If anything cryptome can now hit up US.Gov with numerous FOIAs for any documents relating to this document or relationship of law to Microsoft and get it again. If it is copyrighted, yet given to the US government it should be able to be opened up this way. I wonder how it will come back redacted or not. There may be precident with some national legislation that is copyrighted and transparency in US government.
Management that doesn't care about policies is doing nothing for lots of money.
Management by definition is to direct the operation of the business as set forth by the owners - which takes the form of written policy (in the general sense).
I know managers get exhausted by the bureaucracy, this is a fact but not an excuse to get out from their responsibility.
The western model of business is flexible but at some point the roles between owners/managers/workers/customers are there, unavoidable, and necessary for a business to be called a legitimate business.
Management wants a log with a name/date to demonstrate to themselves or external regulators, the management team hired the right skill and said skill is doing the work being payed for. Really they can't test much deeper, its not their role. Management ought to then hire pen-test experts to aid in assessing quantitive risk to the business processes.
This is the sad thing: IT Security, imho, is the greatest of cons of the 20th/21st century. You can buy a nice car today for your business that has more safety and security (R&D and road test) than most COTS laptops which just so happen be the accountants way to web browse to the payroll/banking funds which by the way is likely outside of the business intranet or VPN.
Brian Krebs formerly from the washington post, and others are leading the way to translate IT security lingo into cold hard cash lost to fraud, internal theft, and stolen products & productivity from business for savvy managers.
You mentioned the phrase screensaver lock. Even this shows that the IT con is persistent. It is no different than saying password.
Passwords are like locking your house with a big old fashioned shackle padlock that says pick me and forgetting you have windows, a cellar door and a dog door on the backdoor that have a hook or something less for a mechanism.
Passwords are now some 39+ years old "technology" we the IT community are deficient in not delivering up the next solution that is easy, friendly to use, safe and predictable. Instead we keep whipping dead horses.
Any real IT solution ought to institute the sacred 3: Something you have, Something you know, something you are as minimal the for authentication. Zero COTS OS institute this. This is a conjob on the public by IT R&D, programmers & hardware manufacturers to sell what is possible and necessary as marked up aftermarket upgrades.
A past significant loss of data to a small company ought to be enough of an impression for the owners/partners to realize they at risk of repeating the event.
I would frame to my managers/owners in this way, "That vital data integrity, trade secrets, IP or other tangible assets are at risk" and the best way to know the exposure is to measure that risk via independent audit.
Business types ought to respond to such a line of argument as it makes dollars & cents to them in their world view. A business owners direction for independent audit should be seen positively not negatively. What owner does not agree to oversee his own enterprise? She can delegate the authority but not responsibility for it to be conducted. When any business fails, the creditors come after the owners not the workers.
It is when external regulators and/or.gov _order_ an audit that Business owners should tremble.
Managers are never to be end-run during audit. In fact they are vital to the audit process being correctly executed as auditing is actually a _management responsibility_. They must institute business direction to correct exposure to the business and report to owners that the risk was eliminated or is actively managed to the owner approved level.
Also from the worker side, asking permission to superiors for conducting a "Disaster Scenario" Drill is plausible. Exposing this risk and any others which are found in a formally written, non-biased, non sensational analysis submitted via management to the owners would be the conclusion of the drill. Management would see the errors 1st and institute business direction accordingly with owners who are briefed by these managers.
However not knowing the circumstances, I assume that it sounds like a serious virus outbreak as you mentioned a complete wipe& reload scenario.
1) Most likely the owners don't trust the IT guys with their machines and think they can do it themselves. 2) The trust issue could be well founded, in that their next big thing is not able to be "released" beyond their diligence, for fear of competition this outweighs the backup requirement. 3) Again they may not trust the IT department for past errs or hurt feelings your not aware of. 4) The trust issue could also be defensive in that they have data on them they want no one to "see", gain access into, or leak to other subordinates, media, family, or law enforcement.
If the owner & management team is dead set against independent audits and self drills, beef up your resume and get the heck out. They are playing fast and loose with the money and the business is tanking.
Google's stance on database security is poorly documented and certainly not open. I've yet to find comprehensive peer review of their architecture security (but then they are a for profit enterprise) and need not comply like Oracle, IBM DB2, MySQL?
Numerous opportunities exist in the chain of data that Google is slurping through to build in "back doors" either deliberately or by "accident" expose data.
Somehow they "parse" accounts for words, addresses, html code, etc then use those datapoints to do statistical cross references to build the ad's. Thats elementary. However since they parse EVERYTHING in the account somehow the programmer(s) have to make design decisions on how to go about it. Is there one process per type of data. One that just looks for PDF code vs keywords? Is there one process per country with applicable rules for that country? Are the configuration tables for that process well protected and not able to be circumvented?
Google has to crack open each file, Adobe reported a breach so perhaps the attack vector was in the PDF parse/scrubber at Google.
It would be trivial "once inside the system" to set configs to just suck out everything instead of what that particular process ought looking for and tee the result over to some obscure process or table buried deep in the DB to retrieve it later by some query.
Once you found a marker to your target you'd just have to find the right DB keys they are associated with to get all the other data about them. Somehow every Google account has a primary or some other key that associates the data. No one is asking about low level DB security on this thread. Who exactly gets granted access to the primary and following keys and tables. Who has authority to restart processes? Are processes logged as to why they restarted with new values?
It's quite possible there is a way to view Google accounts outside a web-interface which is what normal people think when they hear back door. Its more sophisticated than viewing the raw dump. I suspect the intrusion proved the new horizon for security: That it ispossible to "re-assemble" most if not all the account from the database(s) if you've p0wnd the DB at a low level without the need for a backdoor to the actual account nor the Google foundational OS/netstack. The Chinese probably attacked and penetrated the DB's somehow.
I think this is the great oversight it was not just that Gmail was hacked. It is broader to say Google Accounts; gmail points to web search which is tied to Picassa, which is tied to Blogger, which is tied to youtube, etc....
All these have to be fortified at the DB level else any other measure of security is meaningless.
Apparently Today's IBM Management is not so perfect. From the 1st article cited
Angell also said that he's no longer with IBM. "I was laid off last year along with thousands of other people," he told me. Angell is currently teaching a computer science course at a community college in Salt Lake City, Utah, where he lives. I was flabbergasted, wondering how Big Blue could let go a guy like this, who obviously has heavy duty data-analysis chops and is behind such seemingly important technology.
Only IBM Management would lay off primary inventors thinking it has enough to carry the idea forward to reality without the inventive father(s).
However the management greed from the 30's and 40's still remains.
Seriously, I wonder if just the Voight-Kampff test after being given a set of questions, when cross-referenced could detect terrorists. Domestic or Foreign terrorists have to be so programmed / screwed up to not have many human responses left inside.
However I stand by my statements. When a vehicle I use for business is not working, it is not making money for me (in fact it is losing money). Oil Changes are actually regularly scheduled preventative maintenance. Its not to be done _just whenever_ I don't happen need the vehicle.
It is a fact _regularly scheduled_ maintenance is to be performed as normal course of business. It is for sure I want to keep the vehicle operating as much as possible as to why it is done in the first place! It's not that I don't need just then the vehicle -- server or apps. I really need the minor _regularly scheduled_ maintenance change to it to better offer the primary service, and that is what must function perfectly.
Regularly scheduled IT maintenance ought to be predictable, repeatable, and quick and seen to be done as course of business not late at night on weekends. That time is for really necessary things that can't be done otherwise.
You bring up regular business hours... but don't realize that means exactly nothing in IT. 06:00-16:00 GMT or 08:00-18:30 EST? What day is not a regular day: Boxing Day, the last Thursday in November for the USA. That the customers (internal or external) will of course be on the IT guy's same calendar schedule is a misjudgment.
You say that few business are not prepared to pay the cost of a completely redundant system. I'd say that IT models exist where this is not necessary. Virtualized hosts are one way that is just now being explored but conceptually and actually has been around since S/390. The consumers haven't asked to their vendors why redundant systems are so expensive. Business has to vote with their purchasing and vendor allegiances.
10 years ago you could buy a truck for your company that had more built in "safety systems," "3rd party crash & reliability analysis", and monitoring telemetry than a WinTel server. Today that has changed, HP has improved iLO, IBM has done a bit with RSA, and RealWeasel saved a few butts Im sure.
Yet, today I still meet admins that don't know without going to google how to collate & leverage the results from SMART, thermo sensors, and serial/terminal console hardware errors. These are "free" predictive monitors when the system is up.
Fewer out of techschool/university know about IBM RSA, HP iLO, DELL DRAC or similar technologies that you have to use after the server is casters up. I don't see them just as out of band management but "flight data recorders" as well -- if you know how to use them.
Still missing is the "3rd party crash & reliability analysis." Why purchase IBM over Dell servers? What is the defect rate of Seagate HDD over XYZ? At what rate are PSU failures, rate of memory failures, etc... What are the vendor RMA rates? All this is hidden actually by IT having poor practices. Firestone nearly went bankrupt with its fiasco of popping tires - federal investigations I think were held. If you get a bunch of bad capacitors (The capacitor plague of late 90's) into crucial product lines no one screams, no one calls for investigations. IT scrambles and survives and hopes not to repeat the mistake.
Any such reliability rating & metrics for software producers of consumer products has been self deemed impossible or too expensive by IT professionals and thus not seriously spoken of anymore. This is the greatest cop out and con job of the 20th and 21st Century.
A great step forward and yet backward for IT professionalism.
Lastly, other industries and businesses know how to hire skilled labor to maintain their business _while_ the business is running (Bankers, doctors, nurses, janitorial, construction, plumbers, etc). These skilled professionals know how to effect changes to the work place discretely and to not give bad impressions to the customer.
IT as an industry isn't picking up the same "we work in the background unnoticed, perhaps just screened off" but instead loudly and obtrusively makes business bend to IT practi
Doctors, Nurses, Medical Staff, Police, Fire/rescue often work 12 hour shifts and holiday.
However those professions realize and have by experience been bitten by the consequences which aid them in helping the professional know their limits and the limits of their peers.
First these professionals make mistakes during the day. More so when overtired, Even more so when out of their normal sleep pattern. Technology professionals somehow ignore this and think they are superhuman and often promote this.
"Oh I stayed up all night to fix your server!" Pat me on the back! While probably true, I don't want to hear that sentimentality from my admin. It meant something went horribly wrong and I don't want it to ever happen again.
Doctors, etc as cited know that they would perform in a diminished capacity the next day and not schedule surgery and/or the hospital management would know to give them a resting day as the liability of mistake be too great. Safety services know that some other station has to possibly cover a crew that just came off a fire/rescue and be very wary to send the same crew back in. Technology companies ignore this to their own embarrassment which is justly earned.
Second doing business changes (minor or major) on weekends or holiday nights is _bad business_ in that it demonstrates the fragility and unreliability to which they do not admit to customers. Why not do the same operation during normal hours?
Would anyone take their business' truck to the car mechanic for an Oil change and accept, "well we have to do it between 3am and 4am so as not to impact your business."
But it's an OIL change, it happens frequently, everyone ought to expect it to happen! This is exactly the same to me as a minor patch, price lists, firewall rules, and application rules for business policy. Such ones are expected, frequent and shouldn't have to be done like as they are now at a forsaken hour in the morning.
The more complex example is "Oh the engine overhaul is going to be b/w 3 and 4am" - I would say give me another truck that does the same thing and I'll be back after you fix my truck during the day when your awake. The analog is the system upgrade. Providers go into fits -" but but your system was so tweaked, We can't simply move it to another CPU", etc... Blah. Its because most centers don't know how to offer a real solution.
IT Professionals ought to advance the profession and figure out why they are working 12 hour shifts and holidays and then systematically eliminate these events as much as possible till only having to do so when a human life or safety systems is jeopardized.
Why IT professionals are not publicly beating up IT vendors for poorly written OS, barely redundant equipment, poorly designed apps, etc, is beyond the scope here.
Who is going to be the next Ralpf Nader, who will write "Unsafe at Any Speed" for the IT industry/Computing Science.
Very, Very few Center Managers actually performed any kind of statistical process control analysis for quality in the datacenters I worked for which were huge and did work for.gov, finance and top 500 and they barely did it. They eventually fired the poor guy as he kept proving management wrong. We had long conversations that helped me understand technology for what it was: "La Technique: L'enjeu du siècle" was an eye opener.
Very few managers understood what project management & change windows were in a datacenter and usually managed to a staffing model which could only break in times of heavy load, inducing a bigger emergency later on.
Really management held the mentality of "the Maytag repair man" is who they need to hire by the business plan but the reality was a team of MacGuyver's were needed for the workload over several clients.
Even educating them on vendor patch cycles and technology refresh could not break them out of scarcity = profit mentality.
The admin team experienced over and over that that next month is the month where Microsoft is going to pound us with new critical patches. Despite explaining this, management also put the work of putting unrelated project X into motion or finishing that same next month.
Extensive studies about patch cycles or changes (failed, back out, succeeded) take a long view - an X bar control chart shows spikes and abnormals. It then takes some analysis to then determine staffing levels that can handle the work on average. It takes a huge business insight to understand why something fell outside the norm and how to handle it when it comes again. Really I don't think the technology today can be managed to wholly eliminate outlying events like traditional manufacturing processes. The now typical 3 year tech cycle prevents such work.
It is true statistical process control can be made to lie but it is better than uneducated guessing.
To me datacenters are huge machines you can walk inside of, really no different than megawatt power generation or pharmaceutical manufacturing and ought to be better managed. I say this in that when they go offline or do not function well an aspect of human safety and productivity is jeopardized.
My favorite manager who I worked for briefly before he retired said, "Cowboy managers and admins have no place in my shop. I want science put back into Computer Science, don't snow me with new technology."
IBM perhaps could still pull off a major internal transformation as they actually did once from Token Bus & Ring to Ethernet/Fibre in the late 80's and 90's. Im not sure if IBM ever phased out SNA at all their sites and customer connections.
However the Management team is gutting the company too much and overspecializing workers so that most US centers are in so much worry about Resource Actions that such major internal projects are probably walking wounded.
IBM has always been known for overkill of technology so holding 9.0.0.0 space is nothing new. Once I heard of Network Engineers having fibre and DS1 to the _desktop_ in the 80's and 90's just because they could.
Internally during the 90's boom I saw baked into contracts a really nice test lab for your customer's environment, what ever happened to that new low milage equip after the contract ended was like an internal fire sale.
IBM also still lists heli-pads near key sites just in case a critical skill or part has to be flown in/out.
Perhaps the big globalized corps will say in a few years - we've dumped IPv4 internally and skipped passed IPv6 to something we mere mortals don't hear about yet.
Isn't this why most nations have some sort of seed vault and plant domestication program?
Svalbard was the most recent. However if massive glaciation reoccurs Im not sure who can get to it.
Other countries have found out the hard way for crop failures. Ireland's potato famine (began in 1845), the USA with dutch elm disease, the chestnut blight (1904).
Plants in general have no defense against a rapid ecological or geographic change but do have the advantage over the long run.
I remember the 1980's pushes for anti-pollution. Why are we not still focused on that? Global warming is a possible effect not a proven reality. The rational thing is to name the cause and fight that. Focusing to solve a possibility like Global warming detracts from efforts to grapple with global pollution which comes from human activities and results in learned helplessness, mental and physical disease, overuse of land, poisoning of the food web with mutagenic chemicals and endocrine disruptors.
We shall fart methane but we will also use intellect and will figure something out and survive. And thats the crux of the problem. Humans are the only species hell bent on eugenics.
The Biologists say the _minimal_ replacement value for maintaining a mammal species is just over 2 offspring per couple. The West is hell bound in legislating under global warming subterfuge 1 child per couple. They don't say who will decide who gets to breed. This is the door to GATTAGA. A nice life for those deemed worthy to be useful. Hitler actually went forward with it in his Law for the Prevention of Hereditarily Diseased Offspring (1933) and the T-4 euthanasia program.
For me I want to have as many children as possible so as to ensure my seed survives without the need for a seed vault. More importantly it is that my culture - that which I give to my children will also survive over those who voluntarily castrate themselves.
I pre thank those who have already done this, for my children shall sip their coffee and watch and enjoy today's endangered species when your seed is dead from the earth.
This has already happened. Lack of growers, a major warehouse fire and generally increasing consumption caused a shortage on the spice that which gives beer its flavoring.
In the United States alone, there were an estimated 515 hop growers in 1950; 75 in 2000 and just 45 today[2008], Ward says. In 2006, about 2 million pounds of hops were destroyed in an S.S. Steiner warehouse in Yakima, equaling about 4 percent of the U.S. hop crop. All the while, beer sales are increasing worldwide by about 1 to 2 percent annually. The craft brewing industry is growing yearly by 12 percent. That economic reality is pushing hop growers back into the fields.
I think your looking for a word in the thesaurus that doesn't exist but really it is a modern problem. Steven Colbert sensed this with the "product" such as the paste on Hitler mustache for anybody's portrait.
There is not a nice politically correct way to say willfully deride, malign, or intend a vicious and ill parody of person or entity for profit. Many hide under the guise of sarcasm of a celebrity or public figure but that is not their true intent.
Others instances are not so such as Che Guevera, and the people never get a dime from all those t-shirts did they? But his image "pushes" a lot of "for profit products", to so many hipsters who don't know what he really did or didn't do yet he himself was Marxist.
This is a strange world of legal and human relationships
Why is this even news. It seems a bit prejudiced on/. to bring up this story. What other news stories of real importance could have been voted up.
The Catholic Church had practices for the protection of seals and other insignia long before some countries were countries or some peoples learned the the rule of Western law. 1) Vatican is a sovereign state. 2) They have a permanent observer status at the United Nations. 3) The Vatican has been more or less willing to send amassadors (Nuncios) to every major Western Nation for the bulk of history. 4) The Vatican respects the legitimate rule of law (as per their moral system which is based on natural law and their Canon system) of other sovereign nations and peoples 5) Some 2.2 billion persons have a relationship to the Vatican
So next time try the litmus test where one inserts one's own race/creed/nation into the sentence and see if it sounds awkwardly prejudiced. [United Kingdom] Declares a "Unique Copyright" On the [Constitutional Monarchy] [United States] Declares a "Unique Copyright" On the [Presidency] [China] Declares a "Unique Copyright" On the [Premier of the State Council] [Saudi Arabia] Declares a "Unique Copyright" On the [House of Saud]
Doesn't sound alarmist or noteworthy to me for the other ones.
Access to offshore bank accounts for tax evasion is one motivation for sure. Already since US moved from the gold standard in '71 the idea of money has been redefined in such a way that those who control major hubs of wealth generation can redefine value and exchange to anything they want. I always laugh at the $1 salary CEO's tout to the press. Their families expenses being covered 100% by the company covertly somehow.
However I think the problem is more deeply rooted in that the US need to figure out how to quietly adjust the flow of currency to what is "extant" out there in foreign banks minus all the counterfeit bills that have been moving out of target countries since the coldwar and Gulfwars I and II. The US is trying to quietly CYA against global banking collapse due to all the bubbles. If "money" is not flowing its not "working" as intended by the world bank. There are those that horde paper money offshore thinking they actually have something of intrinsic value which it is not.
The project is solely designed to bolster the corporate/industry agenda. Their lack of intent to immediately prosecute show their intent is to datamine to build up their overall case.
Even if it was found that 95% of the traffic was legitimate they would hold up the 5% as proof of the devastating loss to their profits and will ask for more severe legislation and fiscal relief in tough economic times.
Until governments and real people understand the recording industry's practice of not paying the artists in a "normal" arrangement this will continue endlessly. Really would any engineer just hired at YoyoDyne agree to a 5-10 year exclusive contract, the company immediately deduct all profits off his work to pay off his "advance," be willing to pay for all the publicists, agents, middlemen, nepotism in the exec's office, sycophants of their entourage, etc... Have their evaluation based on popularity polls given by radio/tv/internet which sometimes are skewed with payola.
What is the biggest of the 3 big "sinks" of copyrighted data in the internets - Pirated Binaries, p0rn, or music and associated videos? We only hear 2 out of three industries most of the time never all three united before the Govenment.
I feel for Prince (whatever his name is now) as he is both artist and producer personally defending his copyrights but most of it is by nameless lawyers on behalf of their clients. I'd take a few big names to give up a few hours to film some adverts just saying - when you DL my album I thank you, When you pay for that DL I will eventually get paid by the record company so I can pay all the people in the band and that support us in making music (soundstudio, roadies, catering, babysitting, mistress (ahem)...) I encourage you to pay for it and tell your friends to please pay for it else I can not produce more because Im a indentured to the music industry.
For the music industry I meh at their pathetic grasp for money, for the p0rn producers and "artists" I laugh because they can not even do the same thing and are being "driven out of business" will all their copyrighted stuff being the flotsam in the internets.
Many non US governments hold top executives as the responsible party for their corporation. Thus when a lawsuit comes there s not just a bunch of lawyers representing a corporate name but someone is actually hauled in front of the judge. Many Western Executives are unable to travel to certain countries because they have been indicted, tried (sometimes in absentia) and personally found guilty of allowing graft, corruption, carelessness, criminal activities of others (often the locals) in their employment in the Global company. I believe Union Carbide in 84 and IBM Korea in 04 tried to get such testimony.
As an executive with the duty of oversight they were supposed to ensure such acts never happened in the lower ranks. Probably the Italians think that Google has a local presence that should have caught the video and reported it under local laws. This is chilling if some foreign government lawyer ever wants to extradite me because I did or didn't click on the inappropriate content button.
But I kind of have to meep Meep at.IT as they as a nation can not even successfully oust Silvio Berlusconi after so much that has happened. The thought that Lodo Alphoso act for executive immunity could be worked, seems like the guy has a Caesar/Napoleon Complex
If Japan participates in ACTA and other international treaties then this could be a circumvention of encryption controls type of crime which would incur greater penalty than larceny or simple theft.
To the Law outside is there a difference of kind to manufacture lock picks vs to sell them vs being actually caught picking locks vs being searched and having one found on your person?
I think the hardest thing for gamers and writers to face is that the plot has to end in some forced timeframe. Reviews kill game houses that end the game with only 6 hours. Others pan a game for having 40 hrs of in game content.
WOW, EVE and others you can play for man months if not years as the outcome of the plot is injected and/or generates over time.
For RPGs go for a multiple (but less than 4) story arcs that are solid. B5, Trek and other successful series use this method as hopefully at least one will captivate the playing audience and immerse themselves into the story.
The best "trick" was Star Wars and the Boba Fett/Biggs or HL's Freemen sparse & unwritten arcs. How much fun was it to have the players/readers live that out for themselves and then build entire mod's or experiences around just a few ideas of a character. -- Thats the Role Play in RPG.
Even Halo's abrupt end due to budget cuts was like having your favorite serial TV show have a cliffhanger midseason!
Really what your being unspecific about is the difference between upgrade versus an overhaul.
From the floor up (power, cooling, cabling, footprint) is an overhaul. If you want a phase approach or some other piecemeal approach still you have to consider each a small overhaul within a larger system.
7 year old equipment is likely not going to be cascaded so really your considering it as candidate for heart transplant which means building a some sort of life support while the new system (heart) is brought on line in parallel. This is very expensive in time, budget, and resources.
Your really going to know your business' processes over the course of more than a "business year" so as to do everything without problems.
Business moments like tax time, EOY reports, monthly invoicing periods, HR/payroll are to be expected and must still function. Un predictables like supporting business audits (like having to pull up old records, on systems that no longer read them?) and changes in executive leadership also would impact an upgrade/overhaul.
At no time did you ever mention disaster recovery plan, regular offsite backup strategy or a business continuity plan. These are often overlooked or dealt with inappropriately during normal business times and should be verified prior to beginning. A major overhaul or upgrade could or ought to trigger any one of these at any moment.
I have been there, and I have been there when everyone in the room craps in their pants when the tapes have been found to be lost or unreadable or blank.
I don't think Apple's concern is for the health safety of the technician. It rarely is.
I think Apple has it written that it has the right to classify the devices used by smokers as being operated in extreme environments.
1 b Limitations (ii) Damage to the Covered Equipment caused by accident, abuse, neglect, misuse (including faulty installation, repair, or maintenance by anyone other than Apple or an Apple Authorized Service Provider), unauthorized modification, extreme environment (including extreme temperature or humidity), extreme physical or electrical stress or interference, fluctuation or surges of electrical power, lightning, static electricity, fire, acts of God or other external causes;
Specifications for engineering do account for a quality of air standard being implicit to the design. Industrial installations (areas known for pollution) will require industrial filtration for computers. IBM, Compaq, HP and others used to sell such as they knew their boxes would be in such situations where dust and or ambient pollution would be sucked in and deposited over the fans, heatsinks, electronics. Induced humidity and heat stress, fatigue and failure on electronics used to be very common.
Being a California company Apple forgets that other places and regions of the world are not yet so "progressive" to eliminate all forms of indoor pollution as their legislatures.
Computers & electronics used in medical Offices, Centers, Hospitals, etc where airborne disease is commonly encountered ought to also be equipped with industrial grade filtration and the mice/keyboards regularly decontaminated and eventually changed out and safely recycled.
Also I've been known to use dust masks for servicing inside computers deployed at schools, archives and warehouses due to possible hantavirus conditions. I
For myself I think at least in USA the follow-on question is how is there a vaccine for something that by political reasons generates so much revenue in taxes, something like 33 billion?
Yes indeed the health care costs for emphysema and COPD and cancers of lips,gums, larynx, tongue, esophagus and others are like 133 billion.
How far is the concept of vaccine taken if Brazil, China, Turkey, India and USA are still the 5 largest producers of tobacco? Wouldn't the recognition be that this harvest, about 20 billion worth of it has to be ended at least for human luxury use?
It's like after Fleming inventing penicillin somehow we are deluded to think its OK for products full of bacteria to be still on the store shelves and saying well we got penicillin we can also have these too - the penicillin will save us when we want it. That's not the concept of vaccination.
They just need to know the general and specifics about the make,model and type of the types of means Win7 implements and then they delve deep into their big o key ring and use what they already have.
Really what you think their super computers are doing? They are computing tables, hash matches and every key ever possible. Then they go about doing real work of breaking encryption with distributed and finessed brute force.
When have a key making machines why even bother with backdoors? The NSA is patient, it's what makes them good at what they do.
Anyhow I think the NSA doesn't need a back door it just wants to know where all the access points are then they can just lift the whole whatnot off the hinges - from the outside- and do whatever they please at that point.
Im sure they took a bit of a look at bit locker and have or will figure that out. MS already has perhaps given the all the "tells" they probably need to figure out how to reduce the key space. I wonder if MS would hide one well known file outside the locker but encrypted in the same key and NSA can chew on that to find out the key for the whole volume.
Anyhow I admire them, NIST and NSA, for what they try to do. If it keeps Mafia out of banking great. If they can put the next Madoff/Galleon Group behind bars before they make a mess that's a plus as well.
Slashdot Mirror
If anything cryptome can now hit up US.Gov with numerous FOIAs for any documents relating to this document or relationship of law to Microsoft and get it again. If it is copyrighted, yet given to the US government it should be able to be opened up this way. I wonder how it will come back redacted or not. There may be precident with some national legislation that is copyrighted and transparency in US government.
Microsoft Products - Unsafe at anyspeed
Management that doesn't care about policies is doing nothing for lots of money.
Management by definition is to direct the operation of the business as set forth by the owners - which takes the form of written policy (in the general sense).
I know managers get exhausted by the bureaucracy, this is a fact but not an excuse to get out from their responsibility.
The western model of business is flexible but at some point the roles between owners/managers/workers/customers are there, unavoidable, and necessary for a business to be called a legitimate business.
Management wants a log with a name/date to demonstrate to themselves or external regulators, the management team hired the right skill and said skill is doing the work being payed for. Really they can't test much deeper, its not their role. Management ought to then hire pen-test experts to aid in assessing quantitive risk to the business processes.
This is the sad thing: IT Security, imho, is the greatest of cons of the 20th/21st century. You can buy a nice car today for your business that has more safety and security (R&D and road test) than most COTS laptops which just so happen be the accountants way to web browse to the payroll/banking funds which by the way is likely outside of the business intranet or VPN.
Brian Krebs formerly from the washington post, and others are leading the way to translate IT security lingo into cold hard cash lost to fraud, internal theft, and stolen products & productivity from business for savvy managers.
You mentioned the phrase screensaver lock. Even this shows that the IT con is persistent. It is no different than saying password.
Passwords are like locking your house with a big old fashioned shackle padlock that says pick me and forgetting you have windows, a cellar door and a dog door on the backdoor that have a hook or something less for a mechanism.
Passwords are now some 39+ years old "technology" we the IT community are deficient in not delivering up the next solution that is easy, friendly to use, safe and predictable. Instead we keep whipping dead horses.
Any real IT solution ought to institute the sacred 3: Something you have, Something you know, something you are as minimal the for authentication. Zero COTS OS institute this. This is a conjob on the public by IT R&D, programmers & hardware manufacturers to sell what is possible and necessary as marked up aftermarket upgrades.
A past significant loss of data to a small company ought to be enough of an impression for the owners/partners to realize they at risk of repeating the event.
I would frame to my managers/owners in this way, "That vital data integrity, trade secrets, IP or other tangible assets are at risk" and the best way to know the exposure is to measure that risk via independent audit.
Business types ought to respond to such a line of argument as it makes dollars & cents to them in their world view. A business owners direction for independent audit should be seen positively not negatively. What owner does not agree to oversee his own enterprise? She can delegate the authority but not responsibility for it to be conducted. When any business fails, the creditors come after the owners not the workers.
It is when external regulators and/or .gov _order_ an audit that Business owners should tremble.
Managers are never to be end-run during audit. In fact they are vital to the audit process being correctly executed as auditing is actually a _management responsibility_. They must institute business direction to correct exposure to the business and report to owners that the risk was eliminated or is actively managed to the owner approved level.
Also from the worker side, asking permission to superiors for conducting a "Disaster Scenario" Drill is plausible. Exposing this risk and any others which are found in a formally written, non-biased, non sensational analysis submitted via management to the owners would be the conclusion of the drill. Management would see the errors 1st and institute business direction accordingly with owners who are briefed by these managers.
However not knowing the circumstances, I assume that it sounds like a serious virus outbreak as you mentioned a complete wipe& reload scenario.
1) Most likely the owners don't trust the IT guys with their machines and think they can do it themselves.
2) The trust issue could be well founded, in that their next big thing is not able to be "released" beyond their diligence, for fear of competition this outweighs the backup requirement.
3) Again they may not trust the IT department for past errs or hurt feelings your not aware of.
4) The trust issue could also be defensive in that they have data on them they want no one to "see", gain access into, or leak to other subordinates, media, family, or law enforcement.
If the owner & management team is dead set against independent audits and self drills, beef up your resume and get the heck out. They are playing fast and loose with the money and the business is tanking.
Google's stance on database security is poorly documented and certainly not open. I've yet to find comprehensive peer review of their architecture security (but then they are a for profit enterprise) and need not comply like Oracle, IBM DB2, MySQL?
Numerous opportunities exist in the chain of data that Google is slurping through to build in "back doors" either deliberately or by "accident" expose data.
Somehow they "parse" accounts for words, addresses, html code, etc then use those datapoints to do statistical cross references to build the ad's. Thats elementary. However since they parse EVERYTHING in the account somehow the programmer(s) have to make design decisions on how to go about it. Is there one process per type of data. One that just looks for PDF code vs keywords? Is there one process per country with applicable rules for that country? Are the configuration tables for that process well protected and not able to be circumvented?
Google has to crack open each file, Adobe reported a breach so perhaps the attack vector was in the PDF parse/scrubber at Google.
It would be trivial "once inside the system" to set configs to just suck out everything instead of what that particular process ought looking for and tee the result over to some obscure process or table buried deep in the DB to retrieve it later by some query.
Once you found a marker to your target you'd just have to find the right DB keys they are associated with to get all the other data about them. Somehow every Google account has a primary or some other key that associates the data. No one is asking about low level DB security on this thread. Who exactly gets granted access to the primary and following keys and tables. Who has authority to restart processes? Are processes logged as to why they restarted with new values?
It's quite possible there is a way to view Google accounts outside a web-interface which is what normal people think when they hear back door. Its more sophisticated than viewing the raw dump. I suspect the intrusion proved the new horizon for security: That it ispossible to "re-assemble" most if not all the account from the database(s) if you've p0wnd the DB at a low level without the need for a backdoor to the actual account nor the Google foundational OS/netstack. The Chinese probably attacked and penetrated the DB's somehow.
I think this is the great oversight it was not just that Gmail was hacked. It is broader to say Google Accounts; gmail points to web search which is tied to Picassa, which is tied to Blogger, which is tied to youtube, etc....
All these have to be fortified at the DB level else any other measure of security is meaningless.
Apparently Today's IBM Management is not so perfect. From the 1st article cited
Only IBM Management would lay off primary inventors thinking it has enough to carry the idea forward to reality without the inventive father(s).
However the management greed from the 30's and 40's still remains.
Seriously, I wonder if just the Voight-Kampff test after being given a set of questions, when cross-referenced could detect terrorists. Domestic or Foreign terrorists have to be so programmed / screwed up to not have many human responses left inside.
Analogy and metaphor are never perfect.
However I stand by my statements. When a vehicle I use for business is not working, it is not making money for me (in fact it is losing money). Oil Changes are actually regularly scheduled preventative maintenance. Its not to be done _just whenever_ I don't happen need the vehicle.
It is a fact _regularly scheduled_ maintenance is to be performed as normal course of business. It is for sure I want to keep the vehicle operating as much as possible as to why it is done in the first place! It's not that I don't need just then the vehicle -- server or apps. I really need the minor _regularly scheduled_ maintenance change to it to better offer the primary service, and that is what must function perfectly.
Regularly scheduled IT maintenance ought to be predictable, repeatable, and quick and seen to be done as course of business not late at night on weekends. That time is for really necessary things that can't be done otherwise.
You bring up regular business hours... but don't realize that means exactly nothing in IT. 06:00-16:00 GMT or 08:00-18:30 EST? What day is not a regular day: Boxing Day, the last Thursday in November for the USA. That the customers (internal or external) will of course be on the IT guy's same calendar schedule is a misjudgment.
You say that few business are not prepared to pay the cost of a completely redundant system. I'd say that IT models exist where this is not necessary. Virtualized hosts are one way that is just now being explored but conceptually and actually has been around since S/390. The consumers haven't asked to their vendors why redundant systems are so expensive. Business has to vote with their purchasing and vendor allegiances.
10 years ago you could buy a truck for your company that had more built in "safety systems," "3rd party crash & reliability analysis", and monitoring telemetry than a WinTel server. Today that has changed, HP has improved iLO, IBM has done a bit with RSA, and RealWeasel saved a few butts Im sure.
Yet, today I still meet admins that don't know without going to google how to collate & leverage the results from SMART, thermo sensors, and serial/terminal console hardware errors. These are "free" predictive monitors when the system is up.
Fewer out of techschool/university know about IBM RSA, HP iLO, DELL DRAC or similar technologies that you have to use after the server is casters up. I don't see them just as out of band management but "flight data recorders" as well -- if you know how to use them.
Still missing is the "3rd party crash & reliability analysis." Why purchase IBM over Dell servers? What is the defect rate of Seagate HDD over XYZ? At what rate are PSU failures, rate of memory failures, etc... What are the vendor RMA rates? All this is hidden actually by IT having poor practices. Firestone nearly went bankrupt with its fiasco of popping tires - federal investigations I think were held. If you get a bunch of bad capacitors (The capacitor plague of late 90's) into crucial product lines no one screams, no one calls for investigations. IT scrambles and survives and hopes not to repeat the mistake.
Any such reliability rating & metrics for software producers of consumer products has been self deemed impossible or too expensive by IT professionals and thus not seriously spoken of anymore. This is the greatest cop out and con job of the 20th and 21st Century.
A great step forward and yet backward for IT professionalism.
Lastly, other industries and businesses know how to hire skilled labor to maintain their business _while_ the business is running (Bankers, doctors, nurses, janitorial, construction, plumbers, etc). These skilled professionals know how to effect changes to the work place discretely and to not give bad impressions to the customer.
IT as an industry isn't picking up the same "we work in the background unnoticed, perhaps just screened off" but instead loudly and obtrusively makes business bend to IT practi
I agree with the statement but not the reason.
Doctors, Nurses, Medical Staff, Police, Fire/rescue often work 12 hour shifts and holiday.
However those professions realize and have by experience been bitten by the consequences which aid them in helping the professional know their limits and the limits of their peers.
First these professionals make mistakes during the day. More so when overtired, Even more so when out of their normal sleep pattern. Technology professionals somehow ignore this and think they are superhuman and often promote this.
"Oh I stayed up all night to fix your server!" Pat me on the back! While probably true, I don't want to hear that sentimentality from my admin. It meant something went horribly wrong and I don't want it to ever happen again.
Doctors, etc as cited know that they would perform in a diminished capacity the next day and not schedule surgery and/or the hospital management would know to give them a resting day as the liability of mistake be too great. Safety services know that some other station has to possibly cover a crew that just came off a fire/rescue and be very wary to send the same crew back in. Technology companies ignore this to their own embarrassment which is justly earned.
Second doing business changes (minor or major) on weekends or holiday nights is _bad business_ in that it demonstrates the fragility and unreliability to which they do not admit to customers. Why not do the same operation during normal hours?
Would anyone take their business' truck to the car mechanic for an Oil change and accept, "well we have to do it between 3am and 4am so as not to impact your business."
But it's an OIL change, it happens frequently, everyone ought to expect it to happen! This is exactly the same to me as a minor patch, price lists, firewall rules, and application rules for business policy. Such ones are expected, frequent and shouldn't have to be done like as they are now at a forsaken hour in the morning.
The more complex example is "Oh the engine overhaul is going to be b/w 3 and 4am" - I would say give me another truck that does the same thing and I'll be back after you fix my truck during the day when your awake. The analog is the system upgrade. Providers go into fits -" but but your system was so tweaked, We can't simply move it to another CPU", etc... Blah. Its because most centers don't know how to offer a real solution.
IT Professionals ought to advance the profession and figure out why they are working 12 hour shifts and holidays and then systematically eliminate these events as much as possible till only having to do so when a human life or safety systems is jeopardized.
Why IT professionals are not publicly beating up IT vendors for poorly written OS, barely redundant equipment, poorly designed apps, etc, is beyond the scope here.
Who is going to be the next Ralpf Nader, who will write "Unsafe at Any Speed" for the IT industry/Computing Science.
Very, Very few Center Managers actually performed any kind of statistical process control analysis for quality in the datacenters I worked for which were huge and did work for .gov, finance and top 500 and they barely did it. They eventually fired the poor guy as he kept proving management wrong. We had long conversations that helped me understand technology for what it was: "La Technique: L'enjeu du siècle" was an eye opener.
Very few managers understood what project management & change windows were in a datacenter and usually managed to a staffing model which could only break in times of heavy load, inducing a bigger emergency later on.
Really management held the mentality of "the Maytag repair man" is who they need to hire by the business plan but the reality was a team of MacGuyver's were needed for the workload over several clients.
Even educating them on vendor patch cycles and technology refresh could not break them out of scarcity = profit mentality.
The admin team experienced over and over that that next month is the month where Microsoft is going to pound us with new critical patches. Despite explaining this, management also put the work of putting unrelated project X into motion or finishing that same next month.
Extensive studies about patch cycles or changes (failed, back out, succeeded) take a long view - an X bar control chart shows spikes and abnormals. It then takes some analysis to then determine staffing levels that can handle the work on average. It takes a huge business insight to understand why something fell outside the norm and how to handle it when it comes again. Really I don't think the technology today can be managed to wholly eliminate outlying events like traditional manufacturing processes. The now typical 3 year tech cycle prevents such work.
It is true statistical process control can be made to lie but it is better than uneducated guessing.
To me datacenters are huge machines you can walk inside of, really no different than megawatt power generation or pharmaceutical manufacturing and ought to be better managed. I say this in that when they go offline or do not function well an aspect of human safety and productivity is jeopardized.
My favorite manager who I worked for briefly before he retired said, "Cowboy managers and admins have no place in my shop. I want science put back into Computer Science, don't snow me with new technology."
I agree with him.
IBM perhaps could still pull off a major internal transformation as they actually did once from Token Bus & Ring to Ethernet/Fibre in the late 80's and 90's. Im not sure if IBM ever phased out SNA at all their sites and customer connections.
However the Management team is gutting the company too much and overspecializing workers so that most US centers are in so much worry about Resource Actions that such major internal projects are probably walking wounded.
IBM has always been known for overkill of technology so holding 9.0.0.0 space is nothing new. Once I heard of Network Engineers having fibre and DS1 to the _desktop_ in the 80's and 90's just because they could.
Internally during the 90's boom I saw baked into contracts a really nice test lab for your customer's environment, what ever happened to that new low milage equip after the contract ended was like an internal fire sale.
IBM also still lists heli-pads near key sites just in case a critical skill or part has to be flown in/out.
Perhaps the big globalized corps will say in a few years - we've dumped IPv4 internally and skipped passed IPv6 to something we mere mortals don't hear about yet.
Isn't this why most nations have some sort of seed vault and plant domestication program?
Svalbard was the most recent. However if massive glaciation reoccurs Im not sure who can get to it.
Other countries have found out the hard way for crop failures. Ireland's potato famine (began in 1845), the USA with dutch elm disease, the chestnut blight (1904).
Plants in general have no defense against a rapid ecological or geographic change but do have the advantage over the long run.
I remember the 1980's pushes for anti-pollution. Why are we not still focused on that? Global warming is a possible effect not a proven reality. The rational thing is to name the cause and fight that. Focusing to solve a possibility like Global warming detracts from efforts to grapple with global pollution which comes from human activities and results in learned helplessness, mental and physical disease, overuse of land, poisoning of the food web with mutagenic chemicals and endocrine disruptors.
We shall fart methane but we will also use intellect and will figure something out and survive. And thats the crux of the problem. Humans are the only species hell bent on eugenics.
The Biologists say the _minimal_ replacement value for maintaining a mammal species is just over 2 offspring per couple. The West is hell bound in legislating under global warming subterfuge 1 child per couple. They don't say who will decide who gets to breed. This is the door to GATTAGA. A nice life for those deemed worthy to be useful. Hitler actually went forward with it in his Law for the Prevention of Hereditarily Diseased Offspring (1933) and the T-4 euthanasia program.
For me I want to have as many children as possible so as to ensure my seed survives without the need for a seed vault. More importantly it is that my culture - that which I give to my children will also survive over those who voluntarily castrate themselves.
I pre thank those who have already done this, for my children shall sip their coffee and watch and enjoy today's endangered species when your seed is dead from the earth.
This has already happened. Lack of growers, a major warehouse fire and generally increasing consumption caused a shortage on the spice that which gives beer its flavoring.
I think your looking for a word in the thesaurus that doesn't exist but really it is a modern problem.
Steven Colbert sensed this with the "product" such as the paste on Hitler mustache for anybody's portrait.
There is not a nice politically correct way to say willfully deride, malign, or intend a vicious and ill parody of person or entity for profit.
Many hide under the guise of sarcasm of a celebrity or public figure but that is not their true intent.
Others instances are not so such as Che Guevera, and the people never get a dime from all those t-shirts did they? But his image "pushes" a lot of "for profit products", to so many hipsters who don't know what he really did or didn't do yet he himself was Marxist.
This is a strange world of legal and human relationships
Why is this even news. /. to bring up this story. What other news stories of real importance could have been voted up.
It seems a bit prejudiced on
The Catholic Church had practices for the protection of seals and other insignia long before some countries were countries or some peoples learned the the rule of Western law.
1) Vatican is a sovereign state.
2) They have a permanent observer status at the United Nations.
3) The Vatican has been more or less willing to send amassadors (Nuncios) to every major Western Nation for the bulk of history.
4) The Vatican respects the legitimate rule of law (as per their moral system which is based on natural law and their Canon system) of other sovereign nations and peoples
5) Some 2.2 billion persons have a relationship to the Vatican
So next time try the litmus test where one inserts one's own race/creed/nation into the sentence and see if it sounds awkwardly prejudiced.
[United Kingdom] Declares a "Unique Copyright" On the [Constitutional Monarchy]
[United States] Declares a "Unique Copyright" On the [Presidency]
[China] Declares a "Unique Copyright" On the [Premier of the State Council]
[Saudi Arabia] Declares a "Unique Copyright" On the [House of Saud]
Doesn't sound alarmist or noteworthy to me for the other ones.
Access to offshore bank accounts for tax evasion is one motivation for sure. Already since US moved from the gold standard in '71 the idea of money has been redefined in such a way that those who control major hubs of wealth generation can redefine value and exchange to anything they want. I always laugh at the $1 salary CEO's tout to the press. Their families expenses being covered 100% by the company covertly somehow.
However I think the problem is more deeply rooted in that the US need to figure out how to quietly adjust the flow of currency to what is "extant" out there in foreign banks minus all the counterfeit bills that have been moving out of target countries since the coldwar and Gulfwars I and II. The US is trying to quietly CYA against global banking collapse due to all the bubbles. If "money" is not flowing its not "working" as intended by the world bank. There are those that horde paper money offshore thinking they actually have something of intrinsic value which it is not.
The project is solely designed to bolster the corporate/industry agenda. Their lack of intent to immediately prosecute show their intent is to datamine to build up their overall case.
Even if it was found that 95% of the traffic was legitimate they would hold up the 5% as proof of the devastating loss to their profits and will ask for more severe legislation and fiscal relief in tough economic times.
Until governments and real people understand the recording industry's practice of not paying the artists in a "normal" arrangement this will continue endlessly.
Really would any engineer just hired at YoyoDyne agree to a 5-10 year exclusive contract, the company immediately deduct all profits off his work to pay off his "advance," be willing to pay for all the publicists, agents, middlemen, nepotism in the exec's office, sycophants of their entourage, etc... Have their evaluation based on popularity polls given by radio/tv/internet which sometimes are skewed with payola.
What is the biggest of the 3 big "sinks" of copyrighted data in the internets - Pirated Binaries, p0rn, or music and associated videos?
We only hear 2 out of three industries most of the time never all three united before the Govenment.
I feel for Prince (whatever his name is now) as he is both artist and producer personally defending his copyrights but most of it is by nameless lawyers on behalf of their clients.
I'd take a few big names to give up a few hours to film some adverts just saying - when you DL my album I thank you, When you pay for that DL I will eventually get paid by the record company so I can pay all the people in the band and that support us in making music (soundstudio, roadies, catering, babysitting, mistress (ahem)...) I encourage you to pay for it and tell your friends to please pay for it else I can not produce more because Im a indentured to the music industry.
For the music industry I meh at their pathetic grasp for money, for the p0rn producers and "artists" I laugh because they can not even do the same thing and are being "driven out of business" will all their copyrighted stuff being the flotsam in the internets.
Many non US governments hold top executives as the responsible party for their corporation. Thus when a lawsuit comes there s not just a bunch of lawyers representing a corporate name but someone is actually hauled in front of the judge. Many Western Executives are unable to travel to certain countries because they have been indicted, tried (sometimes in absentia) and personally found guilty of allowing graft, corruption, carelessness, criminal activities of others (often the locals) in their employment in the Global company. I believe Union Carbide in 84 and IBM Korea in 04 tried to get such testimony.
As an executive with the duty of oversight they were supposed to ensure such acts never happened in the lower ranks.
Probably the Italians think that Google has a local presence that should have caught the video and reported it under local laws.
This is chilling if some foreign government lawyer ever wants to extradite me because I did or didn't click on the inappropriate content button.
But I kind of have to meep Meep at .IT as they as a nation can not even successfully oust Silvio Berlusconi after so much that has happened.
The thought that Lodo Alphoso act for executive immunity could be worked, seems like the guy has a Caesar/Napoleon Complex
If Japan participates in ACTA and other international treaties then this could be a circumvention of encryption controls type of crime which would incur greater penalty than larceny or simple theft.
To the Law outside is there a difference of kind to manufacture lock picks vs to sell them vs being actually caught picking locks vs being searched and having one found on your person?
I think the hardest thing for gamers and writers to face is that the plot has to end in some forced timeframe.
Reviews kill game houses that end the game with only 6 hours. Others pan a game for having 40 hrs of in game content.
WOW, EVE and others you can play for man months if not years as the outcome of the plot is injected and/or generates over time.
For RPGs go for a multiple (but less than 4) story arcs that are solid. B5, Trek and other successful series use this method as hopefully at least one will captivate the playing audience and immerse themselves into the story.
The best "trick" was Star Wars and the Boba Fett/Biggs or HL's Freemen sparse & unwritten arcs. How much fun was it to have the players/readers live that out for themselves and then build entire mod's or experiences around just a few ideas of a character. -- Thats the Role Play in RPG.
Even Halo's abrupt end due to budget cuts was like having your favorite serial TV show have a cliffhanger midseason!
Really what your being unspecific about is the difference between upgrade versus an overhaul.
From the floor up (power, cooling, cabling, footprint) is an overhaul.
If you want a phase approach or some other piecemeal approach still you have to consider each a small overhaul within a larger system.
7 year old equipment is likely not going to be cascaded so really your considering it as candidate for heart transplant which means building a some sort of life support while the new system (heart) is brought on line in parallel. This is very expensive in time, budget, and resources.
Your really going to know your business' processes over the course of more than a "business year" so as to do everything without problems.
Business moments like tax time, EOY reports, monthly invoicing periods, HR/payroll are to be expected and must still function.
Un predictables like supporting business audits (like having to pull up old records, on systems that no longer read them?) and changes in executive leadership also would impact an upgrade/overhaul.
At no time did you ever mention disaster recovery plan, regular offsite backup strategy or a business continuity plan. These are often overlooked or dealt with inappropriately during normal business times and should be verified prior to beginning. A major overhaul or upgrade could or ought to trigger any one of these at any moment.
I have been there, and I have been there when everyone in the room craps in their pants when the tapes have been found to be lost or unreadable or blank.
I don't think Apple's concern is for the health safety of the technician. It rarely is.
I think Apple has it written that it has the right to classify the devices used by smokers as being operated in extreme environments.
Specifications for engineering do account for a quality of air standard being implicit to the design. Industrial installations (areas known for pollution) will require industrial filtration for computers. IBM, Compaq, HP and others used to sell such as they knew their boxes would be in such situations where dust and or ambient pollution would be sucked in and deposited over the fans, heatsinks, electronics. Induced humidity and heat stress, fatigue and failure on electronics used to be very common.
Being a California company Apple forgets that other places and regions of the world are not yet so "progressive" to eliminate all forms of indoor pollution as their legislatures.
Computers & electronics used in medical Offices, Centers, Hospitals, etc where airborne disease is commonly encountered ought to also be equipped with industrial grade filtration and the mice/keyboards regularly decontaminated and eventually changed out and safely recycled.
Also I've been known to use dust masks for servicing inside computers deployed at schools, archives and warehouses due to possible hantavirus conditions. I
For myself I think at least in USA the follow-on question is how is there a vaccine for something that by political reasons generates so much revenue in taxes, something like 33 billion?
Yes indeed the health care costs for emphysema and COPD and cancers of lips,gums, larynx, tongue, esophagus and others are like 133 billion.
How far is the concept of vaccine taken if Brazil, China, Turkey, India and USA are still the 5 largest producers of tobacco? Wouldn't the recognition be that this harvest, about 20 billion worth of it has to be ended at least for human luxury use?
It's like after Fleming inventing penicillin somehow we are deluded to think its OK for products full of bacteria to be still on the store shelves and saying well we got penicillin we can also have these too - the penicillin will save us when we want it. That's not the concept of vaccination.
The NSA has not a need for a full on back door.
They just need to know the general and specifics about the make,model and type of the types of means Win7 implements and then they delve deep into their big o key ring and use what they already have.
Really what you think their super computers are doing? They are computing tables, hash matches and every key ever possible. Then they go about doing real work of breaking encryption with distributed and finessed brute force.
When have a key making machines why even bother with backdoors? The NSA is patient, it's what makes them good at what they do.
Anyhow I think the NSA doesn't need a back door it just wants to know where all the access points are then they can just lift the whole whatnot off the hinges - from the outside- and do whatever they please at that point.
Im sure they took a bit of a look at bit locker and have or will figure that out. MS already has perhaps given the all the "tells" they probably need to figure out how to reduce the key space. I wonder if MS would hide one well known file outside the locker but encrypted in the same key and NSA can chew on that to find out the key for the whole volume.
Anyhow I admire them, NIST and NSA, for what they try to do. If it keeps Mafia out of banking great. If they can put the next Madoff/Galleon Group behind bars before they make a mess that's a plus as well.
What about Sketchup Pro for OS X? I think it imports and exports to autocad 2007.