How about making it possible to update Firefox in a business environment without administrative rights? Maybe allow admins to push the browser and patches?
AD is a AAA solution - Authentication (LDAP), Authorization (Kerberos) and Auditing (GPO, Logging).
Usually solutions like RH Directory server are used for securing applications (websites, roles within apps, etc), and not for the PCs. LDAP is just one "leg" of the AD stool... LDAP gives you a user store (authorization), but the real value of AD is that it's the only Kerberos implementation that is usable by regular human beings.
Without Kerberos, you don't have single sign on. Without the ability to create policy to control client behavior (GPO) you can't trust the clients to behave at all, and without an auditing facility, you don't have the ability to know what is going on.
If some organ of the US DoD is using Red Hat as a user store for desktops, they are probably using a directory federation solution to link the MS Active Directory to a central directory store to make user provisioning easier.
Obviously you're clueless about destroying data. Even after destroying the planet, some magnetic traces still exist. The only way to ensure destruction is to ship the drive back in time to an era where hard disks were not available.
People climbing Everest are in the top 5% of mountain climbers. They typically know (or at least think they know) what they are doing.
Yet the overall death rate is between 1-2% -- a very high number for skilled people performing a single activity. This doesn't even get into the injuries that people suffer either.
The "I climb mountains because they are there" stuff is macho nonsense. If you want a thrill with a 2% death rate and higher injury rate, fling yourself off of a 15 foot wall and enjoy the ride.
MySQL seems to be a project with alot of mindshare that doesn't execute well.
With commercial software, you're screwed when the vendor decides to do stupid things. With OSS, you have options besides moving to a new platform or living with the vendor's stupid decisions.
At the end of the day, this is good for everyone, and is an example of why OSS is good for society.
Climbers die on Mt. Everest because they are frickin idiots. There is no good reason to go up there, and they should leave the bodies up there to serve as warnings to other idiots.
Not true. Do you use Dreamweaver/Photoshop? Drive to meet clients? Have a cell phone? Pay for health insurance? Pay taxes?
There's no such thing as a pure service. Every day you wake up, you're incurring more overhead.
"Time & Materials" is a trade term, which in the context of consulting essentially means "the client will be billed for staff time and expenses". Don't read too deeply into it.
The whole point of my post is that you need to provide economic incentives to encourage each side on a contract to fulfill their obligations. Billing for T&M gives the customer an incentive to spec the project to minimize the hours and minimize changes. The contractor has an incentive to not cut corners, as his time is being billed for.
Obviously it doesn't always work that way in the real world.
That's what a statement of work is. If the customer decides to make you jump through hoops that adds to the time required, they need to pay for that time.
There are 2,000-2,500 productive man-hours available per-year, per employee. For a freelancer, professional development, administrative and marketing overheads account for as much as 30% of those hours. That leaves 1,300 - 1,650 billable hours for earning money.
If you're a freelancer and you don't provide an economic incentive for clients to not waste your time, you're giving away the store.
Why doesn't McDonald's sell flat-rate hamburgers? Don't people want to be full at lunchtime?
Quoting a fixed price for projects is like putting a "kick me" sign on your back. You'll attract cheapskate clients who will chisel you.
Use a standard contract that indemnifies you and covers your ass as much as possible. Always create a statement of work for each engagement and create a new revision that gets signed off for each material change.
My sister 100% owns the copyright to the depressing poetry that she wrote in high school. Big deal.
Your association with the university may inherently make your software more valuable. If I were you, I'd hold back on some key features, pimp your software as much as possible, then leave the university and write the good stuff.
If you don't hire the old dude, he's going to use the words that you used against you. Asking "What do you know that the 23 year old does not?" implies that you consider the 23 year old a better candidate.
Depends on your definition of "working". You're literally going to have a nearly 2-second round trip when you click on something with the mouse.
If you're providing a solution to a customer whose operation depends on using a GUI over a low-speed, high-latency link, you are doing your customer a disservice.
I've seen a few different solutions that used low-speed AMPS cellular or INMARSAT links to operate... nearly all of these used heavily scripted and locked Unix/Linux or embedded OSs.
The few Windows implementations that I've bumped into were very limited in function, and mostly served as a front end for whomever was operating these things in the field. They used Windows to make the client application delivery faster.
Tivoli Management Framework had configurations designed to work with satellite links as slow as 16k. That solution was for monitoring and configuration management though -- not what you want.
Your big problem here is your expectations. Remote Desktop over a slow-speed, high latency link just isn't viable. Anyone paying the megabucks required to support a field-deployed solution will not be happy with the crappy service you'll ultimately provide.
You need to extensively model how your application works and develop appropriate procedures, runbooks for your remote operators and a toolset of programs or script to provide support for this "critical" solution.
Actually, it's very difficult to make that determination. The IT people aren't pushing PGP for their health -- the cost of these applications is outrageous.
I've been through this - we approached a group of people who insisted that full disk encryption would cause all sorts of issues. They weren't able to document these issues, of course. We also got the "why does this matter to us anyway... we don't have any PPSI".
Then we go down with the security folks and audit the desktops. What did we find? All sorts of sensitive information that they didn't even know that they had. (It didn't show up in their reports, but was buried within the source datasets).
This scenario is more common than you thing and encrypting everything is the best defense. In our environment, which has nearly 60,000 users, unless you are using a thin client, you get full disk encryption.
The real issue is that the management of the institute is afraid of the liability that the leaking of patient data could present.
In this case, it might make sense for the lab to implement some sort of well-documented, auditable process of formally separating any personal information from the data sets.
The alternate solution will likely be worse than whatever disadvantages the FDE solution presents. You have a legal responsibility to safeguard critical data, and alternatives are probably worse.
To meet the audit requirements where I work, all of your work that involved PPSI would need to take place on a secured server via a terminal connection.
Government agencies and archivists are starting to wake up to the fact that this is an issue -- I think the Office 2007 file format change was a big factor that is getting it on the radar.
Minnesota, California, Massachusetts and New York definitely have people studying the issue. Unfortunately, there are no easy answers when it comes to these things.
In my opinion -- which is not necessarily the opinion of my employer -- one of the major problems is that there are far too many records being preserved.
If you looked at the archives of a government or corporate office 30 years ago, only official memorandums, some meeting minutes and policies were retained. Today, technology like email has improved communication somewhat, but has also encouraged sloppy office practices so that it is nearly impossible to figure out what is useful and what isn't.
To compound matters, the courts are now mandating document retention and email archiving which encourages the retention of even the most banal communication.
IMO, the period 1990-2020 will be a black hole in history.
Slashdot Mirror
How about making it possible to update Firefox in a business environment without administrative rights? Maybe allow admins to push the browser and patches?
AD is a AAA solution - Authentication (LDAP), Authorization (Kerberos) and Auditing (GPO, Logging).
Usually solutions like RH Directory server are used for securing applications (websites, roles within apps, etc), and not for the PCs. LDAP is just one "leg" of the AD stool... LDAP gives you a user store (authorization), but the real value of AD is that it's the only Kerberos implementation that is usable by regular human beings.
Without Kerberos, you don't have single sign on. Without the ability to create policy to control client behavior (GPO) you can't trust the clients to behave at all, and without an auditing facility, you don't have the ability to know what is going on.
If some organ of the US DoD is using Red Hat as a user store for desktops, they are probably using a directory federation solution to link the MS Active Directory to a central directory store to make user provisioning easier.
Is a big advocate of Google -- he transitioned the entire city government to Google Apps.
Obviously you're clueless about destroying data. Even after destroying the planet, some magnetic traces still exist. The only way to ensure destruction is to ship the drive back in time to an era where hard disks were not available.
China hasn't been accepting E-Waste for at least 18 months. Now it goes mostly to West Africa.
In that case, no. You are, however, required to offer "reasonable accommodation".
I actually meant 1983, or whenever it become better than TROFF and similar tools.
You're complaining about software almost 10 years old. I'm sure LaTeX sucked balls back in 1993.
That's a pretty lousy analogy.
People climbing Everest are in the top 5% of mountain climbers. They typically know (or at least think they know) what they are doing.
Yet the overall death rate is between 1-2% -- a very high number for skilled people performing a single activity. This doesn't even get into the injuries that people suffer either.
The "I climb mountains because they are there" stuff is macho nonsense. If you want a thrill with a 2% death rate and higher injury rate, fling yourself off of a 15 foot wall and enjoy the ride.
MySQL seems to be a project with alot of mindshare that doesn't execute well.
With commercial software, you're screwed when the vendor decides to do stupid things. With OSS, you have options besides moving to a new platform or living with the vendor's stupid decisions.
At the end of the day, this is good for everyone, and is an example of why OSS is good for society.
Climbers die on Mt. Everest because they are frickin idiots. There is no good reason to go up there, and they should leave the bodies up there to serve as warnings to other idiots.
Not true. Do you use Dreamweaver/Photoshop? Drive to meet clients? Have a cell phone? Pay for health insurance? Pay taxes?
There's no such thing as a pure service. Every day you wake up, you're incurring more overhead.
"Time & Materials" is a trade term, which in the context of consulting essentially means "the client will be billed for staff time and expenses". Don't read too deeply into it.
The whole point of my post is that you need to provide economic incentives to encourage each side on a contract to fulfill their obligations. Billing for T&M gives the customer an incentive to spec the project to minimize the hours and minimize changes. The contractor has an incentive to not cut corners, as his time is being billed for.
Obviously it doesn't always work that way in the real world.
That's what a statement of work is. If the customer decides to make you jump through hoops that adds to the time required, they need to pay for that time.
There are 2,000-2,500 productive man-hours available per-year, per employee. For a freelancer, professional development, administrative and marketing overheads account for as much as 30% of those hours. That leaves 1,300 - 1,650 billable hours for earning money.
If you're a freelancer and you don't provide an economic incentive for clients to not waste your time, you're giving away the store.
Why doesn't McDonald's sell flat-rate hamburgers? Don't people want to be full at lunchtime?
Quoting a fixed price for projects is like putting a "kick me" sign on your back. You'll attract cheapskate clients who will chisel you.
Use a standard contract that indemnifies you and covers your ass as much as possible. Always create a statement of work for each engagement and create a new revision that gets signed off for each material change.
My sister 100% owns the copyright to the depressing poetry that she wrote in high school. Big deal.
Your association with the university may inherently make your software more valuable. If I were you, I'd hold back on some key features, pimp your software as much as possible, then leave the university and write the good stuff.
If you don't hire the old dude, he's going to use the words that you used against you. Asking "What do you know that the 23 year old does not?" implies that you consider the 23 year old a better candidate.
Perception is more important than reality in this case.
Depends on your definition of "working". You're literally going to have a nearly 2-second round trip when you click on something with the mouse.
If you're providing a solution to a customer whose operation depends on using a GUI over a low-speed, high-latency link, you are doing your customer a disservice.
I've seen a few different solutions that used low-speed AMPS cellular or INMARSAT links to operate... nearly all of these used heavily scripted and locked Unix/Linux or embedded OSs.
The few Windows implementations that I've bumped into were very limited in function, and mostly served as a front end for whomever was operating these things in the field. They used Windows to make the client application delivery faster.
BGAN isn't all that great either. Lots of billing issues that results in your service being cut off.
Tivoli Management Framework had configurations designed to work with satellite links as slow as 16k. That solution was for monitoring and configuration management though -- not what you want.
Your big problem here is your expectations. Remote Desktop over a slow-speed, high latency link just isn't viable. Anyone paying the megabucks required to support a field-deployed solution will not be happy with the crappy service you'll ultimately provide.
You need to extensively model how your application works and develop appropriate procedures, runbooks for your remote operators and a toolset of programs or script to provide support for this "critical" solution.
Actually, it's very difficult to make that determination. The IT people aren't pushing PGP for their health -- the cost of these applications is outrageous.
I've been through this - we approached a group of people who insisted that full disk encryption would cause all sorts of issues. They weren't able to document these issues, of course. We also got the "why does this matter to us anyway... we don't have any PPSI".
Then we go down with the security folks and audit the desktops. What did we find? All sorts of sensitive information that they didn't even know that they had. (It didn't show up in their reports, but was buried within the source datasets).
This scenario is more common than you thing and encrypting everything is the best defense. In our environment, which has nearly 60,000 users, unless you are using a thin client, you get full disk encryption.
The real issue is that the management of the institute is afraid of the liability that the leaking of patient data could present.
In this case, it might make sense for the lab to implement some sort of well-documented, auditable process of formally separating any personal information from the data sets.
The alternate solution will likely be worse than whatever disadvantages the FDE solution presents. You have a legal responsibility to safeguard critical data, and alternatives are probably worse.
To meet the audit requirements where I work, all of your work that involved PPSI would need to take place on a secured server via a terminal connection.
Any decent AM radio station will have full-time election coverage, and radio news is generally 1000% better than the swill that you see on TV.
Government agencies and archivists are starting to wake up to the fact that this is an issue -- I think the Office 2007 file format change was a big factor that is getting it on the radar.
Minnesota, California, Massachusetts and New York definitely have people studying the issue. Unfortunately, there are no easy answers when it comes to these things.
In my opinion -- which is not necessarily the opinion of my employer -- one of the major problems is that there are far too many records being preserved.
If you looked at the archives of a government or corporate office 30 years ago, only official memorandums, some meeting minutes and policies were retained. Today, technology like email has improved communication somewhat, but has also encouraged sloppy office practices so that it is nearly impossible to figure out what is useful and what isn't.
To compound matters, the courts are now mandating document retention and email archiving which encourages the retention of even the most banal communication.
IMO, the period 1990-2020 will be a black hole in history.