but those aren't the sort of innovations that the average person understands or cares about.
anyone from a grandma to a ceo could look at an ipod and thing "wow, that's pretty/cool/sleek/whatever", but they aren't going to do that with apache 2.2.345
it's a matter of what arena are you comparing in? if you are comparing backend innovations it's a whole different set of applications than if you are comparing end user excitement.
apple builds a culture of cool, cutting edge people with their sexy laptops and fluid desktops.
linux has a culture of hackers.
windows... um... has the same culture that makes walmart and mcdonalds run.
why my opinion matters: i have actually used this software as an end user. i have no affiliation with pgp corp. i just got a beta download and a manual, and sorted it out on my own.
let me try to describe how it works. i'm no expert, but i think that might be a good thing in this context.
say you and i are on the same mail server, using the pgpu proxy. i send you a mail. the server says "hey, me@domain.com has no keypair". "me" has authenticated to the smtp server to send the mail, so we're going to trust "me" and generate a key pair. another will be generated for "you". when "you" check mail, it trusts you based on the imap authentication, and decrypts the mail. ultimately, the "passphrase" on the keys is the imap/smtp authentication.
this gets you encryption that took 0 effort on the users' parts, no effort on the part of the administrators beyond the initial server setup.
the user can't forget to encrypt.
you are no less secure than before, as you are still trusting based on imap/smtp authentication. but now the messages are stored encrypted on your normal mail server.
should your server get rooted, the messages aren't readable.
or if an it person with root on the mail server decides to poke at the ceo's mail, it won't be as easy (especially if that person isn't an admin on the pgpu machine).
since this is just a proxy, it can be dropped in seamlessly with a simple dns change, so you don't need to change your clients. assuming they are all using SSL already, you're done. if they aren't on ssl, there is a windows client that can be installed via active directory that will secure the desktop -> server connection. or you can just tick the "use ssl" box in any decent mailer. since it is a standard protocol, the client app doesn't matter, leaving you free to use mac/windows/linux/whatever. in my testing, the clients were macs running apple's mail.app.
it took me about 20 minutes to get it set up and working in the lab for internal mail encryption/signing. that includes installing the software.
the installer is an appliance type thing: boot off the cd, install, reboot, you're done.
regarding the keys all in one basket, there is a backup facility built in to the software to make sure you have your keys in the event of a failure.
i haven't done anything with sending mail to external users (outside of your company), so i can't say anything for/against it).
all in all, i think it's a pretty neat product. i actually don't know a thing about the pricing, but it brings value for a low admin overhead.
I use more than that. Ever do any video editing? I've got one project going right now that is taking up almost 30 gig. And that's _just_ that project, and I'm pretty much a "well armed novice" (lots of tools, little skill).
People I know that do "real" video and audio work chew through space like mad.
i filled out a form for some headhunter that was looking for a linux sysadmin... i sent the resume as a plain text attachment. i figured linux job, text is same. the hunter replied, and actually said that they would need it in word format, as they couldn't open the format i had sent it in.
true... it should have a "not afflilated with..." disclaimer. also, not usung the RH box image would have been good. a generic linux item (everyone's favorite penguin) would have caused much less trouble.
ouch. i tried that on a dual 233 (p5) w/ 128 megs of ram and it ate the machine resources right nicely. i didn't even get through the compile... i aborted it and went more conservative, j4 maybe.
the impression i got was that the Changes doc was saying that if you have libc5, it needs to be this version, or if you are using libc6, it needs to be this one...
Slashdot Mirror
probably just because not many people download it from apple.
i know i've downloaded it at least a dozen different times.
how could you be upset? apple is the first to market with a twelve foot display! let's see sony beat that!
comes with a free iCart to haul it around on.
but those aren't the sort of innovations that the average person understands or cares about.
anyone from a grandma to a ceo could look at an ipod and thing "wow, that's pretty/cool/sleek/whatever", but they aren't going to do that with apache 2.2.345
it's a matter of what arena are you comparing in? if you are comparing backend innovations it's a whole different set of applications than if you are comparing end user excitement.
apple builds a culture of cool, cutting edge people with their sexy laptops and fluid desktops.
linux has a culture of hackers.
windows... um... has the same culture that makes walmart and mcdonalds run.
why my opinion matters: i have actually used this software as an end user. i have no affiliation with pgp corp. i just got a beta download and a manual, and sorted it out on my own.
let me try to describe how it works. i'm no expert, but i think that might be a good thing in this context.
say you and i are on the same mail server, using the pgpu proxy. i send you a mail. the server says "hey, me@domain.com has no keypair". "me" has authenticated to the smtp server to send the mail, so we're going to trust "me" and generate a key pair. another will be generated for "you". when "you" check mail, it trusts you based on the imap authentication, and decrypts the mail. ultimately, the "passphrase" on the keys is the imap/smtp authentication.
this gets you encryption that took 0 effort on the users' parts, no effort on the part of the administrators beyond the initial server setup.
the user can't forget to encrypt.
you are no less secure than before, as you are still trusting based on imap/smtp authentication. but now the messages are stored encrypted on your normal mail server.
should your server get rooted, the messages aren't readable.
or if an it person with root on the mail server decides to poke at the ceo's mail, it won't be as easy (especially if that person isn't an admin on the pgpu machine).
since this is just a proxy, it can be dropped in seamlessly with a simple dns change, so you don't need to change your clients. assuming they are all using SSL already, you're done. if they aren't on ssl, there is a windows client that can be installed via active directory that will secure the desktop -> server connection. or you can just tick the "use ssl" box in any decent mailer. since it is a standard protocol, the client app doesn't matter, leaving you free to use mac/windows/linux/whatever. in my testing, the clients were macs running apple's mail.app.
it took me about 20 minutes to get it set up and working in the lab for internal mail encryption/signing. that includes installing the software.
the installer is an appliance type thing: boot off the cd, install, reboot, you're done.
regarding the keys all in one basket, there is a backup facility built in to the software to make sure you have your keys in the event of a failure.
i haven't done anything with sending mail to external users (outside of your company), so i can't say anything for/against it).
all in all, i think it's a pretty neat product. i actually don't know a thing about the pricing, but it brings value for a low admin overhead.
I use more than that. Ever do any video editing? I've got one project going right now that is taking up almost 30 gig. And that's _just_ that project, and I'm pretty much a "well armed novice" (lots of tools, little skill).
People I know that do "real" video and audio work chew through space like mad.
But Serial and Parallel are gradually fading away (some PCs don't have them, others are calling them "legacy devices", macs don't use them).
DVI is becoming more common. USB keyboards and mice more common.
IDE really hasn't had much other than speed boosts.
i filled out a form for some headhunter that was looking for a linux sysadmin... i sent the resume
as a plain text attachment. i figured linux job, text is same. the hunter replied, and actually said that they would need it in word format, as they couldn't open the format i had sent it in.
!?!?!?
brian
YES!
new york i can do. i'd like to see boston happen, but the prospect of taking off to nyc for a few days is better than dc or california...
happy me
true... it should have a "not afflilated with..."
disclaimer. also, not usung the RH box image would have been good. a generic linux item (everyone's favorite penguin) would have caused much less trouble.
I wouldn't base a purchase on it, but in light of the "other ad" that is going around, i find it pretty amusing.
:)
i'd actually like to get a scan of the poster even. maybe i'm just a pervert though
i threw win98 onto aspare hardrive and booted that
:)
just to see if there was a noticable difference.
the mpeg version worked fine for me
but i would definitely like to see quicktime on linux...
brian
ouch. i tried that on a dual 233 (p5) w/ 128 megs of ram and it ate the machine resources right nicely. i didn't even get through the compile... i aborted it and went more conservative, j4 maybe.
bunicula
It really depends on your uses. I have a dual 233MMX and a pII 350. the dual 233 compiles 2.2.2 in 12ish minutes. the 350 in 6ish minutes.
:)
the only time i've really seen the dual system shine is on the rc5des client
these are home machines, so they are very low volume. max users on the dual 233 is usually around 5
bunicula
the impression i got was that the Changes doc
was saying that if you have libc5, it needs to be this version, or if you are using libc6, it needs to be this one...
brian