The advantage of something like RealSecure is that it can take action in realtime as the attempts are detected. Reset the connections, modify firewall rules, AND generate an alarm.
So can Snort. It is not built in, so you'll have to load an additional plugin. But then again, the makes of Snort understand that it is an Intrusion Dectection System. If you want more than detection use the plugins that are available to react on certain alerts. You can set up Snort to send resets, just like ISS does. But that slows down the other work that Snort does, so you won't find that feature integrated into the package.
How exactly is he going to see a traffic analysis system which is set up to transmit no data on to the network? Sure, if it is done wrong it will be detectable, but it isn't hard to make a non-detectable Snort setup work.
You probably should work in the security world before making statements about things you clearly don't understand. tcpdump is a tool for watching all or select traffic. It dumps raw packets, and you have to figure out what to make of them. Snort is a tool for analyzing those packets and alerting on suspicious data. It provides the information you need to help you find potentially dangerous traffic.
Where I work, we have a T-3 'net connection. We typically run about 40% available bandwidth. You'll have just a *TINY* bit of trouble keeping up with that traffic if you manually analyze tcpdump logs. If you run Snort, it will do the bulk of the work, and alert you on things it thinks bear further investigation. It makes mistakes. But having it help focus your traffic checks makes the day a lot easier.
As for using a firewall, too many people have the mistaken impression that once they install a firewall, all their worries will go away. If you have an insider attacking one of your corporate servers, a firewall doesn't help with that at all. An intrusion detection system like Snort will. If you users bring in discs from home that contain trojan programs with call home features, your firewall probably won't catch that, but an intrusion detection system probably will. If your users are surfing to pr0n sites, your firewall might catch that, but an intrusion detection system has a much greater chance.
A firewall is a good thing to have, but everyone working in the security field is going to tell you that it is not enough. We have a concept which we frequently preach to newbs - defense in depth. Put as many systems in place for securing your network as you can realistically manage and track. If you have only a single security device, once an exploit comes out for that device, your network is wide open. And every single security system out there has bugs, so depending on one greatly increases your chances of getting 0wnzerized. Put in multiple systems, and you are likely to catch attacks on at least one of them, in the event that a way to avoid one part of your defense is found.
But you are much better off using something like ISS' RealSecure
The wonderful tool which is less configurable than Snort, doesn't log data as well, and provides less viewable data about packets which set off alerts.
which feeds into either workgroup manager or their new flagship product, Site Protector.
And this is better than Snort how? Snort can log to local or remote databases, text files, syslog, and probably other formats (but I haven't tried). It supports multiple output formats, so you can choose how you want to look at the data. It also supports loading a database from tcpdump files (Our training with ISS never covered how to do this with RealSecure, and I'm doubtful that it can be done).
With that, you can dump all your events into a superior MS SQL 2000 server for event correlation, queries, and forensics.
Superior in what way? It costs more than Postgres or MySQL, has more holes than any other database out there, and costs an insane amount of money compared to what most people running Snort would use (we use MySQL here, I know many people using Postgres, or you can dump to text files).
You can also tie together your intrusion detection with your vulnerability assessment so, if you see a bunch of a certain kind of attack, you can automatically launch a vulnerability assessment with just that attack to ensure you have everything protected (and to make sure that there isn't a new development or test box sitting there insecure since you had no inkling of its existence).
In the world of real security grunts, we like to call such a tool Nessus (http://www.nessus.org/). It scans for more vulnerabilities than ISS (the marketing claims by ISS notwithstanding), is updated more frequently, offers more flexibility in scanning options, has a better support community, and is free.
Unfortunately for me, ISS has brainwashed many, many people in the Department of Energy. I'm forced to use their product on a day-to-day basis. On the upside, I can run Snort and Nessus to do all my real checks and detects, and the go to the ISS products I have to use, try to make them show me the data I need, and report with that. But every single site I have to deal with which uses ISS has done the same thing I've done - shoved it in a corner, set up a system with Snort and a system with Nessus, and gone about getting real work done with free, easy to use, well supported tools.
Speaking as a web developer, I'm a tad pissed at Netscape, because embedded fonts let you have more complete controll over the formatting of the web-page.
Um, as a web developer, shouldn't you also realize that the whole intention of HTML was to give guidance to the browser on how a web page should be laid out, and then allow the client to ultimately decide how it displays? I mean, you aren't upset with the Lynx folks for making your pages not look as you intended, are you? Why Netscape, then? Certainly, all the books I used to learn web development (Laura Lemay's stuff and a few O'Reilly books) said don't try to control the way the page looks, just the way sections are laid out.
RagManX
Re:the story suxorz, dewd.
on
0wnz0red
·
· Score: 1
Thank you. I thought the story was incredibly weak, burdensome to read, and a waste of the time I invested in reading it. Thank goodness I came to my senses on page 3 and just skimmed the rest of the story - I only lost another 3-4 minutes once I realized it sucked.
As much as I would normally agree about RMS, I think in this instance, he actually comes across as a seemingly reasonable and intelligent individual. If only he were this clear and non-bizarre in his day to day "proclamations" of everything computing. If you read what RMS has written, and check out the link, you'll find that for once, he comes across in a way that isn't embarassing to most geeks.
Similar results here. I've been using this since last year on Win2K at work (just recently got rid of that by going 100% Linux). I installed it at home on my XP box several months ago. I use it frequently to access systems at work over VPN connection. It's very nice, as I can now VPN to work, then open an XFree86 session, SSH to my Linux servers, and run X applications over the SSH tunnel over the VPN. Other than some problems displaying KDE icons/colors in XFree86, everything has worked perfectly.
Good point, and something that I feel a lot of people miss. RedHat has put in a lot of work to get in to the corporate environment. I know that where I work, our current Linux security standards specifically address RedHat configuration, and any other distro that a user loads must be configured the same, but without the instructions for configuration that are provided to RedHat users. So anyone putting in a Linux box at my site has to either use RedHat so they have full instructions on security configurations, or they have to know Linux well enough to configure the box themselves. Pretty much forces our casual Linux base to RedHat.
Arrrgh, you're right. It appears that it just "hides" the middleware (IE, oe, etc) from the user.
I read that as "just hides the malware" at first. I read it again to make sure, noticed you said middleware, then realized that reading it either way, the statement is correct.
None of those seem to support your claim. I couldn't find anywhere that says a company with over 80% of market share is a monopoly. That definition doesn't match up with the definition we were given when I studied economics. I did find an article (http://www.jondot.com/Economics/BBEconomicsdef3.h tml) which claims the legal definition of a monopoly is a firm holding over 25% of the market, but the page didn't come up and I had to depend on google's cache to read it.
Further, as pointed out in the ncpa.org article, acts that are detrimental to competitors are not illegal or indicative of a monopoly, only acts which are to the detriment of consumers.
I'm no fan of MS, but a clearer statement of the situation would be very helpful, IMNSHO. I still don't accept that MS is a monopoly. I can't find anywhere that supports the 80% claim, but I can find support for a 25% claim, and a 100% claim.
And, of course, there is that sticky little issue of defining the market. I haven't seen any numbers except for a strict desktop market. But I truly believe an effective argument could be made for including servers and possibly set top devices as the market, which would push MS market share down.
Blah, blah, blah. It's all useless arguing anyway - MS is going to walk out untouched, because the gov't is run by pansy-ass morons and supporters of big business.
But how can someone be a monopoly where there are multiple other options? Apple, Linux, etc?
This is a point I've always been a bit upset by in this whole saga. I feel it is wrong to say Microsoft has a monopoly. Clearly, there are/have been plenty of options - Linux, Apple, Be, *BSD, etc. However, Microsoft has enjoyed and abused monopolistic powers. That is, MS have a sufficiently large market share such that abuse in a monopolistic manner can occur. Much like Standard Oil wasn't strictly a monopoly, MS is not a monopoly. However, when one company becomes a large enough part of a large market, that company can hold (and usually will abuse) monopolistic powers. I've always worried about MS getting out untouched because of the semantic error of labelling the company a monopoly.
Another vote for Konqueror. I can't get any version of Netscape to run stably on a system at work. Version 6 hangs on a few pages I need to access, while Version 4 segfaults on one X display when another instance is started using a different X server to display. We use a browser to view our IDS logs, and multiple users need to have access. Segfaulting on each new unique display instance makes that hard.
Opera runs fine, but the display is not as good as Konqueror. I still use Lynx, but for what I use the browser at work, I have to have graphical. Looks like Konqueror is it for me.
I will. In typical Tom fashion, this article uses a lot of words to express a small bit of information. From my reading, I get that OpenGL 2.0 is taking a long time to finalize, and the OpenGL ARB is trying to standardize a lot of the extensions without hitting copyright/Intellectual Property/etc issues. A decent read, but it needs to be re-written by someone who isn't so wordy.
But even this comparison is not sufficient to get any meaning. What about the severity of compromise? If I have a remote compromise on a Solaris system that gives me access as an unpriviledged user or is just a DoS, I'm less worried about it than a local compromise on OpenBSD that gives root, even though in the general sense I might trust OpenBSD security more than Solaris. Giving a number of vulnerabilities without a severity indicator is worthless. Even with some indicator of severity, you really can't get much meaning from the numbers. Any security expert knows that the security of the system depends more on the skill of the administrator than the OS of the system. In my opinion, articles like this are a waste of time.
OK... take the PVR away. We will still do what we are doing now - taping and blowing by the commercials. We watch a few programs eah week, have the VCR programed to nab them, then we watch them COMMERCIAL FREE on the weekend WHEN WE WANT TO WATCH THEM. The only nice thing about PVR is the quality and the ability to pause real-time.
Believe it or not, the ads we view in fast forward mode are still effective, according to some studies. I can't recall the details, as it has been 10+ years since I read about this (back in college), but we actually studied some research about "compressed-time" commercials, as they were called. In the compressed-time commercial studies, the researchers analyzed name brand recall and preference after allowing subjects to view TV shows at normal speed and fast-forward through the commercials. Many modern commercials are made based on the results of these studies. Things like long-exposure product placement (to make the name brand stay on long enough to read when you fast-forward), frequent product pop-up (to reinforce a memory imprint of the product), flash/swift change display (to focus your eyes on certain parts of the screen, where the product name or packaging will be placed), and similar things. With PVRs, you can actually completely skip commercials, just like you can with VCRs that have blue-screen commercial skip features. The suits don't like this, because while a time-compressed commercial can still be effective in placing a product name in your brain, a totally skipped commercial cannot.
And before you slam me for being a marketing dweeb - we studied this in my second semester of statistics. I was a computer geek then, just like now.:)
And that differs from much of the private sector in what way?
Well, every private sector job I've had, I've been allowed to use whatever tools I deemed necessary. Only at gov't sites have I been restricted in my tools. Perhaps your private sector experience is different from mine?
I don't mean to be cynical, but it seems in this country that the people who end up working for the government are the ones who couldn't cut it in the private sector, especially in the IT field. I can't imagine the 'best and brightest' out there would really be interested in working on some of the most boring code available... and at ridiculously low wages compared to what they could be earning in the IT industry.
Well, you've never worked an IT job in the gov't then. I've worked as a contractor at several gov't sites, and all of them had top notch IT guys. True, there were a lot of morons, but I didn't feel the percentages were any different from the private sector jobs I've worked. And once you got past the entry level positions, almost all the IT people at the gov't sites I've worked were knowledgeable. Now the management over the IT folks has been abysmal at every gov't site I've worked, but most of the IT people have been smart enough to know that and just work on getting the job done without getting the bosses in trouble. That way, the boss leaves the IT people alone, and the IT people get to surf pr0n all day after the job is done.
And I must say, some of the coolest work I've gotten to do has been done at gov't sites (IDS and vulnerability testing stuff comes to mind).
one stumbling block is that government agencies (like the one i work for) shy away from products that have no old-school support structure.
This is exactly the problem I've run in to at the gov't site where I work. I've posted about this in other open source thread discussions, but will mention it again here. At my site, the two responses I get when I want to use an open source tool (Nessus, Ethereal, and Snort being the top three I try to use) are: 1)We can't get support for those, and 2)But we can't use free software because someone might have put a trojan in there and we'll never know.
Of course, since I build the tools from source, #2 doesn't really apply as we could always check them. And I've gotten more support from various mailing lists when I've had questions about my open source tools than I've ever been able to get for commercial products. But the gov't morons here don't like those answers.
The other thing you'll run in to is that most gov't idiots like to have someone to blame if something goes wrong. With open source stuff, you can't get anything back from the creators if you have a problem, since many of the creators having nothing but their talents. On the other hand, you can't get anything from the commercial entities because of the EULA, but the gov't brainless zombies believe that because they are a business, they can be sued. Besides, we've never had a problem with my open source tools, just the commercial ones.
I thought that's what everyone wanted? To be taken serious as opposed to hey look at the nice kids playing with Linux?
I'm with you. I don't understand why Linux getting into the business world is a bad thing. I have to assume it is because there are still too many people that want Linux to remain the domain of geekdom. Personally, I look forward to Linux picking up steam and getting seriously entrenched in the business world. It will make it easier for me to bring in more tools that work on Linux - "Hey, we already have the system, I just have to download the source and build it." I've been getting so much resistance to putting in Linux based anything, that I can't see Linux getting serious as a bad thing.
When will you learn that Slashdot is a fringe element of society and does not represent the global view. Personally I have CD players, VCRs, DVDs, and TVs that I know contain several dollars of licensing fees each: BIG SHIT. Seriously, who gives a fuck? It pays the people to develop this.
I think the point of contention with this licensing is that someone will now have to pay for creating content, as well as for devices which create or view the content. Now, companies will be able to sell us video viewers for less than ever before, but we'll have fewer videos to watch, because companies won't want to pay the licensing fee to provide the content to us.
I think what might be interesting to some is the fact that Amazon continues to increase sales, even without the insane $10 of $15 plus free shipping coupons and such that they used to offer. Back when every online retailer was doing this, and then many of them went out of business, I remember hearing many "experts" saying that it was unlikely that internet based retailing could survive without these insane discounts.
Remember that online, you usually can't pick up and examine the merchandise. To those with limited mental capacity, that would seem to indicate that online retailers are at a disadvantage compared to brick and mortar retailers. To those with a little more capacity for intellect, this doesn't matter - we all know we can go to a real store and examine goods and then still order them online for less. But those limited intellect "experts" didn't understand that and assumed that no one would want to buy something they hadn't checked out moments before.
And of course, the other surprise about Amazon's profit is that I doubt many expected it this soon, given Amazon's prior cash-burn rate in the heyday of the "digital economy." I certainly didn't expect Amazon to be profitable during the death of the dot.gone and a recession to boot.
Slashdot Mirror
So can Snort. It is not built in, so you'll have to load an additional plugin. But then again, the makes of Snort understand that it is an Intrusion Dectection System. If you want more than detection use the plugins that are available to react on certain alerts. You can set up Snort to send resets, just like ISS does. But that slows down the other work that Snort does, so you won't find that feature integrated into the package.
RagManX
How exactly is he going to see a traffic analysis system which is set up to transmit no data on to the network? Sure, if it is done wrong it will be detectable, but it isn't hard to make a non-detectable Snort setup work.
RagManX
You probably should work in the security world before making statements about things you clearly don't understand. tcpdump is a tool for watching all or select traffic. It dumps raw packets, and you have to figure out what to make of them. Snort is a tool for analyzing those packets and alerting on suspicious data. It provides the information you need to help you find potentially dangerous traffic.
Where I work, we have a T-3 'net connection. We typically run about 40% available bandwidth. You'll have just a *TINY* bit of trouble keeping up with that traffic if you manually analyze tcpdump logs. If you run Snort, it will do the bulk of the work, and alert you on things it thinks bear further investigation. It makes mistakes. But having it help focus your traffic checks makes the day a lot easier.
As for using a firewall, too many people have the mistaken impression that once they install a firewall, all their worries will go away. If you have an insider attacking one of your corporate servers, a firewall doesn't help with that at all. An intrusion detection system like Snort will. If you users bring in discs from home that contain trojan programs with call home features, your firewall probably won't catch that, but an intrusion detection system probably will. If your users are surfing to pr0n sites, your firewall might catch that, but an intrusion detection system has a much greater chance.
A firewall is a good thing to have, but everyone working in the security field is going to tell you that it is not enough. We have a concept which we frequently preach to newbs - defense in depth. Put as many systems in place for securing your network as you can realistically manage and track. If you have only a single security device, once an exploit comes out for that device, your network is wide open. And every single security system out there has bugs, so depending on one greatly increases your chances of getting 0wnzerized. Put in multiple systems, and you are likely to catch attacks on at least one of them, in the event that a way to avoid one part of your defense is found.
RagManX
The wonderful tool which is less configurable than Snort, doesn't log data as well, and provides less viewable data about packets which set off alerts.
And this is better than Snort how? Snort can log to local or remote databases, text files, syslog, and probably other formats (but I haven't tried). It supports multiple output formats, so you can choose how you want to look at the data. It also supports loading a database from tcpdump files (Our training with ISS never covered how to do this with RealSecure, and I'm doubtful that it can be done).
Superior in what way? It costs more than Postgres or MySQL, has more holes than any other database out there, and costs an insane amount of money compared to what most people running Snort would use (we use MySQL here, I know many people using Postgres, or you can dump to text files).
In the world of real security grunts, we like to call such a tool Nessus (http://www.nessus.org/). It scans for more vulnerabilities than ISS (the marketing claims by ISS notwithstanding), is updated more frequently, offers more flexibility in scanning options, has a better support community, and is free.
Unfortunately for me, ISS has brainwashed many, many people in the Department of Energy. I'm forced to use their product on a day-to-day basis. On the upside, I can run Snort and Nessus to do all my real checks and detects, and the go to the ISS products I have to use, try to make them show me the data I need, and report with that. But every single site I have to deal with which uses ISS has done the same thing I've done - shoved it in a corner, set up a system with Snort and a system with Nessus, and gone about getting real work done with free, easy to use, well supported tools.
RagManX
Um, as a web developer, shouldn't you also realize that the whole intention of HTML was to give guidance to the browser on how a web page should be laid out, and then allow the client to ultimately decide how it displays? I mean, you aren't upset with the Lynx folks for making your pages not look as you intended, are you? Why Netscape, then? Certainly, all the books I used to learn web development (Laura Lemay's stuff and a few O'Reilly books) said don't try to control the way the page looks, just the way sections are laid out.
RagManX
Thank you. I thought the story was incredibly weak, burdensome to read, and a waste of the time I invested in reading it. Thank goodness I came to my senses on page 3 and just skimmed the rest of the story - I only lost another 3-4 minutes once I realized it sucked.
RagManX
As much as I would normally agree about RMS, I think in this instance, he actually comes across as a seemingly reasonable and intelligent individual. If only he were this clear and non-bizarre in his day to day "proclamations" of everything computing. If you read what RMS has written, and check out the link, you'll find that for once, he comes across in a way that isn't embarassing to most geeks.
RagManX
Similar results here. I've been using this since last year on Win2K at work (just recently got rid of that by going 100% Linux). I installed it at home on my XP box several months ago. I use it frequently to access systems at work over VPN connection. It's very nice, as I can now VPN to work, then open an XFree86 session, SSH to my Linux servers, and run X applications over the SSH tunnel over the VPN. Other than some problems displaying KDE icons/colors in XFree86, everything has worked perfectly.
RagManX
Not quite the same, but I see your point. Certainly, not the case for Neverwinter Nights.
Have you tried it in Wine? Just a thought.
RagManX
Good point, and something that I feel a lot of people miss. RedHat has put in a lot of work to get in to the corporate environment. I know that where I work, our current Linux security standards specifically address RedHat configuration, and any other distro that a user loads must be configured the same, but without the instructions for configuration that are provided to RedHat users. So anyone putting in a Linux box at my site has to either use RedHat so they have full instructions on security configurations, or they have to know Linux well enough to configure the box themselves. Pretty much forces our casual Linux base to RedHat.
RagManX
I read that as "just hides the malware" at first. I read it again to make sure, noticed you said middleware, then realized that reading it either way, the statement is correct.
RagManX
http://www.lectlaw.com/def2/m138.htmn cpa.org/iss/ant/1999/pd041299h.htmle ss-law.freeadvice.com/trade_regulatio n/monopoly_power.htmi os/rulebreaker/1999/ru lebreaker991109.htm
h tml) which claims the legal definition of a monopoly is a firm holding over 25% of the market, but the page didn't come up and I had to depend on google's cache to read it.
http://www.
http://busin
http://www.fool.com/portfol
None of those seem to support your claim. I couldn't find anywhere that says a company with over 80% of market share is a monopoly. That definition doesn't match up with the definition we were given when I studied economics. I did find an article (http://www.jondot.com/Economics/BBEconomicsdef3.
Further, as pointed out in the ncpa.org article, acts that are detrimental to competitors are not illegal or indicative of a monopoly, only acts which are to the detriment of consumers.
I'm no fan of MS, but a clearer statement of the situation would be very helpful, IMNSHO. I still don't accept that MS is a monopoly. I can't find anywhere that supports the 80% claim, but I can find support for a 25% claim, and a 100% claim.
And, of course, there is that sticky little issue of defining the market. I haven't seen any numbers except for a strict desktop market. But I truly believe an effective argument could be made for including servers and possibly set top devices as the market, which would push MS market share down.
Blah, blah, blah. It's all useless arguing anyway - MS is going to walk out untouched, because the gov't is run by pansy-ass morons and supporters of big business.
RagManX
This is a point I've always been a bit upset by in this whole saga. I feel it is wrong to say Microsoft has a monopoly. Clearly, there are/have been plenty of options - Linux, Apple, Be, *BSD, etc. However, Microsoft has enjoyed and abused monopolistic powers. That is, MS have a sufficiently large market share such that abuse in a monopolistic manner can occur. Much like Standard Oil wasn't strictly a monopoly, MS is not a monopoly. However, when one company becomes a large enough part of a large market, that company can hold (and usually will abuse) monopolistic powers. I've always worried about MS getting out untouched because of the semantic error of labelling the company a monopoly.
RagManX
Another vote for Konqueror. I can't get any version of Netscape to run stably on a system at work. Version 6 hangs on a few pages I need to access, while Version 4 segfaults on one X display when another instance is started using a different X server to display. We use a browser to view our IDS logs, and multiple users need to have access. Segfaulting on each new unique display instance makes that hard.
Opera runs fine, but the display is not as good as Konqueror. I still use Lynx, but for what I use the browser at work, I have to have graphical. Looks like Konqueror is it for me.
RagManX
I mis-read it, too. I like your reading better than mine. I thought it said "Ever road a dull road." Which pretty much seems accurate to me...
RagManX
I will. In typical Tom fashion, this article uses a lot of words to express a small bit of information. From my reading, I get that OpenGL 2.0 is taking a long time to finalize, and the OpenGL ARB is trying to standardize a lot of the extensions without hitting copyright/Intellectual Property/etc issues. A decent read, but it needs to be re-written by someone who isn't so wordy.
RagManX
But even this comparison is not sufficient to get any meaning. What about the severity of compromise? If I have a remote compromise on a Solaris system that gives me access as an unpriviledged user or is just a DoS, I'm less worried about it than a local compromise on OpenBSD that gives root, even though in the general sense I might trust OpenBSD security more than Solaris. Giving a number of vulnerabilities without a severity indicator is worthless. Even with some indicator of severity, you really can't get much meaning from the numbers. Any security expert knows that the security of the system depends more on the skill of the administrator than the OS of the system. In my opinion, articles like this are a waste of time.
RagManX
Believe it or not, the ads we view in fast forward mode are still effective, according to some studies. I can't recall the details, as it has been 10+ years since I read about this (back in college), but we actually studied some research about "compressed-time" commercials, as they were called. In the compressed-time commercial studies, the researchers analyzed name brand recall and preference after allowing subjects to view TV shows at normal speed and fast-forward through the commercials. Many modern commercials are made based on the results of these studies. Things like long-exposure product placement (to make the name brand stay on long enough to read when you fast-forward), frequent product pop-up (to reinforce a memory imprint of the product), flash/swift change display (to focus your eyes on certain parts of the screen, where the product name or packaging will be placed), and similar things. With PVRs, you can actually completely skip commercials, just like you can with VCRs that have blue-screen commercial skip features. The suits don't like this, because while a time-compressed commercial can still be effective in placing a product name in your brain, a totally skipped commercial cannot.
And before you slam me for being a marketing dweeb - we studied this in my second semester of statistics. I was a computer geek then, just like now.
RagManX
Well, every private sector job I've had, I've been allowed to use whatever tools I deemed necessary. Only at gov't sites have I been restricted in my tools. Perhaps your private sector experience is different from mine?
RagManX
Well, you've never worked an IT job in the gov't then. I've worked as a contractor at several gov't sites, and all of them had top notch IT guys. True, there were a lot of morons, but I didn't feel the percentages were any different from the private sector jobs I've worked. And once you got past the entry level positions, almost all the IT people at the gov't sites I've worked were knowledgeable. Now the management over the IT folks has been abysmal at every gov't site I've worked, but most of the IT people have been smart enough to know that and just work on getting the job done without getting the bosses in trouble. That way, the boss leaves the IT people alone, and the IT people get to surf pr0n all day after the job is done.
And I must say, some of the coolest work I've gotten to do has been done at gov't sites (IDS and vulnerability testing stuff comes to mind).
RagManX
This is exactly the problem I've run in to at the gov't site where I work. I've posted about this in other open source thread discussions, but will mention it again here. At my site, the two responses I get when I want to use an open source tool (Nessus, Ethereal, and Snort being the top three I try to use) are: 1)We can't get support for those, and 2)But we can't use free software because someone might have put a trojan in there and we'll never know.
Of course, since I build the tools from source, #2 doesn't really apply as we could always check them. And I've gotten more support from various mailing lists when I've had questions about my open source tools than I've ever been able to get for commercial products. But the gov't morons here don't like those answers.
The other thing you'll run in to is that most gov't idiots like to have someone to blame if something goes wrong. With open source stuff, you can't get anything back from the creators if you have a problem, since many of the creators having nothing but their talents. On the other hand, you can't get anything from the commercial entities because of the EULA, but the gov't brainless zombies believe that because they are a business, they can be sued. Besides, we've never had a problem with my open source tools, just the commercial ones.
RagManX
I'm with you. I don't understand why Linux getting into the business world is a bad thing. I have to assume it is because there are still too many people that want Linux to remain the domain of geekdom. Personally, I look forward to Linux picking up steam and getting seriously entrenched in the business world. It will make it easier for me to bring in more tools that work on Linux - "Hey, we already have the system, I just have to download the source and build it." I've been getting so much resistance to putting in Linux based anything, that I can't see Linux getting serious as a bad thing.
RagManX
I think the point of contention with this licensing is that someone will now have to pay for creating content, as well as for devices which create or view the content. Now, companies will be able to sell us video viewers for less than ever before, but we'll have fewer videos to watch, because companies won't want to pay the licensing fee to provide the content to us.
RagManX
:)
I somehow doubt Amazon's continued profitability depends on your purchase of Salmon of Doubt next quarter. But thanks for the laugh.
RagManX
I think what might be interesting to some is the fact that Amazon continues to increase sales, even without the insane $10 of $15 plus free shipping coupons and such that they used to offer. Back when every online retailer was doing this, and then many of them went out of business, I remember hearing many "experts" saying that it was unlikely that internet based retailing could survive without these insane discounts.
Remember that online, you usually can't pick up and examine the merchandise. To those with limited mental capacity, that would seem to indicate that online retailers are at a disadvantage compared to brick and mortar retailers. To those with a little more capacity for intellect, this doesn't matter - we all know we can go to a real store and examine goods and then still order them online for less. But those limited intellect "experts" didn't understand that and assumed that no one would want to buy something they hadn't checked out moments before.
And of course, the other surprise about Amazon's profit is that I doubt many expected it this soon, given Amazon's prior cash-burn rate in the heyday of the "digital economy." I certainly didn't expect Amazon to be profitable during the death of the dot.gone and a recession to boot.
RagManX