Since the wind can be more than 3 times as fast at the top of such a fan as at the bottom this is a real problem.
If that's the case, why not build taller towers or blade assemblies that don't swoop down so low; something like a manual lawn mower cutting wheel.
That, and figuring out where birds tend to fly could increase effeciency and decrease bird casualties. (Unless both would want/work best in the same exact spot of highest wind velocity.)
While I agree with your comments, there is one that I think you should strongly reconsider.
6. Never put a machine on public-addressable IP space unless it's a public server. Use a DSL/cable switch and put your systems on a VPN on the other side of a hardware firewall that filters out all non-essential traffic.
Point 6 is not necessary as long as you use a firewall.
#6 is actually the most important one; it's part of paramiter defense and lan design (router/VLAN level not server level).
The job of a firewall isn't to block ports -- hell, unplug the cable if you want to block ports -- the job of a firewall is to allow access.
If the systems don't absolutely require access to the internet or any other bubble (VLAN primarily) not allowing access by default is a much simpler solution and can lower the load on your firewall (if firewalls are even needed where they are currently deployed).
I was just over at a friend's place and made the pitch for FF... The response I got? "But I LIKE Internet Explorer". Touch pitch. She liked clicking on the blue "e" to surf the web instead of that strange FF logo.
I'll put it another way: I'm a Windows user. I have several machines I have to take care of. I don't have problems with exploits trojans or spyware. Once in a great while something will come along. I take care of it, bfd. I spent more time building the ill-fated Linux/Apache server than I have in a year of maintaining exploit-related Windows problems.
I agree and understand what you say including this part -- My only real point is that you have to be vigilant either way. Whatever system I set up -- Windows or any *nix variety -- the rules are basically the same; keep it simple (remove everything that is not necessary) and check your work (nessus and nmap for external scans...other tools for the less important local scans). Automate what you can.
As a comparison, it took me 3 days solid to figure out Windows XP gaps and holes and plug them -- even after having experience with all versions of Windows in the past and securing everything from W98 through the NT/2000 line. Now I can secure a system in about a day with no tools. I spent weeks learning Linux security, though I can secure Linux in a matter of a couple hours with no tools.
I've found that Windows is as difficult to secure completely as any *nix system; by default more moles are poking up on the Windows systems and need to be whacked down.
Great list. I agree with everything except '99% of security issues are inside jobs'.
All the reports I've read have pegged it at a 50/50 split...though I'd guess it is more like 80 inside / 20 outside (corporate) and 20 inside / 80 outside (home use). Not that we're making up statistics, though!
...keeping my systems as simple as possible (from apps to services) and following my own advice on firewalls (see signature).
If you add complexity to deal with complexity you are introducing additional vectors for even more security problems. (One example: trusting that a virus detector is working because it says 'everything is fine'...only to find out later that the last virus through disabled the virus detector so it would always report 'everything is fine'.)
That should sound silly...and it is. If they are claiming something, they have proof...asking for it is a normal thing to do. Rolling over without proof is a bad idea.
Additionally, once you know what the patent is, you can research it (it may not be active anymore), dispute it, or re-write your code to avoid it (if possible). This last suggestion is the main thing that Linux kernel developers would be glad to do in the SCO case...but SCO also hasn't said what the code is or what is being violated! Hmmm...
why not just firewall the classroom to hell and back, do they _need_ to get on the internet?
If they don't need to get to the internet, the router only needs to be configured to not route packets outside the local lan. A firewall is the wrong tool. (I doubt that internet access is something that they want to block, though.)
How about a software firewall like zonealarm that would block chatzilla from accessing the Internet.
If he has control over the local systems, it's better to lock them down instead of tweaking firewall settings. One reason (of many): By allowing the program to be installed, the users may be motivated to 'get it to work', possibly breaking other security settings in the process.
(From memory...please take this for what it's worth! I'll guess that the user accounts are 'limited' and not admin. If not, try that first!)
If you know how permissions work, you can lock down any resource.
Walkthrough:
Use an account with the same privilidges as a normal user.
Grab two sample systems that have Firefox installed but not the extention.
On the first one, backup the user and program directories.
Install the extention.
Take note of every resource (file and directory) that has changed.
On the second system, login as admin and turn off the execute and write permissions on those resources.
Change the ownership on the resources to another account. Note that you may have to make the resource readable by the user account(s).
Logout from the admin account and try to install the extention on the second system. It should not install.
Consider putting these changes in as part of a login script till you roll out a new system image.
These are general guidelines only. Keep in mind that you will probably have to change some settings to get everything to work properly -- such as making some of the resources readable by normal user accounts.
When done, clean up; make sure to remove the local test user account files and Firefox after you have something that works. Chances are, the test systems will have some crud left behind that you think isn't important -- but may prompt another support call.
"It's simpler than you might think. All compliant notes bear a pattern of five tiny circles. On the Euro, the circles appear in a constellation of stars; on the British £20 note, they're disguised as musical notation. On the new $US20 note, the pattern is hidden in the zeros of a repeated background pattern of the number 20. Imaging software or devices detect the pattern and won't play ball."
If that's the case -- and even if the specific detail of the 5 dots is in error -- I don't see this thwarting counterfitters much. Yes, casual copiers or someone who wants to have a $$$ design for a wallpaper or brochure will be puzzled.
One idea that comes immediately to mind is to copy overlapping sections of a bill and piece the parts together. This could be found by trial and error, so it's no big deal!
OK, that's too harsh. Maybe these issues are gone with 1.5?
Complaints;
Must jump through hoops to at sun.com and add on other supporting tools as a seperate step to get it to work in the browser and at the shell prompt.
Manual dinking with scripts to run java apps; many requiring specific options. Should be seamless.
Version conflicts; one app requires 1.3.x, another 1.4. Java doesn't deal with the version dependencies automatically.
While these are minor annoyances, they prevent me from relying on Java being there on client systems or other servers, so I don't even put Java on unless it is necessary.
So which of your coder and tech business people are "in charge of a engineering business"?
Are you asking for names, a stack of resumes, or a discription of what they do exactly? (I'm not going to go through the trouble...unless you've got work for them (USA, DC - Baltimore coridor mainly; a couple will travel if worth it though most don't want to and none need to!).
John Kerry is a liar, denying that is fine, so long as you are willing to believe that hundreds of other people have been conspiring for 30+ years to make Kerry look like a liar, and some of those people are Doug Brinkley, a Congressional Stenographer and people he quoted for his testimony in 1971.
1971. Would that be before or after G. W. Bush was arrested for drunk driving?
It's amazing to me that one man can be forgiven while the other is dragged over the coals -- both for events that happend 30 years ago.
I hate hitler. If I was to point out some of his crimes would you just brush them off saying I am just some "political ideologue, with an anti-hitler paranoia".
HP also released substantial chunks of OSS to support printers. HP printers, for sure, though the code can be reused for other printers if anyone cared to do so.
This is why you don't put buisness and liberal arts majors in charge of an engineering company. They don't understand the buisness. So they turn it into something they do know- they move to compete in low margin commodity and consumer electronics markets like Carly has done.
Some of the best coders and tech business people I've ever delt with were liberal arts majors. Grind your axe on another stone.
When I've presented choices like: with ProductA, I can do this in a day. If I use ProductB, it will take me a week to do the same thing. I have yet to be told to use ProductB unless ProductA costs significantly more than my paycheck to cover the time difference, and that's only for a one-off job. If it's something that I do repetitively, it's pretty easy to guess which one I'll get unless it is *really* a huge price difference.
It slowed down Microsoft's monopoly engine long enough for Linux to rise, Apple to recover and release a very successful new OS and for groups like Mozilla to start fighting against Microsoft.
Linux -- or more importantly open source -- did not need the DOJ's anti-trust trial against Microsoft to protect it from mortal distruction.
Having the trial did help prevent some dammage. The smaller cases where Microsoft was not allowed to gobble up other companies (Intuit) were much more important. The efforts and new companies that have risen under the OSS model have strength themselves -- though not in the way that Microsoft did from the mid-80s to around 2000.
While I do not think that Microsoft should go unchecked, I do think that whatever Microsoft does can not prevent what is happening already.
Microsoft, like Rome, didn't build their Empire in a day, and thus we won't dismantle it in a day. It'll take several more years of whittling away at them on multiple fronts. We just have to learn from history and be more civilized and cooperative if we win, than the barbarians were when they took down the Roman Empire.
Microsoft isn't a failing Roman empire; they aren't going away or even shrinking. They have become an institution with a low price point, though, in a market that no longer gets premium rates; they under bid competitors, are getting under bid themselves, and are looking to scavenge sales from former business partners on all levels.
match.com tip -- Sign up for free...and cancel...
on
Online Dating Advice?
·
· Score: 1
They'll drop the rate substantially if you quit. Don't take the first dip, wait for the second one.
Keep in mind that they don't want you to quit even if you use the free account and do not use the service anymore. Any numbers look good. Formally removing yourself can be a bit of a pain. Google for directions on what you have to do.
(You pay them because you can look but not contact anyone unless you subscribe.)
jdate.com is 'j' as in 'Jewish'. If you're not, that service might not accept you. If you are, it could be quite good since you'd have something to talk about right away...even if you're not too interested in religon.
Slashdot Mirror
If that's the case, why not build taller towers or blade assemblies that don't swoop down so low; something like a manual lawn mower cutting wheel.
That, and figuring out where birds tend to fly could increase effeciency and decrease bird casualties. (Unless both would want/work best in the same exact spot of highest wind velocity.)
#6 is actually the most important one; it's part of paramiter defense and lan design (router/VLAN level not server level).
The job of a firewall isn't to block ports -- hell, unplug the cable if you want to block ports -- the job of a firewall is to allow access.
If the systems don't absolutely require access to the internet or any other bubble (VLAN primarily) not allowing access by default is a much simpler solution and can lower the load on your firewall (if firewalls are even needed where they are currently deployed).
Change FF's icon?
I agree and understand what you say including this part -- My only real point is that you have to be vigilant either way. Whatever system I set up -- Windows or any *nix variety -- the rules are basically the same; keep it simple (remove everything that is not necessary) and check your work (nessus and nmap for external scans...other tools for the less important local scans). Automate what you can.
As a comparison, it took me 3 days solid to figure out Windows XP gaps and holes and plug them -- even after having experience with all versions of Windows in the past and securing everything from W98 through the NT/2000 line. Now I can secure a system in about a day with no tools. I spent weeks learning Linux security, though I can secure Linux in a matter of a couple hours with no tools.
I've found that Windows is as difficult to secure completely as any *nix system; by default more moles are poking up on the Windows systems and need to be whacked down.
All the reports I've read have pegged it at a 50/50 split...though I'd guess it is more like 80 inside / 20 outside (corporate) and 20 inside / 80 outside (home use). Not that we're making up statistics, though!
If you add complexity to deal with complexity you are introducing additional vectors for even more security problems. (One example: trusting that a virus detector is working because it says 'everything is fine'...only to find out later that the last virus through disabled the virus detector so it would always report 'everything is fine'.)
That should sound silly...and it is. If they are claiming something, they have proof...asking for it is a normal thing to do. Rolling over without proof is a bad idea.
Additionally, once you know what the patent is, you can research it (it may not be active anymore), dispute it, or re-write your code to avoid it (if possible). This last suggestion is the main thing that Linux kernel developers would be glad to do in the SCO case...but SCO also hasn't said what the code is or what is being violated! Hmmm...
If they don't need to get to the internet, the router only needs to be configured to not route packets outside the local lan. A firewall is the wrong tool. (I doubt that internet access is something that they want to block, though.)
Good idea! Might be a way to do that in the about:config, though to be honest I haven't looked there.
If he has control over the local systems, it's better to lock them down instead of tweaking firewall settings. One reason (of many): By allowing the program to be installed, the users may be motivated to 'get it to work', possibly breaking other security settings in the process.
If you know how permissions work, you can lock down any resource.
Walkthrough:
These are general guidelines only. Keep in mind that you will probably have to change some settings to get everything to work properly -- such as making some of the resources readable by normal user accounts.
When done, clean up; make sure to remove the local test user account files and Firefox after you have something that works. Chances are, the test systems will have some crud left behind that you think isn't important -- but may prompt another support call.
If that's the case -- and even if the specific detail of the 5 dots is in error -- I don't see this thwarting counterfitters much. Yes, casual copiers or someone who wants to have a $$$ design for a wallpaper or brochure will be puzzled.
One idea that comes immediately to mind is to copy overlapping sections of a bill and piece the parts together. This could be found by trial and error, so it's no big deal!
Complaints;
While these are minor annoyances, they prevent me from relying on Java being there on client systems or other servers, so I don't even put Java on unless it is necessary.
Are you asking for names, a stack of resumes, or a discription of what they do exactly? (I'm not going to go through the trouble...unless you've got work for them (USA, DC - Baltimore coridor mainly; a couple will travel if worth it though most don't want to and none need to!).
1971. Would that be before or after G. W. Bush was arrested for drunk driving?
It's amazing to me that one man can be forgiven while the other is dragged over the coals -- both for events that happend 30 years ago.
No, I'd point to this and let you figure it out. :}
HP also released substantial chunks of OSS to support printers. HP printers, for sure, though the code can be reused for other printers if anyone cared to do so.
Some of the best coders and tech business people I've ever delt with were liberal arts majors. Grind your axe on another stone.
OK. Sounds reasonable.
Am I missing something?
Linux -- or more importantly open source -- did not need the DOJ's anti-trust trial against Microsoft to protect it from mortal distruction.
Having the trial did help prevent some dammage. The smaller cases where Microsoft was not allowed to gobble up other companies (Intuit) were much more important. The efforts and new companies that have risen under the OSS model have strength themselves -- though not in the way that Microsoft did from the mid-80s to around 2000.
While I do not think that Microsoft should go unchecked, I do think that whatever Microsoft does can not prevent what is happening already.
Microsoft isn't a failing Roman empire; they aren't going away or even shrinking. They have become an institution with a low price point, though, in a market that no longer gets premium rates; they under bid competitors, are getting under bid themselves, and are looking to scavenge sales from former business partners on all levels.
As I'm not a Photoshop nut, I have no idea what the differences are between Photoshop under Windows and Photoshop under Linux + Wine.
If he's like some of the Disney anamators, the rest of his tools might be on Linux...so why have a whole other computer or a VM just for 1 program?
CEOs and CIOs don't care about usability beyond 'can we use it to do our jobs?' The other points the paper does cover answer that question.
What tools to use has a personal impact. It doesn't necessarily support the work being performed cross the company. (Photoshop, while not OSS, does run under Linux with Wine -- if not perfectly.)
Keep in mind that they don't want you to quit even if you use the free account and do not use the service anymore. Any numbers look good. Formally removing yourself can be a bit of a pain. Google for directions on what you have to do.
(You pay them because you can look but not contact anyone unless you subscribe.)
jdate.com is 'j' as in 'Jewish'. If you're not, that service might not accept you. If you are, it could be quite good since you'd have something to talk about right away...even if you're not too interested in religon.