Bill Gates called it, way back in 2004. And Bill Gates is never wrong about ANYTHING. So it's pretty obvious that whatever we've all been receiving in our inboxes since 2006 that looks like spam isn't. Probably, we're all just overwhelmed by all of the legitimate emails we're getting from our many, many friends nowadays, who really are just trying to tell us about some aweS0me dea1z on r0lexxes, and we just can't decide which of the incredible bargains to choose from. And it's actually Google and Yahoo's fault for not having deprecated their spam filters, even though spam now is a thing of the past (trying to make MS look bad, of course). So they keep catching your friends' emails as spam. But it can't be spam, because it's 2010 already. And Bill Gates said.
And as long as you've got users who'll click on random executables and use their kid's name as a password and share their credentials with someone else, encryption isn't really going to get you very far.
You went from the above in your original post, to whistleblower employees playing Spy vs. Spy in your latest. I humored your first reply by pointing out ways that you can actually layer your security to prevent most data protection breaches, instead of resigning yourself to the fact that users prefer to make their passwords "password", and it's not like there's anything you can do about that... But come on, you're kind of changing the subject here... I specifically said that nothing is 100% effective. I realize that cognitive marvels can memorize things. Or write them down on a notepad. I wasn't talking about that, but then neither were you initially.
Whether you want to acknowledge it or not, in many, many cases and environments, the weakest link is absolutely the sysadmin, who throws up his hands in the midst of his end-users, and does nothing. Rather than the end-users themselves, the vast majority of whom are more likely to click on a random executable than to want to sell the secret formula of New Coke to the highest bidder.
And implementing all sorts of high-tech security isn't going to make it any harder to exploit that weakest link.
I couldn't disagree with you more. Most of the point of IT security is to make it harder for anyone to exploit the user, that user included... so hard that it isn't worth the effort.
If the sysadmin fails to implement counter-measures, it's he who is the weakest link. Because whatever its true effectiveness is, there's ALWAYS a counter-measure. I can think of an industry-standard counter to every single scenario you and others have alluded to here; you had to downshift into a pretty specific hypothetical about someone who willfully chooses to leak data, in order to support your original assertion. It doesn't make it any less misguided to let the sysadmin asleep in the corner off the hook.
No measure or countermeasure is ever 100%, but in your disgruntled employee scenario, if you know what the confidential information is, you could use some mix of Rights Management Software... as well as the blocking of file types (say,.png,.jpg,.gif screenshots) from exiting the internal network... as well as preventing USB drive access, etc... and a lock on the computer case. So now the disgruntled employee would have to walk out the door with the computer in order to realistically take the confidential info with him/her. Again, it might not be 100%, but depending on how many 9's you need to put next to your certainty that no confidential data can leave the network, and how much the business is willing to pay to implement it, you can have a fair amount of data protection. You're definitely not helpless to the whims and malice of your users.
In a sense, though, the weakest link is actually the sysadmin, who isn't enforcing appropriate password complexity, length, age, etc... As well as, in a corporate context, not locking-down the network and machine and user profile, so that keylogging executables aren't so much of a problem. Even if the business and/or customers complain about "impact", there's always a way to win the argument for establishing and enforcing IT policies that make sense. You have to be willing to save users from themselves.
Quoting: "Internet service providers should have authority to block subscribers from sharing music and other files without permission of the copyright owner, the RIAA said."
I don't think highway operators in this country have ever been compelled or encouraged to stop grand theft auto, or interstate smuggling of stolen goods... Or that phone companies have been expected to prevent con artists from swindling people out of their money to buy "beach-side" Florida swamp land. Et cetera. This would appear to be unprecedented.
What exactly would need to be ripped out and replaced? Certainly not the physical layer, which deals in 1s and 0s. Nor the routers, which can route, for instance, IP and IPX. Nor hosts, which can have both an IPv4 and IPv6 address, and which also resolve, for example, DNS and WINS names. Protocols are deprecated as they outlive their usefulness. Hardly anything ever has to be ripped out to be replaced by something else.
And I don't like quoting numbers to several figures accurately...
Feel free not to quote numbers then, and just declare to everyone your "feelings" about things instead. And leave the numbers to people who are actually interested in facts and accuracy, not just in overstating those numbers to win arguments or make vague points about "oil-rich" countries, or Google, or whatever. I, for one, am definitely more interested in looking at the actual data than someone's exaggerated estimations of it. And I think I'm probably in good company on/. with such a disposition. But by all means, continue replying to posts with the hope of getting modded up as "interesting". As opposed to "informative". Which is different. As they say, it takes all kinds, the Datas, the Kirks, all welcome.:)
In the United States, almost 30% of the population has at a Bachelors degree or higher, and again that many have attended university but only have an associates degree or nothing...
Nowhere in the links provided is "almost 30%" a number. From the above wikipedia source, "The 2006 American Community Survey conducted by the United States Census Bureau found that 19.5 percent of the population had attended college but had no degree, 7.4 percent held an associate's degree, 17.1 percent held a bachelor's degree, and 9.9 percent held a graduate or professional degree." Even if you decide to sum bachelor's degrees and graduate or professional degrees (since it's entirely feasible that the Census Bureau considers the latter to be a subset of the former), you still come away with 27%. If the country had 300 million people as of 2006, you just overestimated by 9 million residents. And 23% (Arab states) versus 27% (US?) is a mere 4% difference.
I'm not entirely sure what the poster's point was in comparing somewhat inflated/rounded-up numbers of US college graduates with other global regions, and how that makes them dime-a-dozen or whatever, but the actual percentages sourced appear to be closer than they were editorialized to be, in any event.
In five or ten years, a fair guess is that virtually all music and movies will be purchased in various on-demand subscription models. It's what consumers want. The companies which understand this are going to thrive. The declines mentioned in the article only seem like industry-wide problems because some of the players still haven't figured it out, and would rather prosecute their customers than adapt to a permanently-changed economic landscape. These latter companies are not long for this world.
Yes, there will probably always be physical and "owned" media revenues of some kind (collector's editions, etc.). But I think the tech is very close to being able to deliver subscriber streams to the the home on a ubiquitous scale, with mobile devices not far behind. The price points are the only things somewhat remaining to be determined.
And what do you think the SUSClientID is based on, which causes it to be a duplicate in the WSUS database in the first place? It's the SID. The SUSClientID registry value doesn't exist until a computer is pointed at WSUS and made a WSUS client. WSUS bases the uniqueness of clients on the SID, because what else could it use, and why else would you ever have duplicate SUSClientID's if it weren't basing the initial database entry on the SID? Ipso facto, duplicate SIDs are the root cause of clients not appearing uniquely in WSUS.
But yes... for anyone who's taking their IT advice from/. posts... in a scenario in which two or more computers have identical SID's, even after you change those SIDs, if you've already introduced those computers to WSUS, you will still need to delete the SUSClientID and then run wuauclt.exe/resetauthorization/detectnow, and all will be well. Also, if you are one of these sysadmins who follows or has already followed the above steps, I applaud you for seeking to address the root cause of the problem, rather than just working around it. You will likely go far in your career with this approach. In fact, you're probably working a lot harder than some of your co-workers, and should talk to your boss about a raise.:)
Sysprep and NewSID are very different tools, which ultimately lead to very different conclusions for the machine(s) either are applied to. I've never used sysprep when NewSID would suffice.
I think retiring NewSID is shortsighted. As folks here have already indicated, WSUS is the prime example I can immediately point to. I'm sure there are others. Perhaps Russinovich has never worked with load-balanced servers built from the same clone/image/template, which end up in different WSUS groups (Night A versus Night B, and so on). But in the absence of NewSID or a replacement, the task of separating one from the other becomes a lot more of a challenge than it has to be. What a shame.
Google will solve all your problems. Anything Microsoft can get you to pay for, Google does better, and for free. Don't believe me? Try to pay Google for gmail. You can't, huh? They won't take your money! It's no good here!! Imagine that!!!
This is one of the more interesting aspects of the coming pay vs. free online news content issue. On the web, is it ethical for a newspaper to charge for reposted/reprinted AP and Reuters articles, while those original sources continue to offer their articles for free? Because at that point, are you paying the newspaper for the content, or the hosting of the content?
Another aspect is advertising. Since - despite all appearances to the contrary - newspapers are still in business to make money, are they going to expect paying online subscribers to click-through and suffer with various ads, and justify it by saying that they have ads in their print editions as well, and that it "keeps costs down"?
We keep hearing that the papers can't survive on web ads. Yet they persist, and grow more annoying and absurd in their iterations. Perhaps it's the papers' plan is for us to pay them just to make the ads go away.:)
Bottom line, though, I think the papers are going to want to have it both ways.
I bet the sister in "Twilight Zone: The Movie", for one, would've been able to appreciate having both a mouth and an unlimited text and data plan on her 3G iPhone. Kids today really do take everything for granted.
That's the thing with California community colleges, many of them are part of the larger public education system. In LA, at least, they just RAISED the tuition fee to $26/unit.
Thus, in comparison, $99/mo is no bargain for Californians. Plus, the idea of being able to take as many classes as you want may sound great, but students can quickly get themselves into trouble with their GPA's (not to mention their jobs and even their personal lives) by overextending themselves with their course loads. There's a reason why most CC's cap enrollment at 15 units, and why students have to get special permission to take any more. I think 18 units is the maximum I've heard among fellow students... And by the end of the semester, their heads looked like they were about to explode.
I look forward to seeing your future post, in which you include all of the "non-slanted" investigative reports you're basing your own comments on, which show that the majority (meaning >= 50.1%) of factory farms do NOT actually employ horrific and inhumane practices. Like I said, facts are stubborn...
People unfamiliar with farming underestimate the degree to which the comfort of animals is taken into account.
Allofthe investigative reporting on factory farming in the last several years would indicate the exact opposite of this assertion. The comfort of the animals in farms across the United States is dead-last in priority, behind profit, common sense and even the humanity of those involved.
Some dairies play music all day because they've found it has a calming effect and increases production.
Like anything, it's all about money.
Where are all these dairy farms in which they play music for the cows? Do the cows spontaneously break into dance, too?
Is a visit to the dentist really that much better because they pipe in muzak during the root canal procedure? Or can we agree it's still pretty freaking uncomfortable? Now imagine getting a root canal every day of your life, for a couple of years, until the last day, in which the dentist shows up with a blade. This may sound a little extreme, but it's probably not actually all that far off from the average factory farm animal's perspective and experience.
Bottom line, factory farming is still cruel, with or without the soundtrack.
Slashdot Mirror
Bill Gates called it, way back in 2004. And Bill Gates is never wrong about ANYTHING. So it's pretty obvious that whatever we've all been receiving in our inboxes since 2006 that looks like spam isn't. Probably, we're all just overwhelmed by all of the legitimate emails we're getting from our many, many friends nowadays, who really are just trying to tell us about some aweS0me dea1z on r0lexxes, and we just can't decide which of the incredible bargains to choose from. And it's actually Google and Yahoo's fault for not having deprecated their spam filters, even though spam now is a thing of the past (trying to make MS look bad, of course). So they keep catching your friends' emails as spam. But it can't be spam, because it's 2010 already. And Bill Gates said.
And as long as you've got users who'll click on random executables and use their kid's name as a password and share their credentials with someone else, encryption isn't really going to get you very far.
You went from the above in your original post, to whistleblower employees playing Spy vs. Spy in your latest. I humored your first reply by pointing out ways that you can actually layer your security to prevent most data protection breaches, instead of resigning yourself to the fact that users prefer to make their passwords "password", and it's not like there's anything you can do about that... But come on, you're kind of changing the subject here... I specifically said that nothing is 100% effective. I realize that cognitive marvels can memorize things. Or write them down on a notepad. I wasn't talking about that, but then neither were you initially.
Whether you want to acknowledge it or not, in many, many cases and environments, the weakest link is absolutely the sysadmin, who throws up his hands in the midst of his end-users, and does nothing. Rather than the end-users themselves, the vast majority of whom are more likely to click on a random executable than to want to sell the secret formula of New Coke to the highest bidder.
And implementing all sorts of high-tech security isn't going to make it any harder to exploit that weakest link.
I couldn't disagree with you more. Most of the point of IT security is to make it harder for anyone to exploit the user, that user included... so hard that it isn't worth the effort.
If the sysadmin fails to implement counter-measures, it's he who is the weakest link. Because whatever its true effectiveness is, there's ALWAYS a counter-measure. I can think of an industry-standard counter to every single scenario you and others have alluded to here; you had to downshift into a pretty specific hypothetical about someone who willfully chooses to leak data, in order to support your original assertion. It doesn't make it any less misguided to let the sysadmin asleep in the corner off the hook.
Feel free to give yourself the last word here.
No measure or countermeasure is ever 100%, but in your disgruntled employee scenario, if you know what the confidential information is, you could use some mix of Rights Management Software... as well as the blocking of file types (say, .png, .jpg, .gif screenshots) from exiting the internal network... as well as preventing USB drive access, etc... and a lock on the computer case. So now the disgruntled employee would have to walk out the door with the computer in order to realistically take the confidential info with him/her. Again, it might not be 100%, but depending on how many 9's you need to put next to your certainty that no confidential data can leave the network, and how much the business is willing to pay to implement it, you can have a fair amount of data protection. You're definitely not helpless to the whims and malice of your users.
In a sense, though, the weakest link is actually the sysadmin, who isn't enforcing appropriate password complexity, length, age, etc... As well as, in a corporate context, not locking-down the network and machine and user profile, so that keylogging executables aren't so much of a problem. Even if the business and/or customers complain about "impact", there's always a way to win the argument for establishing and enforcing IT policies that make sense. You have to be willing to save users from themselves.
Quoting: "Internet service providers should have authority to block subscribers from sharing music and other files without permission of the copyright owner, the RIAA said."
I don't think highway operators in this country have ever been compelled or encouraged to stop grand theft auto, or interstate smuggling of stolen goods... Or that phone companies have been expected to prevent con artists from swindling people out of their money to buy "beach-side" Florida swamp land. Et cetera. This would appear to be unprecedented.
Quote from the article:
"I thought it was the phone -- 'Maybe this phone is just weird and does magical, horrible things and I have to get rid of it...'"
...Anybody know where I can find the sysrq key on it? :)
What exactly would need to be ripped out and replaced? Certainly not the physical layer, which deals in 1s and 0s. Nor the routers, which can route, for instance, IP and IPX. Nor hosts, which can have both an IPv4 and IPv6 address, and which also resolve, for example, DNS and WINS names. Protocols are deprecated as they outlive their usefulness. Hardly anything ever has to be ripped out to be replaced by something else.
I did not know that... Reading slashdot without the scores is like looking at a whole new world. Thanks for the tip. :)
And I don't like quoting numbers to several figures accurately...
Feel free not to quote numbers then, and just declare to everyone your "feelings" about things instead. And leave the numbers to people who are actually interested in facts and accuracy, not just in overstating those numbers to win arguments or make vague points about "oil-rich" countries, or Google, or whatever. I, for one, am definitely more interested in looking at the actual data than someone's exaggerated estimations of it. And I think I'm probably in good company on /. with such a disposition. But by all means, continue replying to posts with the hope of getting modded up as "interesting". As opposed to "informative". Which is different. As they say, it takes all kinds, the Datas, the Kirks, all welcome. :)
In the United States, almost 30% of the population has at a Bachelors degree or higher, and again that many have attended university but only have an associates degree or nothing...
Nowhere in the links provided is "almost 30%" a number. From the above wikipedia source, "The 2006 American Community Survey conducted by the United States Census Bureau found that 19.5 percent of the population had attended college but had no degree, 7.4 percent held an associate's degree, 17.1 percent held a bachelor's degree, and 9.9 percent held a graduate or professional degree." Even if you decide to sum bachelor's degrees and graduate or professional degrees (since it's entirely feasible that the Census Bureau considers the latter to be a subset of the former), you still come away with 27%. If the country had 300 million people as of 2006, you just overestimated by 9 million residents. And 23% (Arab states) versus 27% (US?) is a mere 4% difference.
I'm not entirely sure what the poster's point was in comparing somewhat inflated/rounded-up numbers of US college graduates with other global regions, and how that makes them dime-a-dozen or whatever, but the actual percentages sourced appear to be closer than they were editorialized to be, in any event.
I bet the herbal supplements industry is hoping its customers will forget all about this report eventually... :)
In five or ten years, a fair guess is that virtually all music and movies will be purchased in various on-demand subscription models. It's what consumers want. The companies which understand this are going to thrive. The declines mentioned in the article only seem like industry-wide problems because some of the players still haven't figured it out, and would rather prosecute their customers than adapt to a permanently-changed economic landscape. These latter companies are not long for this world.
Yes, there will probably always be physical and "owned" media revenues of some kind (collector's editions, etc.). But I think the tech is very close to being able to deliver subscriber streams to the the home on a ubiquitous scale, with mobile devices not far behind. The price points are the only things somewhat remaining to be determined.
I offer an important caveat to an otherwise spot-on perspective: You must offer what the customer wants... at a price they ARE WILLING TO PAY.
And what do you think the SUSClientID is based on, which causes it to be a duplicate in the WSUS database in the first place? It's the SID. The SUSClientID registry value doesn't exist until a computer is pointed at WSUS and made a WSUS client. WSUS bases the uniqueness of clients on the SID, because what else could it use, and why else would you ever have duplicate SUSClientID's if it weren't basing the initial database entry on the SID? Ipso facto, duplicate SIDs are the root cause of clients not appearing uniquely in WSUS.
/. posts... in a scenario in which two or more computers have identical SID's, even after you change those SIDs, if you've already introduced those computers to WSUS, you will still need to delete the SUSClientID and then run wuauclt.exe /resetauthorization /detectnow, and all will be well. Also, if you are one of these sysadmins who follows or has already followed the above steps, I applaud you for seeking to address the root cause of the problem, rather than just working around it. You will likely go far in your career with this approach. In fact, you're probably working a lot harder than some of your co-workers, and should talk to your boss about a raise. :)
But yes... for anyone who's taking their IT advice from
Sysprep and NewSID are very different tools, which ultimately lead to very different conclusions for the machine(s) either are applied to. I've never used sysprep when NewSID would suffice.
I think retiring NewSID is shortsighted. As folks here have already indicated, WSUS is the prime example I can immediately point to. I'm sure there are others. Perhaps Russinovich has never worked with load-balanced servers built from the same clone/image/template, which end up in different WSUS groups (Night A versus Night B, and so on). But in the absence of NewSID or a replacement, the task of separating one from the other becomes a lot more of a challenge than it has to be. What a shame.
In future posts, I will work on my sarcasm, which can apparently be so sarcastic as to appear not to be sarcastic at all. :)
Google will solve all your problems. Anything Microsoft can get you to pay for, Google does better, and for free. Don't believe me? Try to pay Google for gmail. You can't, huh? They won't take your money! It's no good here!! Imagine that!!!
I mean, it's so obvious.
However, Minix continues to maintain its girlish figure.
This is one of the more interesting aspects of the coming pay vs. free online news content issue. On the web, is it ethical for a newspaper to charge for reposted/reprinted AP and Reuters articles, while those original sources continue to offer their articles for free? Because at that point, are you paying the newspaper for the content, or the hosting of the content?
:)
Another aspect is advertising. Since - despite all appearances to the contrary - newspapers are still in business to make money, are they going to expect paying online subscribers to click-through and suffer with various ads, and justify it by saying that they have ads in their print editions as well, and that it "keeps costs down"?
We keep hearing that the papers can't survive on web ads. Yet they persist, and grow more annoying and absurd in their iterations. Perhaps it's the papers' plan is for us to pay them just to make the ads go away.
Bottom line, though, I think the papers are going to want to have it both ways.
I bet the sister in "Twilight Zone: The Movie", for one, would've been able to appreciate having both a mouth and an unlimited text and data plan on her 3G iPhone. Kids today really do take everything for granted.
That's the thing with California community colleges, many of them are part of the larger public education system. In LA, at least, they just RAISED the tuition fee to $26/unit.
Thus, in comparison, $99/mo is no bargain for Californians. Plus, the idea of being able to take as many classes as you want may sound great, but students can quickly get themselves into trouble with their GPA's (not to mention their jobs and even their personal lives) by overextending themselves with their course loads. There's a reason why most CC's cap enrollment at 15 units, and why students have to get special permission to take any more. I think 18 units is the maximum I've heard among fellow students... And by the end of the semester, their heads looked like they were about to explode.
I look forward to seeing your future post, in which you include all of the "non-slanted" investigative reports you're basing your own comments on, which show that the majority (meaning >= 50.1%) of factory farms do NOT actually employ horrific and inhumane practices. Like I said, facts are stubborn...
Facts, they are stubborn things...
People unfamiliar with farming underestimate the degree to which the comfort of animals is taken into account.
All of the investigative reporting on factory farming in the last several years would indicate the exact opposite of this assertion. The comfort of the animals in farms across the United States is dead-last in priority, behind profit, common sense and even the humanity of those involved.
Some dairies play music all day because they've found it has a calming effect and increases production.
Like anything, it's all about money.
Where are all these dairy farms in which they play music for the cows? Do the cows spontaneously break into dance, too?
Is a visit to the dentist really that much better because they pipe in muzak during the root canal procedure? Or can we agree it's still pretty freaking uncomfortable? Now imagine getting a root canal every day of your life, for a couple of years, until the last day, in which the dentist shows up with a blade. This may sound a little extreme, but it's probably not actually all that far off from the average factory farm animal's perspective and experience.
Bottom line, factory farming is still cruel, with or without the soundtrack.