I have quite a few friends deployed. What you speak of does not happen. The military networks are locked down and virus-checked, etc.
The problem is the soldiers have their personal laptops on unsecured wireless networks they pay for from local providers so they can do what they *WANT* to do, which is surf porn, play MMORPGS (WoW is hugely popular) and other games that allow them to interact with "normal" people from back home. As is usually the case, the pure security concept pushes people to their own solutions which creates huge security issues. You're talking about brave, courageous, amazingly talented strong young men and women who are amazingly stupid about technology. They use Windows because everyone uses it and the guy down the way can help them load their Iraqi porn.
The only way to address this is to accept their habits (porn, games) and address it in a secure way.
In this Army/Navy/AF/etc, that ain't gonna happen.
Let's just say that I may be employed at (but not by) a US Government organization but I use my personal Mac and a personal wireless solution where neither the Mac nor the wireless ever touches their network, just so that I can do simple stuff like research current technology. Happens that some of this research tends to be on sites they consider "gaming" or "non business related" so they filter it. GFY, censors.
Look - I'm a programmer. It may sound pedantic of me, but I believe programs should be responsible only for what they are designed to do. Clearly this means being responsive and indeed responsible for their own security. Lapses in one's own program are unavoidable but should be quickly and non-quietly fixed. It's an interesting suggestion that the paradigm needs to shift to the parent app being solely responsible for its children's security.
So taking your logic further, the OS should be responsible for all of this, so it's not even Firefox's problem. ^_^
Apps should be purpose built and responsible for that purpose. If you do the blame game up the line, you'll find tremendous bloat (more so than it already is) creeping into all first-line programs and even more so to the OS. If you don't blame Microsoft and OSX (the only two platforms Quicktime runs on, IIRC) as much as Firefox, you have violated your own thinking line.
Quicktime is causing the problem, but would you rather have a browser that arbitrarily trusts the plugin, or does some bounds checking? I'd rather have a browser that focuses on making sites render most correctly, most quickly, and where only its core functions are concerns of the already burdened developers.
Why?
I mean help me understand how it simply farming the request to an external app, where the external app has the security problem, is a firefox problem?
The most evil of evil cellular companies, the company that replaces perfectly unacceptable, already crippled stock phone operating systems with COMPLETELY UTTERLY crippled operating systems, the same one who if you buy their Motorola RAZR and try to use MOTOROLA's OWN MOBILE PHONE TOOLS, will not allow said use. The same one who requires a USB CHARGER PURCHASED FROM THEM, when any charger will suffice, is now opening their network???!!!
'Scuse me - that sizzling sound was hell freezing over.
You do realize that *any* software you install on your computer can do this? Unless you have read the full source code and compiled it yourself (Ignoring the possibility of a trojan'd compiler) there is a possibility that a program could do these things. So what's new?
The whole study is a joke because it assumes that body mass index is a valid measure of obesity, and it isn't. The only real way to tell how fat you are is to measure your body fat percentage, usually with calipers although some new scales claim to be able to do it electrically.
Bingo. Also most people get weighed at their doctors office with crap in their pockets, heavy shoes, etc. I weigh in at 198 in the morning when I wake up. By the time I eat breakfast and get dressed, I weigh in at 210-ish at the doctor's office. I'm 5'11, so my BMI at 198 is a slightly overweight 27.6. Once dressed and fed, I'm a 29.3, almost obese.
Oh and I run 3x or more a week, lift 1-2x a week and make a close watch of what I eat - wheat wraps with specifically sized portions of lowfat mayo, lots of mustard (practically calorie-free) and measured cheese and meats. I snack on carrots, apples, triscuits and small amounts of lowfat cheese. I eat low sugar oatmeal for breakfast. In the last year, that netted me about a 30-35 lb weight loss. I hardly believe that my body fat % is the same as someone of the same weight and height that sits on their ass all day.
It's worth noting that Usenet.com does not own/operate usenet, they are just a download service for usenet. They cannot remove things from usenet, they can only prohibit downloads of certain content from their servers, I'd imagine.
As a former INN server admin from 1994 to about 2001, that's bunk I'm sorry to say. I resisted modding you down (even have the points for it!) just to clear the air here. If you stream news to someone else, your removal of an article affects your downstream servers as well. It's quite easy to remove an article - always has been.
Now Universal just look like idiots. One can easily argue the business sense of delivering content in a price-controllable way. Business 101 - when the demand increases, limit the supply and profit by increasing the prices, or changing the delivery mechanism to make more money on the same supply. Demand for downloadable music has increased while CD sales decreased, thus the allegory.
The stupid part of this idea is removing 70-80% (the share of iPods in the portable music market) of the market for your product. Just try to buy a gas station and switch to only selling ethanol and see how well that works if you need an example. The phrase shooting one's self in the foot comes to mind, but the recording studios seem good at that.
I ran two websited that used contextual ads (from the likes of vibrant media and kontera) as well as banner-based stuff (google, yahoo, etc) and I can tell you that the worst person to piss off is the one that doesn't want to see the ad. They were never going to click on it anyway, so why should you care? Most of our deals were cost-per-click revenue anyway so I didn't care to serve an ad to a person who wasn't going to click it and have to deal with pissing them off. A few months before I sold both sites (and am glad to be out of that business, though I miss the revenue), I made it so that folks could disable contextual ads through a profile setting, and added the ability for them to pay a paltry sum ($10 per year) to remove all ads site-wide. Folks were thrilled to pay a cheap price, I made some good cash, and everyone was happy.
I knew of folks using ad blocking software (hell, I use adblock plus myself!) and would never have done anything to that group for the sole reason that I wasn't going to make money on them anyway and might as well make em happy instead of mad.
Oh - and I determined that most of my ad-clicks were unregistered folks who visited my site for the first time - one of those dirty little industry secrets.
Yup - and it crashed more often before for sure. I may even have over-stated the crashiness of it now.
From personal experience...
on
Smartphone Shootout
·
· Score: 4, Interesting
I've got both a Blackberry 8700g and an iPhone - the former used for work e-mail and the latter for personal stuff. Before I got the iPhone, I loved my Blackberry. It was a big improvement over my RAZR at the time, and fairly fast due to the server-side processing of the websites I visited with it.
Then I got the iPhone and now I'm probably going to dump my Blackberry. Having and using the iPhone has soured my Blackberry experience. I'm now tired of seeing the HTML in e-mails instead of viewing the full e-mail. (For those of you without a Blackberry, it absolutely sucks at HTML mail - it displays all the code instead of stripping it out, FWIW, I use the client-side push instead of server-side push so that may be the problem) Having the iPhone and seeing e-mail as it was meant to be seen changed that.
Similarly the mostly-full version of Safari has changed my usage of the Blackberry's crippled browser.
As the article states, the iPhone is not without its problems. Safari crashes (I've never seen the Blackberry browser ever crash) semi-often, say once every 2-3 days in my usage, and its lack of Flash support is annoying. I haven't missed Java yet.
Data speed is it's albatross, but with the "real" web, I've personally been able to look beyond its mobile speed deficiency. When it's on a fast Wifi network, it REALLY shines and I'm still amazed by how well it does in rendering sites. Youtube has never looked better.
The problem I have with most LUGs is it's - well - what it says it is, a user group.
There's been a movement lately to create ELUGs - Enterprise Linux User Groups. I know the one I'm involved with in my city just had a long discussion about creating an enterprise group. The problem is one of need. Users need very different things then those of us involved in day-to-day management of an enterprise Linux base.
I know I for one enjoyed being in the different LUGs I was in, but I gave more then I got for the most part. As an admin, I want to be better at what I do, so it's not just that I'm a jackass, it's that I want to continually expand my abilities through others misfortune.:)
OOo's problem IMHO is that it's an old program suite masquerading as new material. The backwards compatibility, which is necessary to its continued growth, is its albatross.
I am a developer, but the caveot is I don't know jack about the code and its current iteration. I could and may be way off base, but here goes anyway.
The only way you'll ever address it is to start. From scratch. Build the core of the program with security in mind. Converters have to pass through that core security layer. Add-ons need to pass through that layer. Even your own code has to.
Of course the manpower needs of this would be tremendous so it'd never happen.
But Google's doing something similar - they basically seem to have started from scratch and they pass all the apps through their backend, which presumably is superior to most work done on OOo or MS Office.
I mean - who would have ever thought of putting IP-based phone traffic over the PTSN! Wait - wasn't that why it was created - and by a company Cisco acquired a company whose name escapes me for their VOIP systems back in the late 90s... Cisco would have NEVER thought of THAT!
The point isn't in the energy *WON* - it's in the energy *NOT USED*. I don't know if you've ever hooked a kill-a-watt (current measuring device) to a treadmill, but those suckers suck powah! Mine rated between 12 and 15a, and has actually tripped its shared 15a outlet when I get going really fast on it(well, at least fast for me - about 8-9 mph).
If you do distance as I do, that's a decent amount of power not used on the grid if my energy is going 100% into making the thing work, instead of the grid feeding a motor, etc.
God users really are getting stupid these days And with that attitude you'll go far in your career.:)
You are exactly the problem. You know best, of course. No stupid user can ever know as much or you.
Please come work for me so I can fire you.
1. Your symantec doesnt catch everything, even if its in its definitions files. It may run before the av can scan it. It may come encrypted. It may be part of a larger spyware payload. "Edge" is buzzwords for "buy our scanning proxy." Its not 100% protection.
Nothing catches everythhing. Only clueless CIOs and non-technical middle IT managers think that happens. Security is a state of mind - not a reality. There will always be someone smarter with more time or more resources that can beat your "best practices".
2. Your system is locked down not because the "helpdesk monkey" enjoys visiting self-entitled misanthropes like yourself but to keep unauthorized software off your machine. Your manager doesnt want you playing games all day, IT doesnt want to image your computer every week because of all the spyware you download, and the helpdesk doesnt need more of your whiney complaints. Not to mention legal/finance dont want to get stuck with a bill/lawsuit for the software you pirate and put on a machine that isnt yours.
So you can't place - as I said before -a modicum of controls on users and still allow basic functionality? You can't set SMS to go look for installed programs and remove anything not in the list? (you can - I've done it)
At the end of the day, when you screw up a perfectly good machine because youre so much smarter than your IT deparment and its monkeys, you end up calling them, expecting them to fix it, and blaming them. Now multiply yourself x250 people and think about why you have to wait so long for service or why some of these policies exist.
Been there - done that, burned the damn t-shirt. Started an ISP back in '94 as a one person shop for a year. Did IT support in various mechanisms since then. I don't know much, but I have done support, and I'd challenge you to find a more difficult support role then the guy on the phone in the pre-windows 95 easy dialup days supporting Windows 3.11 and Trumpet winsock, getting blamed for every problem they have after they installed your floppy disk and doing it over the phone.
Lastly, this isn't soviet russia. Dont like the work environment? Quit.
Brilliant. Don't try to change anything. Don't try to make it better - just throw in the ol towel if you don't like it. And we wonder why we're chastized by non-IT folks for jumping jobs.
What is really accomplished by the draconian means IT organizations are going through these days? Viral outbreaks are way down, mainly due to better edge practices - ie frequent AV definition updates, forced scanning of all inbound e-mail for viruses, better firewall configurations, near real-time forced patchings, etc. With those left out, the vectors for infection drop dramatically and end up being removable media (USB drives), portable media (CD/DVD), etc. Again with proper real-time on-access antivirus scanning on both file servers and PCs, where do viruses come from?
And if the reason for locking users out of their PC configuration is configuration management and not protection, then why not just let them at it... have a standard PC configuration, a standard image, and partition their drive. All user files are on the 2nd partition, and all system on the first. If they dork it up instead of spending hours troubleshooting, just image the primary partition and move on.
That way you reduce the overhead of your IT group and allow users the freedoms we expect. I'm not talking utopian - I'm just talking simple things like being able to install a firefox major version update without calling the helplessdesk, or installing any other app I need to do my job (not wanted things like IM clients - real job needs). Instead I have to call the helpless desk wait a damn week while I play phone tag and then sit there for an hour as some monkey figures out how to double click "setup.exe".
It all seems so unnecessary to me. Get a clue and a plan and have a modicum of control - not the communist variety of control.
Slashdot Mirror
I have quite a few friends deployed. What you speak of does not happen. The military networks are locked down and virus-checked, etc.
The problem is the soldiers have their personal laptops on unsecured wireless networks they pay for from local providers so they can do what they *WANT* to do, which is surf porn, play MMORPGS (WoW is hugely popular) and other games that allow them to interact with "normal" people from back home. As is usually the case, the pure security concept pushes people to their own solutions which creates huge security issues. You're talking about brave, courageous, amazingly talented strong young men and women who are amazingly stupid about technology. They use Windows because everyone uses it and the guy down the way can help them load their Iraqi porn.
The only way to address this is to accept their habits (porn, games) and address it in a secure way.
In this Army/Navy/AF/etc, that ain't gonna happen.
Let's just say that I may be employed at (but not by) a US Government organization but I use my personal Mac and a personal wireless solution where neither the Mac nor the wireless ever touches their network, just so that I can do simple stuff like research current technology. Happens that some of this research tends to be on sites they consider "gaming" or "non business related" so they filter it. GFY, censors.
Ask a question via ask slashdot because you honestly need some help.
Get lambasted for asking a dumb question (even tho it's the general idea of ask slashdot)
???
Profit!
I have to pay for things I got for free before?
:)
:)
Oh wait - it's Apple. Carry on.
Full disclosure - I've been called an Apple fanboi before.
Look - I'm a programmer. It may sound pedantic of me, but I believe programs should be responsible only for what they are designed to do. Clearly this means being responsive and indeed responsible for their own security. Lapses in one's own program are unavoidable but should be quickly and non-quietly fixed. It's an interesting suggestion that the paradigm needs to shift to the parent app being solely responsible for its children's security.
So taking your logic further, the OS should be responsible for all of this, so it's not even Firefox's problem. ^_^ Apps should be purpose built and responsible for that purpose. If you do the blame game up the line, you'll find tremendous bloat (more so than it already is) creeping into all first-line programs and even more so to the OS. If you don't blame Microsoft and OSX (the only two platforms Quicktime runs on, IIRC) as much as Firefox, you have violated your own thinking line.
But that's just me talkin'.
Why? I mean help me understand how it simply farming the request to an external app, where the external app has the security problem, is a firefox problem?
I fully expected to see the "haha" tag on this story.
I'm shocked to not see it.
The most evil of evil cellular companies, the company that replaces perfectly unacceptable, already crippled stock phone operating systems with COMPLETELY UTTERLY crippled operating systems, the same one who if you buy their Motorola RAZR and try to use MOTOROLA's OWN MOBILE PHONE TOOLS, will not allow said use. The same one who requires a USB CHARGER PURCHASED FROM THEM, when any charger will suffice, is now opening their network???!!!
'Scuse me - that sizzling sound was hell freezing over.
Man, where are my mod points when I need em. ++
Bingo. Also most people get weighed at their doctors office with crap in their pockets, heavy shoes, etc. I weigh in at 198 in the morning when I wake up. By the time I eat breakfast and get dressed, I weigh in at 210-ish at the doctor's office. I'm 5'11, so my BMI at 198 is a slightly overweight 27.6. Once dressed and fed, I'm a 29.3, almost obese.
Oh and I run 3x or more a week, lift 1-2x a week and make a close watch of what I eat - wheat wraps with specifically sized portions of lowfat mayo, lots of mustard (practically calorie-free) and measured cheese and meats. I snack on carrots, apples, triscuits and small amounts of lowfat cheese. I eat low sugar oatmeal for breakfast. In the last year, that netted me about a 30-35 lb weight loss. I hardly believe that my body fat % is the same as someone of the same weight and height that sits on their ass all day.
As a former INN server admin from 1994 to about 2001, that's bunk I'm sorry to say. I resisted modding you down (even have the points for it!) just to clear the air here. If you stream news to someone else, your removal of an article affects your downstream servers as well. It's quite easy to remove an article - always has been.
Now Universal just look like idiots. One can easily argue the business sense of delivering content in a price-controllable way. Business 101 - when the demand increases, limit the supply and profit by increasing the prices, or changing the delivery mechanism to make more money on the same supply. Demand for downloadable music has increased while CD sales decreased, thus the allegory.
The stupid part of this idea is removing 70-80% (the share of iPods in the portable music market) of the market for your product. Just try to buy a gas station and switch to only selling ethanol and see how well that works if you need an example. The phrase shooting one's self in the foot comes to mind, but the recording studios seem good at that.
Ugh. Automotive car forum. That must be like ATM Machines. Stupid me!
Ha! I wish. No - ran two automotive car forum sites.
I ran two websited that used contextual ads (from the likes of vibrant media and kontera) as well as banner-based stuff (google, yahoo, etc) and I can tell you that the worst person to piss off is the one that doesn't want to see the ad. They were never going to click on it anyway, so why should you care? Most of our deals were cost-per-click revenue anyway so I didn't care to serve an ad to a person who wasn't going to click it and have to deal with pissing them off. A few months before I sold both sites (and am glad to be out of that business, though I miss the revenue), I made it so that folks could disable contextual ads through a profile setting, and added the ability for them to pay a paltry sum ($10 per year) to remove all ads site-wide. Folks were thrilled to pay a cheap price, I made some good cash, and everyone was happy.
I knew of folks using ad blocking software (hell, I use adblock plus myself!) and would never have done anything to that group for the sole reason that I wasn't going to make money on them anyway and might as well make em happy instead of mad.
Oh - and I determined that most of my ad-clicks were unregistered folks who visited my site for the first time - one of those dirty little industry secrets.
Yup - and it crashed more often before for sure. I may even have over-stated the crashiness of it now.
I've got both a Blackberry 8700g and an iPhone - the former used for work e-mail and the latter for personal stuff. Before I got the iPhone, I loved my Blackberry. It was a big improvement over my RAZR at the time, and fairly fast due to the server-side processing of the websites I visited with it.
Then I got the iPhone and now I'm probably going to dump my Blackberry. Having and using the iPhone has soured my Blackberry experience. I'm now tired of seeing the HTML in e-mails instead of viewing the full e-mail. (For those of you without a Blackberry, it absolutely sucks at HTML mail - it displays all the code instead of stripping it out, FWIW, I use the client-side push instead of server-side push so that may be the problem) Having the iPhone and seeing e-mail as it was meant to be seen changed that.
Similarly the mostly-full version of Safari has changed my usage of the Blackberry's crippled browser.
As the article states, the iPhone is not without its problems. Safari crashes (I've never seen the Blackberry browser ever crash) semi-often, say once every 2-3 days in my usage, and its lack of Flash support is annoying. I haven't missed Java yet.
Data speed is it's albatross, but with the "real" web, I've personally been able to look beyond its mobile speed deficiency. When it's on a fast Wifi network, it REALLY shines and I'm still amazed by how well it does in rendering sites. Youtube has never looked better.
The problem I have with most LUGs is it's - well - what it says it is, a user group.
:)
There's been a movement lately to create ELUGs - Enterprise Linux User Groups. I know the one I'm involved with in my city just had a long discussion about creating an enterprise group. The problem is one of need. Users need very different things then those of us involved in day-to-day management of an enterprise Linux base.
I know I for one enjoyed being in the different LUGs I was in, but I gave more then I got for the most part. As an admin, I want to be better at what I do, so it's not just that I'm a jackass, it's that I want to continually expand my abilities through others misfortune.
OOo's problem IMHO is that it's an old program suite masquerading as new material. The backwards compatibility, which is necessary to its continued growth, is its albatross.
I am a developer, but the caveot is I don't know jack about the code and its current iteration. I could and may be way off base, but here goes anyway.
The only way you'll ever address it is to start. From scratch. Build the core of the program with security in mind. Converters have to pass through that core security layer. Add-ons need to pass through that layer. Even your own code has to.
Of course the manpower needs of this would be tremendous so it'd never happen.
But Google's doing something similar - they basically seem to have started from scratch and they pass all the apps through their backend, which presumably is superior to most work done on OOo or MS Office.
Ok - found it - it was Selsius.
I mean - who would have ever thought of putting IP-based phone traffic over the PTSN! Wait - wasn't that why it was created - and by a company Cisco acquired a company whose name escapes me for their VOIP systems back in the late 90s... Cisco would have NEVER thought of THAT!
The point isn't in the energy *WON* - it's in the energy *NOT USED*. I don't know if you've ever hooked a kill-a-watt (current measuring device) to a treadmill, but those suckers suck powah! Mine rated between 12 and 15a, and has actually tripped its shared 15a outlet when I get going really fast on it(well, at least fast for me - about 8-9 mph).
If you do distance as I do, that's a decent amount of power not used on the grid if my energy is going 100% into making the thing work, instead of the grid feeding a motor, etc.
Nothing catches everythhing. Only clueless CIOs and non-technical middle IT managers think that happens. Security is a state of mind - not a reality. There will always be someone smarter with more time or more resources that can beat your "best practices".
2. Your system is locked down not because the "helpdesk monkey" enjoys visiting self-entitled misanthropes like yourself but to keep unauthorized software off your machine. Your manager doesnt want you playing games all day, IT doesnt want to image your computer every week because of all the spyware you download, and the helpdesk doesnt need more of your whiney complaints. Not to mention legal/finance dont want to get stuck with a bill/lawsuit for the software you pirate and put on a machine that isnt yours.
So you can't place - as I said before -a modicum of controls on users and still allow basic functionality? You can't set SMS to go look for installed programs and remove anything not in the list? (you can - I've done it)
At the end of the day, when you screw up a perfectly good machine because youre so much smarter than your IT deparment and its monkeys, you end up calling them, expecting them to fix it, and blaming them. Now multiply yourself x250 people and think about why you have to wait so long for service or why some of these policies exist.
Been there - done that, burned the damn t-shirt. Started an ISP back in '94 as a one person shop for a year. Did IT support in various mechanisms since then. I don't know much, but I have done support, and I'd challenge you to find a more difficult support role then the guy on the phone in the pre-windows 95 easy dialup days supporting Windows 3.11 and Trumpet winsock, getting blamed for every problem they have after they installed your floppy disk and doing it over the phone.
Lastly, this isn't soviet russia. Dont like the work environment? Quit.
Brilliant. Don't try to change anything. Don't try to make it better - just throw in the ol towel if you don't like it. And we wonder why we're chastized by non-IT folks for jumping jobs.
What is really accomplished by the draconian means IT organizations are going through these days? Viral outbreaks are way down, mainly due to better edge practices - ie frequent AV definition updates, forced scanning of all inbound e-mail for viruses, better firewall configurations, near real-time forced patchings, etc. With those left out, the vectors for infection drop dramatically and end up being removable media (USB drives), portable media (CD/DVD), etc. Again with proper real-time on-access antivirus scanning on both file servers and PCs, where do viruses come from?
And if the reason for locking users out of their PC configuration is configuration management and not protection, then why not just let them at it... have a standard PC configuration, a standard image, and partition their drive. All user files are on the 2nd partition, and all system on the first. If they dork it up instead of spending hours troubleshooting, just image the primary partition and move on.
That way you reduce the overhead of your IT group and allow users the freedoms we expect. I'm not talking utopian - I'm just talking simple things like being able to install a firefox major version update without calling the helplessdesk, or installing any other app I need to do my job (not wanted things like IM clients - real job needs). Instead I have to call the helpless desk wait a damn week while I play phone tag and then sit there for an hour as some monkey figures out how to double click "setup.exe".
It all seems so unnecessary to me. Get a clue and a plan and have a modicum of control - not the communist variety of control.