and working on sigs when an expliot comes out, but the risk level really goes up when the threat is in the wild, and again when the expliot is packaged. I'm actually suprised that it's not a multi-vector threat, using maybe a spam or lured browser propagation. That would give the worm access to the protected interface.
Defecit spending should only be done for things that a) you would be doing anyway, or b) that have long term value. Stimulus money should only go to projects that have a effect on the way.gov does business, like Apache, Sendmail, Bind, Snort, Linux, NMAP, Wireshark and possibly Mozilla, Python, Debian and Postgres. Other efforts like giving money to OVDB to develop as an augmentation of the NVD system, which has a horrible tendancy to not contain enough information, would also be a good investment.
Dan Kaminsky's Blackhat US 2006 and 2007 talks (as I recall) metioned using techniques similar to this to detect protocol based bandwidth throttling, and used it to detect P2P traffic shaping. I would personlly say that this would work to detect a layer 2 man in the middle attack using something like ettercap. Or as Dan said, to detect some kind of inline intercept box on the network. In order to do that, you'd need to hoave a pretty good idea what the latency nubers should be to start with. In my experience, most networks of any size (1000+ users) couldn't even tell you if every SPAN port on there network was authorized and currently in use, so I don't think this technique is currently viable in industry. In highly controlled networks, like I assume classifed networks are, this may be useful.
At this stage you need to put tamper tape over all USB/SD/PC card/floppy slots AND regularly check them for tampering. Many states that use e-voting systems mandate the use of tamper tape per the Maryland guidance, but fall down on checking it. Poll judges should check the tamper tape every 2 hours at a minimum, and decommission any machine that shows any evidence of tampering.
If that was the reason, they would have done something much more subtle. This kind of action has a mushroom cloud attached, and any malfeasance will be exposed, real or perceived by anybody anywhere near this thing.
Also, everyone should know not to trust office furniture with anything valuable. I can pretty much guarantee that at least one of the drawers/closets/overhead bins of the cube you're in right now can be opened without a key and without leaving a mark. My admittedly anecdotal evidence shows that something can be opened by slipping, derailing, or forcing the clasp in every cube I've ever been in. And even if it isn't, those locks can be picked in less than a minute by anything with an opposable thumb, even using improvised picks.
Has there been any discussion about moving from the D20 system and the inherent flat probability distribution of rolls to a multi die system? This aspect of the D20 system has led me to avoid playing D&D after having played in systems (White wolf, ShadowRun, EarthDawn and GURPS) where character capabilities are somewhat more predictable; and bonuses are more effective at the margin than for unlikely rolls.
The wear issues originally faced by this tech seem to have been addressed (2mil hours MTBF and at least 5x the sector rewrites), and they have become big enough to do most stuff especially with the current availability of external storage. With a nameplate like Samsung behind it I'm willing to give it a spin.... or um, try:)
Now has anyone found any place to GET ONE? I've been looking and I can't even find a model/part number. WTF? Why can't I be the first one on my block to have a 0 spindle laptop? It's a conspiracy I tell you.
Perhaps this is their cunning plan to create the basis for a case they can win. "...and then the defendant posted libelous remarks in reference to my client on a website very widely read by both customers and potential employees."..."Well, your Honor, we know it was him because the details and timing of this incident make the defendant the only person for whom the details fit."..."Objection, the threat of a lawsuit is hearsay, there weren't any witnesses."
Ok a sample size of....(say it with me).....1 for each case. This obviously proves a point. Now I don't know, but are these two songs targeted at the same fan base? Are they of the same relative popularity? Could this meerly be an abberation? Tune in next year for the final conclusion of As The Dataset Turns.
Your anacdotal evidence does not work on me, Jedi.
The reason to use H2 is energy density, mass and refuel time. Of course using the electrical output is more efficient in an absolute sense. Coal is more efficient than gasoline, but it doesn't have the energy density. H2 is useful because we can use either fuel cells or Hydrogen internal combustion engines to replace the motors in modern cars. This is a more manageable change over for our economy/lifestyles, and doesn't require a major revamping of our road and highway infrastructures. There's no battery tech I know of that can match a combustible chemical fuel like H2, gasoline or diesel on all counts.
It's worth asking if producing H2 from fossil fuels is more efficient than burning them. Also if fossil fuels for H2 production require less refinement, it will still be a better use for the fossil fuels. What about H2 production from agriculturally produced biomass? Just because bio-diesel isn't efficient doesn't necessarily mean a bio-H2 process wouldn't be. I don't know, but I know I'm going to try to find out as we get closer to committing to these energy systems.
You should be setting yourself up as an IS manager. Your responsiblities are:
a) Budget management: requirements management, hardware replacement cycles, new system project planning and justification, risk management.
b) Project management: planning to meet the company's IS requirements, keeping those project schedules
c) Service offerings: being the point of contact for other divisions, facilitating the leverageing of IS resources for business needs
You need to set up a few new roles. While some of these overlap, and don't necessarily need seperate personel for each, they should all be covered.
1) Desktop support: user level support of hardware and software. 2) System/Enterprise support: Administration of anything that runs on a server. 3) System Engineering: New project development 4) Network operations: Planning and administering the network
It sounds to me like you need to hire two new guys:
Windows desktop/server admin: to take roles 1 and 2, around here (DC) $40-$50K yearly. Network/Systems engineer: to take care of roles 3 and 4, this one needs a decent networking background (CCNA w/ experience) and a fairly strong systems background. Around here I'd expect $70-$90K yearly.
You also asked how to get management buy in. Flesh out and work these points:
a) Risk management: creating things like network monitoring, and backup and recovery. b) Capability expansion: The great falacy of IT is that it saves money, it doesn't very often. IT adds capability, and I'm sure that your business has at least a few things that are bottlenecking the rest of the works.
What's the market like where you're at? If you're in DC and have a clearance, I'd say yeah, good call. If you're in Boston or SF, and have a weak resume, I'd say you just stepped in it.
I start looking at spliting when the work conditions (commute, boss, project, co-workers, whatever) start making it so I can't hold myself to my personal standards.
Slashdot Mirror
For some things that might be possible, it might even be cool if that mechanic were used with a motion controller. I think that it might be harder to come up with a good way to quantify high skill in non-melee classes though.
Having been a dedicated healer in a few MMOs, the skill lies in resource management at least as much as just keeping people up. Letting a tank get down to 10% health (assuming it wasn't a 1 hit) is a sign of failure, running out of power is a sign of failure, in a bad situation, wasting power on healing the wrong guy is a sign of failure.
The AC has a very good list, I'll see if I can add anything to it.
Network diagrams should be at a network, physical and datalink layers. Only the simplest networks can have all this information on a single diagram and have it be useful. Seperate the network drawing from the datalink and physical drawings as requred but be sure to leave enough detail to connect the drawings (Visio has a nice linking feature for this). Also keep a spreadsheet or database of assigned networks, IP ranges, and assigned static IPs, including a responsible POC for each entry. Also, a spreadsheet of all infrastructure devices with model and options documented along with firmware versions, and support contract information. All ports should have a description entry for what it connects to, and the project/request/change identifier that created the connection.
System documentation starts with the system name, project, admin, data owner, system specs, OS and application software name/vendor/version information, as well as support contracft information. Then comes backup and recovery procedures. After that you have the build procedure, including all configuration changes, and scripts. Also include any system standards i.e. all sofware added is in /opt or D:, all scheduled scripts send output to admin-report mail list, all tape drives are DLT. Supplement with the afore mentioned RCA documents.
Domain/authentication system documentation should include a description behind the premission model and standard premission and logging settings for all systems related. There should be procedures for credential and access changes that are documented and understood by everyone with administrative privilege. All systems should be build to not share credentials, and imperitive credetials should be in a sealed, tamper evident envelope in a secure location (a safe typlically). Things like root and domain admin passwords can be made by 2 or more people and added to the envelope, so no person can make changes without an audit trail.
Databases should have all the system documentation along with schema information, connection parameters, and roll back procedures. Any configuration made for logging transaction logging should be docuemntated and scripted where possible (anyone who has had to custom roll persistent trace logging for MSSQL databases will empathize).
Logging and managment systems should have procedures for adding new systems and new metrics. Managed systems should be baselined, using system thresholds where possible.
Patching and patch testing should have procedures and deployment schedules (i.e. MS patch Tuesday patches should be full deployed within X days/hours of release, Sun patches will be applied to the dev environment within 24 hours of release and deployed to production after 7 days etc.)
Whenever possible use a central system for this information. A Sharepoint, Zope/Plone, or even a wiki can make the information accessible. If the support folks use the docuemntation, it will be maintained. If nobody uses it, no procedures mandate it, it will die. If you have a change management system that enforces documentation updates then people will use what you've done for years to come.
The point about hoarding is a big one. The amount of address space held by US governement entiies ie huge. I've worked with/in several .gov networks and the address allocation in most can chartiably called ineffecient. There are networks of 25K - 50K hosts that use multiple class B and class C allocations, with everything using routable IP addresses, regardless of need.
IPv6 will create some serious growing pains. We have more 20 years of the world wide web and IPv4 w/VLSM experience as an industry. There's a number of things we take for granted in the conventions, and even the protocols that IPv6 can put into question.
I thought I saw this kind of thing at Blackhat US 2006, as a browser expliot.
The difference is that it's "weaponized" now. We start patching, tracking and working on sigs when an expliot comes out, but the risk level really goes up when the threat is in the wild, and again when the expliot is packaged. I'm actually suprised that it's not a multi-vector threat, using maybe a spam or lured browser propagation. That would give the worm access to the protected interface.
Defecit spending should only be done for things that a) you would be doing anyway, or b) that have long term value. Stimulus money should only go to projects that have a effect on the way .gov does business, like Apache, Sendmail, Bind, Snort, Linux, NMAP, Wireshark and possibly Mozilla, Python, Debian and Postgres. Other efforts like giving money to OVDB to develop as an augmentation of the NVD system, which has a horrible tendancy to not contain enough information, would also be a good investment.
Hostfiles are a point solution, a DHTML pop-in block script works even if the source domain is different, without any further analysis.
I find Flashblock works pretty well for me. I agree about NoScript, but Flashblock is a must have for me.
Check out http://dhtmlpopups.webarticles.org/ for a quick set of examples of these.
It looks like a bit of experimentation could yeild a reasonably reliable greasemonkey script to kill these when not click initated.
Isn't IRC multiplayer notepad?
Dan Kaminsky's Blackhat US 2006 and 2007 talks (as I recall) metioned using techniques similar to this to detect protocol based bandwidth throttling, and used it to detect P2P traffic shaping. I would personlly say that this would work to detect a layer 2 man in the middle attack using something like ettercap. Or as Dan said, to detect some kind of inline intercept box on the network. In order to do that, you'd need to hoave a pretty good idea what the latency nubers should be to start with. In my experience, most networks of any size (1000+ users) couldn't even tell you if every SPAN port on there network was authorized and currently in use, so I don't think this technique is currently viable in industry. In highly controlled networks, like I assume classifed networks are, this may be useful.
Can this thing install if you have already loaded Greasemonkey?
Don't forget lsof does network ports too.
lsof -i
This lists the process, port and owner of all your current network sockets.
FreeDOS is out there, and really quick as I recall. It depends on what you're doing, but lots of little stuff still complies and runs on DOS systems.
At this stage you need to put tamper tape over all USB/SD/PC card/floppy slots AND regularly check them for tampering. Many states that use e-voting systems mandate the use of tamper tape per the Maryland guidance, but fall down on checking it. Poll judges should check the tamper tape every 2 hours at a minimum, and decommission any machine that shows any evidence of tampering.
If that was the reason, they would have done something much more subtle. This kind of action has a mushroom cloud attached, and any malfeasance will be exposed, real or perceived by anybody anywhere near this thing.
Also, everyone should know not to trust office furniture with anything valuable. I can pretty much guarantee that at least one of the drawers/closets/overhead bins of the cube you're in right now can be opened without a key and without leaving a mark. My admittedly anecdotal evidence shows that something can be opened by slipping, derailing, or forcing the clasp in every cube I've ever been in. And even if it isn't, those locks can be picked in less than a minute by anything with an opposable thumb, even using improvised picks.
Has there been any discussion about moving from the D20 system and the inherent flat probability distribution of rolls to a multi die system? This aspect of the D20 system has led me to avoid playing D&D after having played in systems (White wolf, ShadowRun, EarthDawn and GURPS) where character capabilities are somewhat more predictable; and bonuses are more effective at the margin than for unlikely rolls.
The wear issues originally faced by this tech seem to have been addressed (2mil hours MTBF and at least 5x the sector rewrites), and they have become big enough to do most stuff especially with the current availability of external storage. With a nameplate like Samsung behind it I'm willing to give it a spin.... or um, try :)
Now has anyone found any place to GET ONE? I've been looking and I can't even find a model/part number. WTF? Why can't I be the first one on my block to have a 0 spindle laptop? It's a conspiracy I tell you.
Perhaps this is their cunning plan to create the basis for a case they can win. "...and then the defendant posted libelous remarks in reference to my client on a website very widely read by both customers and potential employees." ..."Well, your Honor, we know it was him because the details and timing of this incident make the defendant the only person for whom the details fit." ..."Objection, the threat of a lawsuit is hearsay, there weren't any witnesses."
Maybe I'm just a little paranoid.
Destroy All Humans, violent? yes, but still funny.
Ok a sample size of ....(say it with me).....1 for each case. This obviously proves a point. Now I don't know, but are these two songs targeted at the same fan base? Are they of the same relative popularity? Could this meerly be an abberation? Tune in next year for the final conclusion of As The Dataset Turns.
Your anacdotal evidence does not work on me, Jedi.
The reason to use H2 is energy density, mass and refuel time. Of course using the electrical output is more efficient in an absolute sense. Coal is more efficient than gasoline, but it doesn't have the energy density. H2 is useful because we can use either fuel cells or Hydrogen internal combustion engines to replace the motors in modern cars. This is a more manageable change over for our economy/lifestyles, and doesn't require a major revamping of our road and highway infrastructures. There's no battery tech I know of that can match a combustible chemical fuel like H2, gasoline or diesel on all counts.
It's worth asking if producing H2 from fossil fuels is more efficient than burning them. Also if fossil fuels for H2 production require less refinement, it will still be a better use for the fossil fuels. What about H2 production from agriculturally produced biomass? Just because bio-diesel isn't efficient doesn't necessarily mean a bio-H2 process wouldn't be. I don't know, but I know I'm going to try to find out as we get closer to committing to these energy systems.
You should be setting yourself up as an IS manager. Your responsiblities are:
a) Budget management: requirements management, hardware replacement cycles, new system project planning and justification, risk management.
b) Project management: planning to meet the company's IS requirements, keeping those project schedules
c) Service offerings: being the point of contact for other divisions, facilitating the leverageing of IS resources for business needs
You need to set up a few new roles. While some of these overlap, and don't necessarily need seperate personel for each, they should all be covered.
1) Desktop support: user level support of hardware and software.
2) System/Enterprise support: Administration of anything that runs on a server.
3) System Engineering: New project development
4) Network operations: Planning and administering the network
It sounds to me like you need to hire two new guys:
Windows desktop/server admin: to take roles 1 and 2, around here (DC) $40-$50K yearly.
Network/Systems engineer: to take care of roles 3 and 4, this one needs a decent networking background (CCNA w/ experience) and a fairly strong systems background. Around here I'd expect $70-$90K yearly.
You also asked how to get management buy in. Flesh out and work these points:
a) Risk management: creating things like network monitoring, and backup and recovery.
b) Capability expansion: The great falacy of IT is that it saves money, it doesn't very often. IT adds capability, and I'm sure that your business has at least a few things that are bottlenecking the rest of the works.
You have a lot of work ahead of you, good luck.
I for one welcome our new rodent overlords.
Somebody else is claiming credit for the POS that is iTunes UI? If it were me, I'd pay apple not to release the information.
What's the market like where you're at? If you're in DC and have a clearance, I'd say yeah, good call. If you're in Boston or SF, and have a weak resume, I'd say you just stepped in it.
I start looking at spliting when the work conditions (commute, boss, project, co-workers, whatever) start making it so I can't hold myself to my personal standards.