Well the "media hub" (or similar) will become less of a PC and more of a device - closed off and in a shiny case. Accessed over your tablet in a nice web 3.0 interface. Same for games - on your console. PCs will become a niche thing, maybe kept alive as gaming rigs or enthusiast machines in the corner, but otherwise banished from the homes of "ordinary" people.
The server can go too, replaced with cloud storage or processing. Why do you think all the big players are giving you Office in the cloud (ok, apart from the regular revenue). Its because they see people using these traditional desktop softwares used over the network, if not on a tablet then on a keyboard and mouse plugged into the same tablet. (or look at the Surface, docking station = desktop).
The desktop will go, replaced with a on-demand processing in a datacentre somewhere.
and there are plenty of protocols that are lighter than SNMP - so if you're using a custom protocol, make it a good one that's efficient at doing exactly what you need. If it doesn't need to be efficient, then pick one that has the best tooling.
SNMP is a good interface for devices, but hey - the OP says he had a custom protocol, not SNMP.
DNSSEC gives you assurance that the domain you're connecting to is the server that says its hosting that domain. So you have no MitM attacks with un-authenticated encryption.
So splitting auth from encryption is a good thing, and can be done properly. You can have both, but at the moment you can only have both or none. None, is obviously not good.
Makes no diference. If I stuck wireshark on your network, I'd see all the packets being sent and could read them quite happily.
If you haven't encrypted them, I'd be able to read them without any problem whatsoever. The difference between HTTP and Custom protocol in this case - no whatsoever.
All http gives you is a standard set of knowledge, routing, software and devices that know how to handle it. That's pretty useful, given that you're not anymore secure than if you used it. So you might as well use http.
If you think 14-year old cars are new, I have a whole garage forecourt to sell you.
Besides, old cars are there entirely for hobbyists to tinker with - so if they need new fuel systems, many enthusiasts will look at that with delight as as excuse to spend more money and time putting them in!
I heard the problem at eBay was that an employee's login had been compromised (via social engineering apparently, but we might never know). Regardless of how that happened, that an employee was able to login from a remote location shows the sad state of affairs of security today.
When I worked at a credit reference agency, security was top priority - as if you lost someone else's data (eg a banks) then said bank would withdraw your access to their data, and that meant you couldn't continue to do business.
So we had the production servers in a datacentre that were physically disconnected to the internet. You wanted to update your SQL, someone had to go there (it was very close:) ) to update things. The only connection to the outside world was the web servers, and they had access solely to locked-down services that in turn solely had access to the parts of the DB that they needed to read from.
Layers of security like this mean that if you get your web site hacked (as happens, frequently) the attacker cannot do much damage. They must hack the services layer as well (which means attacking the OS they run on, through a very narrow firewall) and even then they would have to hack the OS security to gain access to a limited section of data. They'd have to further hack the DB to get access to all the data.
So no-one could ever realistically dump the entire user table in that system. Why anyone lets websites do less is a mystery to me.
Note: Even so-called "security editors" fall intot he camp of thinking layered security is not necessary. In this ArsTechnica story, the 'promoted comment' describes a riposte where the poster says the web server needs a direct connection to the web server!!! I can understand some junior web dev thinking it, I can't imagine anyone who knows security taking it seriously, yet many did. This is why we have breach after breach.
Principle is the same as VNC, but the leap in technical sophistication is huge
now if we could only get the same technical details into Wayland, the X diehards would stop whining about how slow it might be when running their remote displays!
Note to Value: open source whatever it is you do and tell the Wayland guys.
or that the integration with OneDrive is something you have to manage yourself, rather than have it so deeply embedded into the program you have to fight to save to local disk.
Or that you cna open 2 spreadsheets in 2 different instances, and that closing one of them doesn't close the other in some abuse of SDI/MDI paradigms.
bollocks. If he's asking for a "simple to use" alternative, the charity is probably not paying anything for it. so a free alternative makes a lot of sense.
If he's knocking up some simple DB, if he was to use the MS product, no doubt it'd be Access or Excel with a load of VBA scripting and macros - and that is usually worse than anything else.
LibreOffice's Base fulfils the same role as Access. just as good, not as expensive.
no, you simply outsource the development to where-ever is cheap.
American business doesn't need workers, they need executives to manage the important stuff: marketing, advertising, strategy, intellectual property, patents. That kind of stuff where the big bucks are.
or not have a single default password, each device could have a random one set as default (like how each has a unique MAC address for example) that's printed on the back.
Oh, and maybe we could make control software that is designed to automatically update remotely.
Or... radically, we could just not put a network port on them.
d'uh - the people "buying SAP" are C-level people signing it off. And they never get fired, they simply leave to spend more time with their family due to the stresses of their incredibly stressful job.
Same applies if the company goes bust - they still get first dibs on whatever payoff cash is left over.
its not stealing - they paid for the game. End of story.
Now, if the company wants to host servers and let players run about using them, then there's a fair assumption they should pay for the hosting and bandwidth and server admins and support guys required to run such a thing.
If they choose to run it themselves, on a LAN for example, then they pay for the running costs themselves directly. No big deal.
The only issue I have is if a group run their own server, then its not longer a MMO, unless you redefine "Massive Multiplayer" to "Minor Fewplayer".
that's true. In the flat hierarchy I used to work, we got a incredible amount of stuff done. Customers and other regional offices were amazed, but the trick was simple - let people do what they're good at and cut down the unnecessary drivel and management.
When a new director took over, he changed things so there was a huge hierarchy, and bought in a large project-management office and productivity plummeted so much I couldn't believe how bad it was.
Managers exist solely to feed off the other managers in a self-sustaining spiral of shit, and that's they think they need more of them.
sounds like it is a great deal - if its keeping you from buying a Azure/Sharepoint solution from Wanker Consulting company for way too much money plus lockin to their developed system, they you guys are getting a great deal. Wish my country would do the same.
Of course that was then for a XP migration. So they've saved themselves the cost of migrating all over again to Windows8.1u1 as well - in other words, 1 slightly more costly migration costs much less than having to migrate twice over to XP and then Win8 (and possibly then downgrade to win 7:-)
Don't forget, these guys were early-adopters of commercial Linux, everyone who does that pays more in the early days. If your council did it today, they'd probably find it is cheaper thanks partly to the work the Munich guys did.
I used to write software for the control centres. One thing I know is that there are many more calls than there are officers to deal with them.
so no, they're not sitting in the coffee house eating doughnuts, they're permanently going from one incident to the next. The only time they're not doing this is when they come back to base to fill out the mass of paperwork between incidents.
That;s not to say that some are sent to areas to "patrol" but these are also organised areas, the police don't stray out of their assigned patrol zones for the duration they're assigned there. But such things are relatively rare, considering the demand placed on police response.
Slashdot Mirror
Well the "media hub" (or similar) will become less of a PC and more of a device - closed off and in a shiny case. Accessed over your tablet in a nice web 3.0 interface. Same for games - on your console. PCs will become a niche thing, maybe kept alive as gaming rigs or enthusiast machines in the corner, but otherwise banished from the homes of "ordinary" people.
The server can go too, replaced with cloud storage or processing. Why do you think all the big players are giving you Office in the cloud (ok, apart from the regular revenue). Its because they see people using these traditional desktop softwares used over the network, if not on a tablet then on a keyboard and mouse plugged into the same tablet. (or look at the Surface, docking station = desktop).
The desktop will go, replaced with a on-demand processing in a datacentre somewhere.
and there are plenty of protocols that are lighter than SNMP - so if you're using a custom protocol, make it a good one that's efficient at doing exactly what you need. If it doesn't need to be efficient, then pick one that has the best tooling.
SNMP is a good interface for devices, but hey - the OP says he had a custom protocol, not SNMP.
DNSSEC gives you assurance that the domain you're connecting to is the server that says its hosting that domain. So you have no MitM attacks with un-authenticated encryption.
So splitting auth from encryption is a good thing, and can be done properly. You can have both, but at the moment you can only have both or none. None, is obviously not good.
Makes no diference. If I stuck wireshark on your network, I'd see all the packets being sent and could read them quite happily.
If you haven't encrypted them, I'd be able to read them without any problem whatsoever. The difference between HTTP and Custom protocol in this case - no whatsoever.
All http gives you is a standard set of knowledge, routing, software and devices that know how to handle it. That's pretty useful, given that you're not anymore secure than if you used it. So you might as well use http.
If you think 14-year old cars are new, I have a whole garage forecourt to sell you.
Besides, old cars are there entirely for hobbyists to tinker with - so if they need new fuel systems, many enthusiasts will look at that with delight as as excuse to spend more money and time putting them in!
I heard the problem at eBay was that an employee's login had been compromised (via social engineering apparently, but we might never know).
Regardless of how that happened, that an employee was able to login from a remote location shows the sad state of affairs of security today.
When I worked at a credit reference agency, security was top priority - as if you lost someone else's data (eg a banks) then said bank would withdraw your access to their data, and that meant you couldn't continue to do business.
So we had the production servers in a datacentre that were physically disconnected to the internet. You wanted to update your SQL, someone had to go there (it was very close :) ) to update things. The only connection to the outside world was the web servers, and they had access solely to locked-down services that in turn solely had access to the parts of the DB that they needed to read from.
Layers of security like this mean that if you get your web site hacked (as happens, frequently) the attacker cannot do much damage. They must hack the services layer as well (which means attacking the OS they run on, through a very narrow firewall) and even then they would have to hack the OS security to gain access to a limited section of data. They'd have to further hack the DB to get access to all the data.
So no-one could ever realistically dump the entire user table in that system. Why anyone lets websites do less is a mystery to me.
Note: Even so-called "security editors" fall intot he camp of thinking layered security is not necessary. In this ArsTechnica story, the 'promoted comment' describes a riposte where the poster says the web server needs a direct connection to the web server!!! I can understand some junior web dev thinking it, I can't imagine anyone who knows security taking it seriously, yet many did. This is why we have breach after breach.
Principle is the same as VNC, but the leap in technical sophistication is huge
now if we could only get the same technical details into Wayland, the X diehards would stop whining about how slow it might be when running their remote displays!
Note to Value: open source whatever it is you do and tell the Wayland guys.
but to have it supported you first need to buy a licence for it... that kinda rules out Chinese copies of XP.
Did he criticise Chrome when it put DRM in?
No.. then he can stfu. Why is this news now Firefox is implementing the standard that everyone else supports?!
insight much, none mod points.
or that the integration with OneDrive is something you have to manage yourself, rather than have it so deeply embedded into the program you have to fight to save to local disk.
Or that you cna open 2 spreadsheets in 2 different instances, and that closing one of them doesn't close the other in some abuse of SDI/MDI paradigms.
bollocks. If he's asking for a "simple to use" alternative, the charity is probably not paying anything for it. so a free alternative makes a lot of sense.
If he's knocking up some simple DB, if he was to use the MS product, no doubt it'd be Access or Excel with a load of VBA scripting and macros - and that is usually worse than anything else.
LibreOffice's Base fulfils the same role as Access. just as good, not as expensive.
no, you simply outsource the development to where-ever is cheap.
American business doesn't need workers, they need executives to manage the important stuff: marketing, advertising, strategy, intellectual property, patents. That kind of stuff where the big bucks are.
or Scrivener that's designed for writers, write a section and store it away for later and assemble your bits, chapters, ideas afterwards.
Add a document management system and an inbuilt-;'snapshot' system and you have a lot ore power than, say, with Word.
or not have a single default password, each device could have a random one set as default (like how each has a unique MAC address for example) that's printed on the back.
Oh, and maybe we could make control software that is designed to automatically update remotely.
Or... radically, we could just not put a network port on them.
d'uh - the people "buying SAP" are C-level people signing it off. And they never get fired, they simply leave to spend more time with their family due to the stresses of their incredibly stressful job.
Same applies if the company goes bust - they still get first dibs on whatever payoff cash is left over.
its not stealing - they paid for the game. End of story.
Now, if the company wants to host servers and let players run about using them, then there's a fair assumption they should pay for the hosting and bandwidth and server admins and support guys required to run such a thing.
If they choose to run it themselves, on a LAN for example, then they pay for the running costs themselves directly. No big deal.
The only issue I have is if a group run their own server, then its not longer a MMO, unless you redefine "Massive Multiplayer" to "Minor Fewplayer".
that's true. In the flat hierarchy I used to work, we got a incredible amount of stuff done. Customers and other regional offices were amazed, but the trick was simple - let people do what they're good at and cut down the unnecessary drivel and management.
When a new director took over, he changed things so there was a huge hierarchy, and bought in a large project-management office and productivity plummeted so much I couldn't believe how bad it was.
Managers exist solely to feed off the other managers in a self-sustaining spiral of shit, and that's they think they need more of them.
sounds like it is a great deal - if its keeping you from buying a Azure/Sharepoint solution from Wanker Consulting company for way too much money plus lockin to their developed system, they you guys are getting a great deal. Wish my country would do the same.
Of course that was then for a XP migration. So they've saved themselves the cost of migrating all over again to Windows8.1u1 as well - in other words, 1 slightly more costly migration costs much less than having to migrate twice over to XP and then Win8 (and possibly then downgrade to win 7 :-)
Don't forget, these guys were early-adopters of commercial Linux, everyone who does that pays more in the early days. If your council did it today, they'd probably find it is cheaper thanks partly to the work the Munich guys did.
blame the defence lawyer - his job is to do his best to provide mitigating evidence, and obviously was useless.
I used to write software for the control centres. One thing I know is that there are many more calls than there are officers to deal with them.
so no, they're not sitting in the coffee house eating doughnuts, they're permanently going from one incident to the next. The only time they're not doing this is when they come back to base to fill out the mass of paperwork between incidents.
That;s not to say that some are sent to areas to "patrol" but these are also organised areas, the police don't stray out of their assigned patrol zones for the duration they're assigned there. But such things are relatively rare, considering the demand placed on police response.
both defence and prosecution lawyers will have access to the videos, so don't expect "selectively played back" nonsense.
they're still sent to that location as part of a organised system though, not just at random which is what I meant.
and most people would hope they're there more as a deterrent.
From the manufacturer. Just say you want to evaluate one of them :)
This is the device most police are using in the UK.