Had ads remained a small banner at the top of pages, originating from the site in question, no animations, no javascript, no cookie tracking, etc... this arms race would never have come about in the first place. They may have even been effective in getting people curious about their product and checking it out.
I know all of these things. And may just do it, and ask for forgiveness later. The environment is somewhat hostile, since they have never had a real RHCE, CISSP, CPT, CEH type running things before.
Ha! Auditors. We aren't that big, although the owners think they are.
Ok, how's this for my environment:
The owners of the company demand that we store everyone's password, in the clear, in a field in ldap so they can have access to everything. I have tried challenging this several times, and have yet to make any headway. Those ldap servers are accessed via the Master r/w account by our web servers on the untrusted Internet. Did I also mention that none of our publically-facing servers are on a DMZ, and that my boss fights me every time I mention how all of these things are very bad ideas?
Unfortunately, my biggest problem is the PHB. I have already given sudo access for the web developers on the web servers where I don't allow direct root logins any longer. We have ldap. Now 5 years later, it's actually being used properly:-D
Example: "I don't want to have to come in on a weekend if there is a problem, so I bridged across the firewall with an IP KVM, exposing it directly to the Internet" That same stunt, by the way, was somehow a 'Firewall problem' since he assigned it the same address at the firewall's public primary address...
My biggest fight is to get the Boss, who understandably had to run things for a little while when his last admin was fired for being a general douchebag to relinquish control, and to at least communicate with me rather than trying to implement things behind my back.
I've cleaned up most of the problems from the prior admin, and am moving forward. If I can get my boss to keep his hands off, or at the very least involve me when he has a 'brilliant' idea, life won't be too bad.
Inherited my mess about a year ago. I've done much to clean it up and monitor it.
I may have to investigate Cfengine soon, but for now, since I am comfortable with creating my own RPMs since all of our servers are CentOS, I simply use yum with rpm. It works very nicely. If I make changes (I use git to track/branch/etc), I then just rsync the repository to our production server once I am happy that everything is correct. Building, git, etc, is all automated from within vim with some simple scripts that I wrote.
Nagios to monitor the whole mess, including MySQL replication, DRBD clusters, Backups, Firewalls, Mail Relays, Web Servers, Whether we somehow ended up on a RBL, etc.
Dunno how I got stuck doing it, not being a developer, but I will also be training our 'development' team (php web developers) on how to use git from a shared repository.
I'm managing approximately 50 enterprise server systems this way, and the load is no big deal for just me to manage now that I'm slowly beginning to reign in our developers and my boss. They all have root access still:-( A political fight I'm not yet prepared to have. I was able to take it away on the web servers, at least, and that's the only thing our developers touch, so life is a bit better.
I see nothing wrong with having to still buy CDs. The prices of them were the problem. Sell a CD for $5 or less, and people would have bought them. The tools to rip your own collection then would have evolved to be easier/faster/better. Cdex on windoze isn't too bad. Personally I wrote some perl scripts to do this long long ago, and they still serve me well today .
You then have 1) uncompressed masters 2) the ability to re-encode as technologies evolve 3) the ability to put the stuff on ANY device you want
Personally most of my music listening is streaming rather than my own collection nowadays anyway, but the above would have been better, IMO, then online downloads. I want control over the things that I purchase.
You don't need anything like i-tunes, either. Good players will properly organize and index your collection themselves. Just drag/drop over the network or USB. Rockbox, for example, excels at managing music without your having to do anything but properly tag your music (see ripping tools above).
Yup. Mr. Senator, if anything, you don't want to ban any terrorist content. Makes 'em easier to track, ya know? And here I thought that our government loved the ability to track the turrists.
Read the forums. You need to: 1) enable snmp public read string on the printer. This is how the touchpad figures out it's a compatible printer 2) have a printer that can speak PCL
See other poster above. Put it in developer mode. Viola. Busybox terminal simply by connecting with novaterm.
Step 2: Add preware Step 3: Add ssh, whatever other fun optware stuff you want, etc. For example, I run bash, openvpn, privoxy (who needs the built in web browser to support ad blocking when you can add privoxy and iptables rules?)
If you don't like doing everything with webos apps, you can run an ubuntu environment.
Relays (MTAs) bounce/reject mail. Mail clients (MUAs), do not. You can't do this.
If you want to, you must run your own mail server. Then it is trivial. I personally use MimeDefang for such things, but you can also do it directly from sendmail's configuration without resorting to miltering.
If you don't have a clue about what I am talking about, then you need to just hire somebody to do what you want, because these are very basic mail concepts.
Run your own torrent trackers. Require strong authentication. Charge a reasonable fee per month to keep the private key valid.
I don't know what is so difficult about this. It's a win for everybody:
- Downloaders get a guaranteed good copy
- Content creators don't need to invest in a crapton of bandwidth
- Content creators maintain a reasonable amount of control
- Customers likely to remain loyal, because there are no real hoops to jump through.
But, by all means, continue wasting your time and money and pissing your potential customers off with your current model.
Freetether on WebOS. Charging X per month for something I might use once a year is ridiculous. That may change when my touchpad arrives, though. Regardless, iptables and dhcpd continue to exist on my phone, and there is not going to be any update to nuke that ability, so all is right in the world for the time being.
modularity is a good thing. I wish they'd do that *more* with thunderbird, not less. For example, I do not have any use for spam filtering on a mail client, as I handle that where it is most effective, on the server. Same for mail filtering rules, but those should probably be part of core functionality.
Which our incompetent windoze admins have installed here and STILL can't figure out how to keep it from trying to probe networks that haven't been in use for over a year.
Just add the wifi radio to it, and the crypto accelerator if you intend to do a lot with openvpn (which you should, since pfsense has it rolled right in)
You mean 'not using the new shiny for no other reason than it is the new shiny?'
Seriously. We've been there. Done that. Learned what not to do. And yet that experience is not valued and the PHBs want to drive forward with making the same mistakes with the newest tech that we've already been through and fixed.
Look at things like tapatalk, that was developed to solve the problem of easily viewing forums (mostly phpbb) on phones. I dare say usenet was a much better system. That's just one example.
The touchpad was simply overpriced. If HP had sold it for, say $150 for 16GB, and $200 for 32GB, it may have sold better to begin with. The crazy rate that everyone sold out of all stock means that there are now a whole lot of WebOS tablets in people's hands now. App developers saw a huge spike in downloads after the sale. Getting WebOS out there, people will see what it is like and perhaps not settle for the inferior interfaces of Android and iOS.
HP's own tablet making may be dead. WebOS isn't quite done yet. Wouldn't it be cool if Dell got into the tablet business and licensed WebOS for them...
Did you even read my post? Spamassassin is used, but it is the last thing used. If people are not getting an error back, then the sender's mail server is misconfigured or a zombie anyway, and we don't want mail from them.
Slashdot Mirror
Why de-virtualize? The real solution is HA clustering for your physical VMs.
WebOS is going open source. Nokia would be smart to get in on that.
Had ads remained a small banner at the top of pages, originating from the site in question, no animations, no javascript, no cookie tracking, etc ... this arms race would never have come about in the first place. They may have even been effective in getting people curious about their product and checking it out.
I know all of these things. And may just do it, and ask for forgiveness later. The environment is somewhat hostile, since they have never had a real RHCE, CISSP, CPT, CEH type running things before.
Ha! Auditors. We aren't that big, although the owners think they are.
Ok, how's this for my environment:
The owners of the company demand that we store everyone's password, in the clear, in a field in ldap so they can have access to everything. I have tried challenging this several times, and have yet to make any headway. Those ldap servers are accessed via the Master r/w account by our web servers on the untrusted Internet. Did I also mention that none of our publically-facing servers are on a DMZ, and that my boss fights me every time I mention how all of these things are very bad ideas?
Unfortunately, my biggest problem is the PHB. I have already given sudo access for the web developers on the web servers where I don't allow direct root logins any longer. We have ldap. Now 5 years later, it's actually being used properly :-D
Example:
"I don't want to have to come in on a weekend if there is a problem, so I bridged across the firewall with an IP KVM, exposing it directly to the Internet" That same stunt, by the way, was somehow a 'Firewall problem' since he assigned it the same address at the firewall's public primary address...
My biggest fight is to get the Boss, who understandably had to run things for a little while when his last admin was fired for being a general douchebag to relinquish control, and to at least communicate with me rather than trying to implement things behind my back.
I've cleaned up most of the problems from the prior admin, and am moving forward. If I can get my boss to keep his hands off, or at the very least involve me when he has a 'brilliant' idea, life won't be too bad.
Inherited my mess about a year ago. I've done much to clean it up and monitor it.
I may have to investigate Cfengine soon, but for now, since I am comfortable with creating my own RPMs since all of our servers are CentOS, I simply use yum with rpm. It works very nicely. If I make changes (I use git to track/branch/etc), I then just rsync the repository to our production server once I am happy that everything is correct. Building, git, etc, is all automated from within vim with some simple scripts that I wrote.
Nagios to monitor the whole mess, including MySQL replication, DRBD clusters, Backups, Firewalls, Mail Relays, Web Servers, Whether we somehow ended up on a RBL, etc.
Dunno how I got stuck doing it, not being a developer, but I will also be training our 'development' team (php web developers) on how to use git from a shared repository.
I'm managing approximately 50 enterprise server systems this way, and the load is no big deal for just me to manage now that I'm slowly beginning to reign in our developers and my boss. They all have root access still :-( A political fight I'm not yet prepared to have. I was able to take it away on the web servers, at least, and that's the only thing our developers touch, so life is a bit better.
I see nothing wrong with having to still buy CDs. The prices of them were the problem. Sell a CD for $5 or less, and people would have bought them. The tools to rip your own collection then would have evolved to be easier/faster/better. Cdex on windoze isn't too bad. Personally I wrote some perl scripts to do this long long ago, and they still serve me well today .
You then have
1) uncompressed masters
2) the ability to re-encode as technologies evolve
3) the ability to put the stuff on ANY device you want
Personally most of my music listening is streaming rather than my own collection nowadays anyway, but the above would have been better, IMO, then online downloads. I want control over the things that I purchase.
You don't need anything like i-tunes, either. Good players will properly organize and index your collection themselves. Just drag/drop over the network or USB. Rockbox, for example, excels at managing music without your having to do anything but properly tag your music (see ripping tools above).
Yup. Mr. Senator, if anything, you don't want to ban any terrorist content. Makes 'em easier to track, ya know? And here I thought that our government loved the ability to track the turrists.
Read the forums. You need to:
1) enable snmp public read string on the printer. This is how the touchpad figures out it's a compatible printer
2) have a printer that can speak PCL
See other poster above. Put it in developer mode. Viola. Busybox terminal simply by connecting with novaterm.
Step 2: Add preware
Step 3: Add ssh, whatever other fun optware stuff you want, etc. For example, I run bash, openvpn, privoxy (who needs the built in web browser to support ad blocking when you can add privoxy and iptables rules?)
If you don't like doing everything with webos apps, you can run an ubuntu environment.
Relays (MTAs) bounce/reject mail. Mail clients (MUAs), do not. You can't do this.
If you want to, you must run your own mail server. Then it is trivial. I personally use MimeDefang for such things, but you can also do it directly from sendmail's configuration without resorting to miltering.
If you don't have a clue about what I am talking about, then you need to just hire somebody to do what you want, because these are very basic mail concepts.
http://en.kioskea.net/contents/courrier-electronique/fonctionnement-mta-mua.php3
You mean devolution?
Retarded people "Think Different" too. FWIW, I don't use apple crap *or* android.
I'd really really really like to see Apple challenge HP's list of mobile OS patents. That would be so much fun!
Run your own torrent trackers. Require strong authentication. Charge a reasonable fee per month to keep the private key valid.
I don't know what is so difficult about this. It's a win for everybody:
- Downloaders get a guaranteed good copy
- Content creators don't need to invest in a crapton of bandwidth
- Content creators maintain a reasonable amount of control
- Customers likely to remain loyal, because there are no real hoops to jump through.
But, by all means, continue wasting your time and money and pissing your potential customers off with your current model.
Freetether on WebOS. Charging X per month for something I might use once a year is ridiculous. That may change when my touchpad arrives, though. Regardless, iptables and dhcpd continue to exist on my phone, and there is not going to be any update to nuke that ability, so all is right in the world for the time being.
modularity is a good thing. I wish they'd do that *more* with thunderbird, not less. For example, I do not have any use for spam filtering on a mail client, as I handle that where it is most effective, on the server. Same for mail filtering rules, but those should probably be part of core functionality.
Which our incompetent windoze admins have installed here and STILL can't figure out how to keep it from trying to probe networks that haven't been in use for over a year.
I have these installed to run from a usb drive. Even have a full activestate perl implementation working with zsh shebang and everything :-)
http://store.netgate.com/Firewalls-C2.aspx
Just add the wifi radio to it, and the crypto accelerator if you intend to do a lot with openvpn (which you should, since pfsense has it rolled right in)
If you need to filter, .kids makes a lot more sense.
You mean 'not using the new shiny for no other reason than it is the new shiny?'
Seriously. We've been there. Done that. Learned what not to do. And yet that experience is not valued and the PHBs want to drive forward with making the same mistakes with the newest tech that we've already been through and fixed.
Look at things like tapatalk, that was developed to solve the problem of easily viewing forums (mostly phpbb) on phones. I dare say usenet was a much better system. That's just one example.
The touchpad was simply overpriced. If HP had sold it for, say $150 for 16GB, and $200 for 32GB, it may have sold better to begin with. The crazy rate that everyone sold out of all stock means that there are now a whole lot of WebOS tablets in people's hands now. App developers saw a huge spike in downloads after the sale. Getting WebOS out there, people will see what it is like and perhaps not settle for the inferior interfaces of Android and iOS.
HP's own tablet making may be dead. WebOS isn't quite done yet. Wouldn't it be cool if Dell got into the tablet business and licensed WebOS for them...
Did you even read my post? Spamassassin is used, but it is the last thing used. If people are not getting an error back, then the sender's mail server is misconfigured or a zombie anyway, and we don't want mail from them.