Exactly - and this is during the time where Macs have become commonplace in the corporate world and Linux desktops, while still rare, are definitely a thing. It took ages for the Mac S4B client to support recording meetings, our IT answer to this was 'just have someone on Windows record the call'. No one in our group of 38 people runs Windows (36 Mac and 2 Linux)... We didn't finish moving off WebEx (kept it for meetings > 25) and are now moving to Zoom for conferencing. We're still S4B for phones (or more commonly using our cell phones) and using Slack for IM. In my case I have >100 Skype consumer contacts and used to use it a lot, business communications has become split amongst all the above while personal stuff has moved to WhatsApp. What to destroy the value in what you purchased MS.
No it's widely open as anyone can apply for a Global Entry card and pay $100 for the background check. If you're not a GE user then yes right now it's elite frequent fliers only, but that was partly by design - folks that fly frequently will both gain the most and be the most frequent to not be extra traffic in the regular lines. The thing trusted traveler users are complaining about is that there's a random element to it - you can be sent to the regular security and still have to take your shoes off and go through the x-ray etc. So you can't count on saving that 10 minutes every time. I'm a Global Entry user, which has been great returning from abroad, but have never had the nod for the expedited screening line yet (0 for 4), and wouldn't want to time things close enough for ten minutes to make a difference anyhow. When I finally do get to go that way it's just a few more minutes in the lounge I guess.
It has to be one of the first things because they want to use it to weed out the test memorizing people paid to take the lab by the companies that then sell lab cheat sheets/ non-honest classes. It's only another hoop for those people to jump through but it may make a dent for a time.
In theory they can't lay off a ton of people in the US without pushing the H1B's out the door first - but it's unlikely they'll want to lose a bunch of their most cost effective workers. Be interesting to see what happens, they could have layoffs without layoffs (say it's all performance based), or the US could escape most of the cuts while the rest of the world gets layoffs. Suspect we'll see soon.
Not to mention 10 gig CX4 - which uses the same copper cables as Infiniband, and works for up to 15M - enough for many situations. I've used it extensively for server to top of rack switch, then fiber from the top of rack switch to a central pair of switches. 15M is enough for interlinking racks too provided the environment's not huge.
Re:PCI = PITA (but in a good way)
on
PCI Compliance
·
· Score: 2, Informative
At the lowest level, yes it's trivial. However it's a graded program:
* Level 1-Visa U.S.A. and MasterCard World Wide transactions totaling 6 million and up, per year, and any merchants who experienced a data breach.
* Level 2-Visa and MasterCard transactions totaling 1 million to 6 million per year. (The new requirement expands the number of Level 2 merchants to include former Level 4 merchants.)
* Level 3-Visa and MasterCard e-commerce transactions totaling 20,000 to 1 million per year. (The new requirement expands Level 3 to include former Level 2 merchants who process fewer than 1 million e-commerce transactions per year.)
* Level 4-Visa and MasterCard e-commerce transactions totaling up to 20,000 per year. (The new requirement decreases the number of Level 4 merchants.), and all other merchants, regardless of acceptance channel, processing up to 1 million Visa or MasterCard transactions per year.
As you process more the burden of compliance increases. It's not that hard though, and mostly common sense if you don't want to go out of business anyway. I agree with the author that the key point it getting companies to see that this is in their interests, rather than just a checklist to address once per year, and that the auditor can be an asset rather than someone to be deceived until they give a pass mark.
Very few consumers are clamoring for it - there's low demand. Early adopters are already gonna be shafted because both new formats will require HDMI - and the HD sets sold before this summer didn't have that - and A/V receivers still don't have that. (yes except for 3 $3K and up models I'm aware of)
HDCP and it's variants (and competitors) still aren't final, there's no guarantee anything HD purchased this year will interoperate, or play media from next year.
The great American consumer is going to have major issues with their very expensive new toys not working - even if us geeks are OK with a couple of firmware upgrades on our consumer electronics per year, there's gonna be a lot of helpdesk calls...
I agree - opensource tools are often at least equally good. However in some industries, specific tools are mandated, by either government or other overseeing institutions. In our case we are required to be compliant with VISA's Cardholder Information Security Program, and that is very precise as to what tools should be used and how often (and by whom) Likewise on the other end of the same thing, while I think I could configure iptables/snort etc. to be equally if not more secure than commercial packages - they won't enable me to put the ticks in the right checkboxes that very expensive products from Checkpoint/Cisco/ISS will. The issue is the lack of understanding by higher ups that a poorly configured/applied commercial package is just as useless as a poorly utilised opensource one. Even worse in fact, as they have wasted a ton of money that could have been better invested in training.
I run a small hosting company (about 100 servers) and we're currently running alot of RedHat 9. We've been testing Fedora core 3, RH EL, Solaris 10, Suse 9.1, Gentoo, CentOS, you name it. So far Fedora is winning out, with maybe Solaris for some applications where we need to run commercial software (oracle 10g). RH EL is way too expensive, particularly in SMP versions, it's not just Windows 2K3 they're competing with and they need to address that somehow.
Couldn't agree more. I've been stateside for nearly four years and radio 4 is the only thing I miss. 'Listen Again' on the web site is great when I've stuck in a colo for days on end, but it's streamed like the live feed. This is one occasion I would bless some well thought out DRM solution so I could both time-shift programmes and listen to them in a car - nothing would make a drive from LA to SF shorter...
It's pretty funny working with suppliers sometimes as we're a very small company but with somewhat large IT requirements - Oracle, Cisco etc. see us as a small business 50 employees, then we tell them what we need and their jaws drop.
People keep trying to sell us things, claiming their product had handle x bandwidth, 5x9's reliability etc. Then we do a pilot and their product fails miserably - 'oh we didn't think you were really going to push all that bandwidth'. Touch wood we've managed 5x9's for the last 12 months too...
The company I work for hosts some of the largest porn sites on the web - we have 4 gigs - Internet, and all the latest Cisco toys: iSCSI SANs, 6500's with load balancing, IDS, and firewall modules, gig E everywhere, real-time geographical load distribution, you name it.
My last two gigs were Universal and Sony (I'm in LA) and both were tiny Internet environments compared to this.
Our SAN has 7TB of content so far & we're adding 1/2 a TB a month...
Only a small percentage of users use bluetooth or international roaming, for those that don't a T226 is going to be fine. GSM850 penetrates buildings much better than GSM1900, so I for one would like to have it.
AT&T have just mishandled things by not conducting a survey first to figure out who really needed bluetooth/non US frequencies. Before all this publicity they could have made the survey ambiguous enough that everyone didn't claim to be using every T68 feature.
I just got the mail saying they're sending me a T226 yesterday, and their lack of thought/research is clear because: I pay extra for GPRS data service (which I use via bluetooth, I can't see many people using 10MB within the phone each month), and I also have international roaming enabled on the account, and have used it within the past couple of months.
I suspect they're going to quietly backpedal and give T610s or whatever to the higher paying subscribers who ask for them.
I believe it was used for the onscreen displays - where the girl says 'this is a unix system, we have these at school' and it's a 3D maze type user interface etc.
That if a privateer can build a cruise missile then all the billions the US is spending on Anti ICBM technology is money down the drain.
If either terrorists or a foreign power want the strike the US then holing up in the Ozarks and building a cruise missile out of a combination of publically available and smuggled components seems a pretty plausible way to do it.
I'm sorry to say it because I don't have a solution either, but making us take off our shoes at the airport etc. is an utter waste of time - terrorism is way too easy, just look at Iraq currently with GI checkpoints and patrols everywhere, even martial law doesn't fix the problem.
Politics is the only answer, coming up with some final solutions in the middle east...
ARIN and their members made this problem for themselves. If legit space was easier to get - you currently need to prove you have 16000 hosts. Then people would be more traceable and accountable.
Spammers are now in a very tight spot in that their address space gets blacklisted faster than ever before so they have to keep changing - at the same time they're still making good money to use to bribe people (by paying way more for bandwidth than is normal) into taking their BGP advertisments for space of dubious origin.
The old swamp space is never going to be reclamed just because legally it would be such a pain to do so - it would make more lawyers rich, without solving the problem because there will always be space left that can be hijacked if only for a shorter and shorter time.
If you really can't get DSL or cable fine. But in terms of browsing experience this won't come close. While bandwidth heavy pages that happen to be compressible MIGHT load faster, access won't be always-on, and will be miserable if shared between 2 or more users...
Maybe Cisco will be able to do IPSEC passthrough on their firewalls now. This is something Linksys have had working for a couple of years now, but Cisco have never introduced to the PIX with a whole list of excuses.
I'd like to see Cisco improve some things Linksys though:
Add PEAP support to the wireless gear - PEAP is the protocol Cisco and MS are pushing for security at the moment.
Delete the 3002 hardware VPN client and sort out the Linksys VPN access router instead - the 3002 is more expensive than just buying another PC.
The only products I can see being disappeared because of this are the rackmount Linksys switches. Cisco have always kept their cheaper ranges non-rackmount to discourage commercial use.
Once upon a time I looked forward to new windows releases, I remember going from WfW to NT 3.5, then NT 4.0, then 2000 (which I started running a year before release)
XP I hate, every time I have to use an XP system it takes me ten minutes to reset all the switches to make the UI Windows 2000 like.
I just bought a new laptop, first thing I did was blow away XP and replace it with 2000 (and linux). Here's to hoping that by the time 2000 is no use - because of lack of driver support and stuff, Linux will have it's act together and be all I need.
MS have gone on record as saying they want to secure home wireless networks, their solution for this is going to be PEAP, yet another variation on EAP (Extensible Authentication Protocol).
This is a PIA, already we have the certificate based EAP-TLS (supported in XP & CE4.0), EAP-MD5, the Cisco LEAP (supported everywhere but only with a Cisco client card), 802.1x - now a standard but not supported in it's vanilla format anywhere much yet, etc.
Guess what the cross platform support will be for PEAP ?
I'm just glad Linksys and Dlink exist, because it's going to be difficult for MS to displace them in the market, and dominate with a non-standard product.
These may also have a variation on uPnP, but I don't see how that will fit in with the security focus. Palladuim is miles off, look for that in the updated Christmas '03 product range.
There are two low end PIX's now which only cost $400 and $900 US anyhow, so any justification for doing this has pretty much evaporated.
If you're just using one for study purposes I don't have a big problem with it, but agree with prevailing sentiment that only the insane would put one into production.
Slashdot Mirror
Exactly - and this is during the time where Macs have become commonplace in the corporate world and Linux desktops, while still rare, are definitely a thing.
It took ages for the Mac S4B client to support recording meetings, our IT answer to this was 'just have someone on Windows record the call'. No one in our group of 38 people runs Windows (36 Mac and 2 Linux)...
We didn't finish moving off WebEx (kept it for meetings > 25) and are now moving to Zoom for conferencing. We're still S4B for phones (or more commonly using our cell phones) and using Slack for IM.
In my case I have >100 Skype consumer contacts and used to use it a lot, business communications has become split amongst all the above while personal stuff has moved to WhatsApp. What to destroy the value in what you purchased MS.
No it's widely open as anyone can apply for a Global Entry card and pay $100 for the background check. If you're not a GE user then yes right now it's elite frequent fliers only, but that was partly by design - folks that fly frequently will both gain the most and be the most frequent to not be extra traffic in the regular lines.
The thing trusted traveler users are complaining about is that there's a random element to it - you can be sent to the regular security and still have to take your shoes off and go through the x-ray etc. So you can't count on saving that 10 minutes every time. I'm a Global Entry user, which has been great returning from abroad, but have never had the nod for the expedited screening line yet (0 for 4), and wouldn't want to time things close enough for ten minutes to make a difference anyhow. When I finally do get to go that way it's just a few more minutes in the lounge I guess.
It has to be one of the first things because they want to use it to weed out the test memorizing people paid to take the lab by the companies that then sell lab cheat sheets/ non-honest classes. It's only another hoop for those people to jump through but it may make a dent for a time.
In theory they can't lay off a ton of people in the US without pushing the H1B's out the door first - but it's unlikely they'll want to lose a bunch of their most cost effective workers. Be interesting to see what happens, they could have layoffs without layoffs (say it's all performance based), or the US could escape most of the cuts while the rest of the world gets layoffs. Suspect we'll see soon.
Not to mention 10 gig CX4 - which uses the same copper cables as Infiniband, and works for up to 15M - enough for many situations. I've used it extensively for server to top of rack switch, then fiber from the top of rack switch to a central pair of switches. 15M is enough for interlinking racks too provided the environment's not huge.
At the lowest level, yes it's trivial. However it's a graded program:
* Level 1-Visa U.S.A. and MasterCard World Wide transactions totaling 6 million and up, per year, and any merchants who experienced a data breach.
* Level 2-Visa and MasterCard transactions totaling 1 million to 6 million per year. (The new requirement expands the number of Level 2 merchants to include former Level 4 merchants.)
* Level 3-Visa and MasterCard e-commerce transactions totaling 20,000 to 1 million per year. (The new requirement expands Level 3 to include former Level 2 merchants who process fewer than 1 million e-commerce transactions per year.)
* Level 4-Visa and MasterCard e-commerce transactions totaling up to 20,000 per year. (The new requirement decreases the number of Level 4 merchants.), and all other merchants, regardless of acceptance channel, processing up to 1 million Visa or MasterCard transactions per year.
As you process more the burden of compliance increases. It's not that hard though, and mostly common sense if you don't want to go out of business anyway. I agree with the author that the key point it getting companies to see that this is in their interests, rather than just a checklist to address once per year, and that the auditor can be an asset rather than someone to be deceived until they give a pass mark.
If the other major sites publicly state this it will help to nip this in the bud.
Double charging for network access is not equitable period, and yes, US consumer are paying too much comparitively already.
How big is this RFID chip? Small enough to be undetectable in the cover of the passport? How well will it function after being hit with a hammer?
For a couple of years at least.
Very few consumers are clamoring for it - there's low demand. Early adopters are already gonna be shafted because both new formats will require HDMI - and the HD sets sold before this summer didn't have that - and A/V receivers still don't have that. (yes except for 3 $3K and up models I'm aware of)
HDCP and it's variants (and competitors) still aren't final, there's no guarantee anything HD purchased this year will interoperate, or play media from next year.
The great American consumer is going to have major issues with their very expensive new toys not working - even if us geeks are OK with a couple of firmware upgrades on our consumer electronics per year, there's gonna be a lot of helpdesk calls...
I agree - opensource tools are often at least equally good. However in some industries, specific tools are mandated, by either government or other overseeing institutions. In our case we are required to be compliant with VISA's Cardholder Information Security Program, and that is very precise as to what tools should be used and how often (and by whom)
Likewise on the other end of the same thing, while I think I could configure iptables/snort etc. to be equally if not more secure than commercial packages - they won't enable me to put the ticks in the right checkboxes that very expensive products from Checkpoint/Cisco/ISS will.
The issue is the lack of understanding by higher ups that a poorly configured/applied commercial package is just as useless as a poorly utilised opensource one. Even worse in fact, as they have wasted a ton of money that could have been better invested in training.
I run a small hosting company (about 100 servers) and we're currently running alot of RedHat 9. We've been testing Fedora core 3, RH EL, Solaris 10, Suse 9.1, Gentoo, CentOS, you name it.
So far Fedora is winning out, with maybe Solaris for some applications where we need to run commercial software (oracle 10g). RH EL is way too expensive, particularly in SMP versions, it's not just Windows 2K3 they're competing with and they need to address that somehow.
Couldn't agree more. I've been stateside for nearly four years and radio 4 is the only thing I miss. 'Listen Again' on the web site is great when I've stuck in a colo for days on end, but it's streamed like the live feed. This is one occasion I would bless some well thought out DRM solution so I could both time-shift programmes and listen to them in a car - nothing would make a drive from LA to SF shorter...
It's pretty funny working with suppliers sometimes as we're a very small company but with somewhat large IT requirements - Oracle, Cisco etc. see us as a small business 50 employees, then we tell them what we need and their jaws drop.
People keep trying to sell us things, claiming their product had handle x bandwidth, 5x9's reliability etc. Then we do a pilot and their product fails miserably - 'oh we didn't think you were really going to push all that bandwidth'. Touch wood we've managed 5x9's for the last 12 months too...
The company I work for hosts some of the largest porn sites on the web - we have 4 gigs - Internet, and all the latest Cisco toys: iSCSI SANs, 6500's with load balancing, IDS, and firewall modules, gig E everywhere, real-time geographical load distribution, you name it.
My last two gigs were Universal and Sony (I'm in LA) and both were tiny Internet environments compared to this.
Our SAN has 7TB of content so far & we're adding 1/2 a TB a month...
Only a small percentage of users use bluetooth or international roaming, for those that don't a T226 is going to be fine. GSM850 penetrates buildings much better than GSM1900, so I for one would like to have it.
AT&T have just mishandled things by not conducting a survey first to figure out who really needed bluetooth/non US frequencies. Before all this publicity they could have made the survey ambiguous enough that everyone didn't claim to be using every T68 feature.
I just got the mail saying they're sending me a T226 yesterday, and their lack of thought/research is clear because: I pay extra for GPRS data service (which I use via bluetooth, I can't see many people using 10MB within the phone each month), and I also have international roaming enabled on the account, and have used it within the past couple of months.
I suspect they're going to quietly backpedal and give T610s or whatever to the higher paying subscribers who ask for them.
I believe it was used for the onscreen displays - where the girl says 'this is a unix system, we have these at school' and it's a 3D maze type user interface etc.
It feels like a long time since the 250GB drives arrived, there's a 300GB Maxtor but only in 5400 RPM.
What's the next increment and when will it come?
Is there a hard drive rumor site I haven't found?
Simon
That if a privateer can build a cruise missile then all the billions the US is spending on Anti ICBM technology is money down the drain.
If either terrorists or a foreign power want the strike the US then holing up in the Ozarks and building a cruise missile out of a combination of publically available and smuggled components seems a pretty plausible way to do it.
I'm sorry to say it because I don't have a solution either, but making us take off our shoes at the airport etc. is an utter waste of time - terrorism is way too easy, just look at Iraq currently with GI checkpoints and patrols everywhere, even martial law doesn't fix the problem.
Politics is the only answer, coming up with some final solutions in the middle east...
ARIN and their members made this problem for themselves. If legit space was easier to get - you currently need to prove you have 16000 hosts. Then people would be more traceable and accountable.
Spammers are now in a very tight spot in that their address space gets blacklisted faster than ever before so they have to keep changing - at the same time they're still making good money to use to bribe people (by paying way more for bandwidth than is normal) into taking their BGP advertisments for space of dubious origin.
The old swamp space is never going to be reclamed just because legally it would be such a pain to do so - it would make more lawyers rich, without solving the problem because there will always be space left that can be hijacked if only for a shorter and shorter time.
Simon
If you really can't get DSL or cable fine. But in terms of browsing experience this won't come close.
While bandwidth heavy pages that happen to be compressible MIGHT load faster, access won't be always-on, and will be miserable if shared between 2 or more users...
Maybe Cisco will be able to do IPSEC passthrough on their firewalls now. This is something Linksys have had working for a couple of years now, but Cisco have never introduced to the PIX with a whole list of excuses.
I'd like to see Cisco improve some things Linksys though:
Add PEAP support to the wireless gear - PEAP is the protocol Cisco and MS are pushing for security at the moment.
Delete the 3002 hardware VPN client and sort out the Linksys VPN access router instead - the 3002 is more expensive than just buying another PC.
The only products I can see being disappeared because of this are the rackmount Linksys switches. Cisco have always kept their cheaper ranges non-rackmount to discourage commercial use.
Simon
If a site doesn't want me then they can %^&* off. There's no shortage of sites that haven't resorted to pop ups.
Once upon a time I looked forward to new windows releases, I remember going from WfW to NT 3.5, then NT 4.0, then 2000 (which I started running a year before release)
XP I hate, every time I have to use an XP system it takes me ten minutes to reset all the switches to make the UI Windows 2000 like.
I just bought a new laptop, first thing I did was blow away XP and replace it with 2000 (and linux). Here's to hoping that by the time 2000 is no use - because of lack of driver support and stuff, Linux will have it's act together and be all I need.
MS have gone on record as saying they want to secure home wireless networks, their solution for this is going to be PEAP, yet another variation on EAP (Extensible Authentication Protocol).
This is a PIA, already we have the certificate based EAP-TLS (supported in XP & CE4.0), EAP-MD5, the Cisco LEAP (supported everywhere but only with a Cisco client card), 802.1x - now a standard but not supported in it's vanilla format anywhere much yet, etc.
Guess what the cross platform support will be for PEAP ?
I'm just glad Linksys and Dlink exist, because it's going to be difficult for MS to displace them in the market, and dominate with a non-standard product.
These may also have a variation on uPnP, but I don't see how that will fit in with the security focus.
Palladuim is miles off, look for that in the updated Christmas '03 product range.
There are two low end PIX's now which only cost $400 and $900 US anyhow, so any justification for doing this has pretty much evaporated.
If you're just using one for study purposes I don't have a big problem with it, but agree with prevailing sentiment that only the insane would put one into production.