I believe getting a Micros system installed is on the order of $30k for a small restaurant. There are open source POS systems, but you aren't going to save half that money with it when all is said and done.
Exactly my thought...and the POS is the most important IT asset there. The OP referenced alternatives to QuickBooks, however, so I suspected that he was only looking to replace that kind of system. That's the other half of the POS/financial accounting system that is absolutely crucial to keeping employees paid, spotting fraud, and managing costs. (Cost management failure is the number one cause of restaurants going out of business.) If the POS fails, then the ability to take in money (especially via non-cash means) is severely compromised or eliminated, and managing orders becomes a nightmare (or impossible, if nobody working there has ever done it manually before and knows how it should work). Conversely, if the financial accounting system fails, then the restaurant is flying blind.
My first thought is that opening a restaurant is one of the hardest things in the world to do. If going open source helps lighten your load or costs in a significant manner and makes the restaurant launch more likely to succeed, then swell.
If however its going to be a case where you cant get support, stuff doesn't work, and nobody is available to help bail you out when fixing your software isn't in the top 50 on your priority list...
This is excellent advice, and I would add a bit more to it. Are you looking at Open Source because you're a Linux guru who is used to managing such types of systems, or because you want to save the money that you'd otherwise spend on QuickBooks and Windows licenses? If it's the first, then also consider how much time you'll have to be the sysadmin on top of your other non-IT duties there. If it's the second, then forget OSS. You'll save less than a thousand dollars, in exchange for which you'll have another learning curve thrown at you while trying to open your first restaurant. Restaurants have, as I recall, an 80-90% failure rate in the first year; don't give yourself more to have to deal with to save a tiny bit of money. Your IT infrastructure won't be large, but it MUST be functional and reliable.
Mr. Dewar is under the incredibly flawed belief that avionics are bug-free, when in fact this is not even close to true. Airbus planes in particular...commercial passenger planes...have been plagued with many software flaws, including one for their fly-by-wire system that, under certain circumstances, gave feedback to the control stick which was 100% in the wrong direction. So the plane would be going into a dive, and the stick pulled at you like you were climbing instead. (Imagine going into a skid, and having the power steering lie to you about the forces acting on your tires, and you get some sense of just how horribly bad this is.) The flaw almost resulted in more than one crash.
The space shuttle's software was carefully reviewed after the Challenger explosion. Among other things, they noticed that the gravitational effect of the moon was accidentally reversed...the software calculated the moon's effect as being a repulsive force, rather than an attractive one. As one engineer to examine the software in the course of that review put it, "We have been really, really lucky."
If you're looking for an industry that is fanatical about software quality and safety, the financial sector is where to look. What spurred this discussion is the reason why. These systems move bilions or even trillions of dollars a month, and the survival of the entities that run them depend on the software's reliability and availability. I would point out the sudden discussion about just how much high-frequency trading and high-frequency optioning is going on these days...all of which is run by this kind of software. The amounts involved go into the hundreds of billions of dollars, daily, and it's been building for years. That it took this long for this kind of mistake to happen indicates that the financial industry probably has more to teach than to learn when it comes to software quality.
Can you imagine being in the control of something with the powers of a God over you, that utterly hates you and has no outlet for its rage but to torture you?
Actually, if you read the sequels, you'll find out just how on-the-money your assessment is. Indeed, that hatred gets directed towards Ender, and he's considered a kind of uber-Hitler. He's referred to as "The Xenocide," rather than by his name, even, as though he single-handedly performed this horrific act for no particular reason.
"since the care and feeding and, most of all, cosseting of employees has been a critical element to Google's success at creating an always-sunny work environment"
Actually, the first and foremost reason for Google's success has been its people. And Yahoo has been taking a beating long enough not to have the same caliber of individuals at this point...so cosseting them isn't exactly going to give the same results as Google gets for taking care of their own employees. Not that it isn't a good idea, but I think Yahoo needs to come up with more compelling reasons to work for them, instead of an up-and-comer (which they absolutely are not, unfortunately). I'm a huge fan of companies providing perks for their people; both scientific studies and my own personal experience show that you get a much bigger ROI on those than on straight salary bumps, for the most part. But they aren't going to improve your company's bottom line automatically.
So you fill all usb ports not used for your keyboard with epoxy
Uh...and what keeps a person from plugging a USB hub into that port, and their keyboard into the USB hub along with whatever other naughtiness they have in mind?
The Stuxnet and Flame malware payloads were not just unleashed on the open Internet to find their way to Iran. The infection pattern of both of them indicates that they are targeted...and that means delivery via geographic means. In other words, human assets with hands on keyboards, and no degree of network separation has any effect on that. In fact, airgapping a network actually reduces your ability to fight against the consequences of an attack in many ways. (Ask anyone who's had to clean up an infection that got onto an airgapped network via an infected laptop.) Now granted, with regard to Flame, if there's no way to call home, there's no way to exfiltrate data using a direct network connection. But that doesn't mean that an attacker can't build themselves a nice nest egg of data on a hard drive to take with them.
As someone currently trying to find a place to live - craigslist is a shithole.
CL is pretty bad, except when compared to the alternatives.
Saying that there isn't a Ruth's Chris nearby does not make McDonald's into a steak house.
Age/gender/orientation/class discrimination is rampant and uncontrolled
If they are advertising for a tenant, then discrimination on age/gender is illegal, and CL will take down offending ads if you report them. If they are advertising for a roommate/boarder (someone who shares the same living space) then this discrimination is perfectly legal in many jurisdictions. Discrimination for/against GLBT tenants may or may not be illegal depending on the jurisdiction.
Saying that muggings and rapes are illegal and that there are cops does not make a bad neighborhood into a good one.
It's also firmly stuck around 1996 technology.
There is nothing wrong with that. 1996 technology is perfectly adequate for what CL is doing.
Totally valid.
The searching sucks.
Use Google, and put "site:craigslist.org" as one of your search criteria.
We all know that Google's searching is good...but when you have to use Google as the lens through which you view a website...that website's searching sucks.
Up until recently they were profiteering off the sex industry (which uses human trafficking)
One of the main reasons for abuse in the sex industry (including human trafficking), is that it is a hidden black market. By helping to make it more open and competitive, CL was arguably making it less abusive. I think it is unfair to blame CL for a problem created by politicians.
Based on this logic, the people on street corners selling crack are also blameless. Look, it doesn't matter if there's a market for something bad, or why that is. It is still wrong to profit from it. I could make money doing bad things in many ways...but it's on me if I choose to do so. Period.
I for one support the continuous production of highly enriched nuclear material. Enriched nuclear material is not waste, and can be fed back into the reactor to make more energy. We should continue enriching the waste products until we've burned out most of it and have little waste left, though that might take 200,000 years or so. Considering the amount of nuclear material available, we may be able to add fresh material to the pile and have some 70% left over when it comes time for the sun to burn out.
I think you're confusing things here. This is about enriching uranium past the point that is necessary for use in a reactor. You don't need (or want) weapons-grade uranium to go into a reactor for peaceful purposes. And in fact, it's WAY harder to get uranium to the point where you can get it to detonate (instead of just heat up and melt) at critical mass...so much so that you need to use entirely different means to get there. So there really isn't a benefit to what you're saying here.
It's worth noting that this order is part and parcel of a lawsuit settlement that the MPD reached with someone who was victimized for recording the police at a traffic stop. This order isn't entirely being done spontaneously because the MPD are good little fonzies. I like Chief Lanier, a lot...but for the most part the MPD remain a group of heavily-armed monkeys, most of whom seem to have a racial issue with whatever races they don't belong to. A white officer recently was suspended for stating...openly, to fellow officers...that he would shoot Michelle Obama. And I can state plainly that I've gotten a lot of trouble from non-white officers, personally. It's one of the reasons I moved from DC to a nearby suburb.
Okay...so that link, if you notice, wouldn't even work. (Try it and see for yourself if you like.) It turns out that this was a software error; a password provisioning function at ITN (the event company supporting BH) sent the email to everyone instead of (presumably) the intended recipient. Indeed, the headers of the email indicate that it emanated from ITN's email server as well. So, the OP is ass-poundingly dishonest in referring to this as a "lame phishing attempt".
You've clearly never even looked at the speakers list or topics for Black Hat. It's not at all watered down; in fact, there used to be a time when a good enough talk would be given at both...but at Defcon, the talk would leave out certain details and depth. By no means is what's delivered light, either...Moxie Marlinspike revealed how to subvert SSL, for example. Dug Song and Thomas Lopatic revealed how to root a Checkpoint Firewall (back when Checkpoint was the big one to get). Major and very serious vulnerabilities in AMI meters (used for Smart Grid) were revealed by IOActive...the list goes on. And you get an incredible mix of major industry players like Cisco and Apple speaking frankly (there's a talk this year on the security architecture of Apple's IOS) along with independent researchers and even lateral thinkers. Jose Nazario...now the Senior Manager for Security Research at Arbor networks, and a Board Member at the Honeynet Project, gave a talk when he was fresh out of finishing his Ph.D. in biochemistry...on viral propagation algorithms for computer viruses. It turns out that what he did his thesis on...viral propagation models for biological viruses...mapped directly to the concept, and the man never worked a day in the biochem field after he finished his doctorate.
So, just because you're not able to afford the ticket, or for some reason you can't gain entry into the infosec field (past criminal record, perhaps? Caught with the ganja, were we?), don't try to tarnish the people trying to share information at the front end of things.
If you think that abuse of a word means the word becomes invalid, then you'd end up with an incredibly abbreviated vocabulary. "Best," "better," "good," "intelligent," "pretty," "fit"...I can go on and on, listing the words that would become invalid. Just because one person lies doesn't mean the word has no relevance when it's used to represent the truth. And you don't have to calibrate terms like these in order to use them. You're making up characteristics of some mythical VPN you imagine, which in fact does not represent what standard (in terms of adoption, in terms of majority of products, or any other majority view) VPNs are like today.
By the way...I know what I'm talking about here. In 2001, I gave a talk at DefCon on the Uber Hax0r track on attacking VPN security to validate vendor claims. Trust me...there has been a hell of a lot of improvement in 11 years, and I can't think of a VPN on the market today which is just "a VPN that uses authentication".
Or, to put things in business terms..what would you alternative be, hm? Simply to not have remote access? Good luck with that. Or perhaps you would prefer a VPN that is classifed as "insecure?" Security is the business of being helpful by facilitating things. Going into jihad mode over a single necessary word simply because someone abused it is not helpful. Finding solutions is helpful..claiming with blanket assumptions that all of a particular body of technology...a widely-adopted and proven technology at that...is not usable is not.
Everyone's saying "cloud, cloud," but I don't think that's necessarily a great idea. Why? Latency, for one...being a law firm, I assume your primary application for users is Microsoft Word. So, imagine that you have a Word document open, not on the other end of a switched 100MB or 1GB link, but at the other end of a 30MB connection that you share with everyone else in the office. You double-click on the document, and wait while it is downloaded. Now, mind you, you also have to think about the autosave feature, but you can set that to save locally to avoid any issues with this problem. But each time you hit 'save,' that document goes back up to the server.
There is enormous potential for trouble here. Word is not network-aware in ways that will help manage this latency and slow activity...and the user experience will suffer. I've done IT work for law firms, and trust me...as you must already know, lawyers are not usually accepting of things like Word seeming to lock up for several seconds every time they open, close, or save a document. And this doesn't even take into account the issue of making your entire infrastructure beholden to that one Internet link...if it goes down, you lose access to everything. That's not good.
I do wonder why you would drop a centralized point of authentication (which is what you have, running Windows Server), which gives you the ability to have role-based access and easy resetting of passwords as needed (again, I have worked with a lot of lawyers in my time). If I were in your shoes, I would go the other way, keeping the server going and making more use of what it has to offer (like some very helpful Group Policy settings). But I don't know your exact situation, skillset, or requirements, so that may be off base. I would definitely NOT use cloud as your primary storage, however.
I do take issue with the term "secure vpn", nothing is totally secure as such a name implies.
Only a noob thinks that anything is totally secure, but there's definitely a difference between "secure" and "not secure." The term is not invalid just because it is not absolute, any more than the word "safe" is invalid to refer to a firearm with the safety on. Do safeties fail? Yes. Do they not make a huge difference in the probablity of an accidental discharge? Also, yes. Thus, the term is valid and holds utility because it does define a meaningful state where risk is significantly reduced. The same is true of secure solutions in the IT sector...the fact that there are no magic bullets that are entirely without risk does not invalidate an entire lexicon of security.
That's my point. It's happening now. Look at the funding cycle, and look at when the shuttle disasters have taken place. Don't forget to look before the first disaster, going back to the period where the shuttle was being built, too. Oh, also...add in the mistakes like the failed probe mission due to a conversion error. Those correlate too.
This posting (and you) are missing an entire aspect of loss when an astronaut dies: funding. The days when a disaster would result in little more than the canonization of the fallen astronauts ended a long time ago; these days, disasters like a shuttle explosion result in congressional hearings, bad press, and talk on the Hill that questions the role and value of NASA as a whole. Maybe it costs less than 28 billion to replace the astronaut, but how much funding will you lose, over time, if your budget gets cut 10% or you can't get the funds approved for the next big project in the first place? And if you can't pull off that next big project, and it looks like NASA isn't as useful as it used to be...then what? This is the nightmare scenario, where NASA is underfunded such that it becomes less effective, which in turn becomes a justification for even less funding.
This hasn't been true for about 2 decades. I worked for EDS...and interviewed with a goatee, having ridden a motorcycle there (I had the jacket with me as well as the helmet). They didn't notice the piercing until later, but that didn't get me fired and I didn't need to remove it. The days of extreme conformity went out the door back in the early 90s...and at the beginning of EDS, they made sense. For one thing, people normally wore business suits in the first place, and there were no purple suits as we see nowadays on some people...so the rules weren't all *that* radical. And for another, EDS started the outsourcing business. So it was quite a leap for a business to trust them with a critical business function that even they didn't understand all that well (since mainframes were so very new), so being able to project a monolithic, stable image was crucial to their success at earning trust.
There's a deeper side to this. Back when EDS was still EDS, they were doing a pretty good job for GM. The problem is, HP bought them, and started to apply the same goals/metrics to the services side (formerly EDS) that they use for the product side (that was losing money, and makes fucking printers in the first place). Side note: here is where my self-control keeps me from using terms like "fucking incompetent faggots" and "galactic assclowns" to describe the piss-chugging buttmonkeys that displaced EDS' leadership. As a result, the quality of service that GM got dropped...and the value proposition of outsourcing went with it.
Now, in all fairness, the fact that HP's leadership couldn't figure out how to get wet if they were dropped in the middle of the ocean is probably only part of the problem. Their ass-pounding mediocrity is probably also compounded by the current political situation and the drive to bring jobs back to the USA. So it's not entirely the fault of a bunch of circle-jerking sycophantic pole-chain-smokers. Just 99.99% their fault.
Yes, but there's a vast chasm of difference between not knowing about a pre-existing set of tools, and just saying (to quote one answer) "Sharepoint" with no additional information beyond that. Let's face it; that's not a helpful answer, even towards going down the wrong path. But even more noteworthy is that I didn't have anyone else teach me about IPAM options. When the time came and I needed to do something like that, I found out abou them via Google. Of course, at that point, I knew how to develop requirements and take it from there...which is a rare skill set because nobody seems to be teaching it, but an essential one as well to successfully implement a new system. The OP may not have searched the right way to get what I got, but why are there so many people who are talking as though they know how to do this, but are offering options that just plain won't work?
There's a big difference between not knowing the answer and asking (which is good...that's how you learn) and pulling an answer out of your ass with no experience to back it up (which is very, very bad), and that's what makes me so nuts about the answers the OP has gotten from so many people here. And I absolutely agree with you...there's a dearth of information exchange and teaching about the "meta-skills" and "meta-solutions" around managing the stables of technology that a lot of organizations have. It seems to be getting better, but only very slowly and through a lot of pain. And the improvement isn't coming from the collegiate world, unfortunately.
I'm reading all the recommendations, and it's giving me a case of Tourette's. Haven't any of these people actually had to DO what they're talking about? There's a whole realm of software meant just for this purpose: it's called IPAM, or "IP Address Management." The proper solutions also contain exactly the information you're looking to capture in addition as well, and integrate with DNS (or, in some cases, include robust DNS capability) so that they are accurate and you don't need to update the database when you set a new DNS entry. Infoblox makes one of the better implementations that I've seen, but since I don't know your exact needs in detail, I would simply look at IPAM solutions in general.
Slashdot Mirror
I believe getting a Micros system installed is on the order of $30k for a small restaurant. There are open source POS systems, but you aren't going to save half that money with it when all is said and done.
Exactly my thought...and the POS is the most important IT asset there. The OP referenced alternatives to QuickBooks, however, so I suspected that he was only looking to replace that kind of system. That's the other half of the POS/financial accounting system that is absolutely crucial to keeping employees paid, spotting fraud, and managing costs. (Cost management failure is the number one cause of restaurants going out of business.) If the POS fails, then the ability to take in money (especially via non-cash means) is severely compromised or eliminated, and managing orders becomes a nightmare (or impossible, if nobody working there has ever done it manually before and knows how it should work). Conversely, if the financial accounting system fails, then the restaurant is flying blind.
My first thought is that opening a restaurant is one of the hardest things in the world to do. If going open source helps lighten your load or costs in a significant manner and makes the restaurant launch more likely to succeed, then swell.
If however its going to be a case where you cant get support, stuff doesn't work, and nobody is available to help bail you out when fixing your software isn't in the top 50 on your priority list...
This is excellent advice, and I would add a bit more to it. Are you looking at Open Source because you're a Linux guru who is used to managing such types of systems, or because you want to save the money that you'd otherwise spend on QuickBooks and Windows licenses? If it's the first, then also consider how much time you'll have to be the sysadmin on top of your other non-IT duties there. If it's the second, then forget OSS. You'll save less than a thousand dollars, in exchange for which you'll have another learning curve thrown at you while trying to open your first restaurant. Restaurants have, as I recall, an 80-90% failure rate in the first year; don't give yourself more to have to deal with to save a tiny bit of money. Your IT infrastructure won't be large, but it MUST be functional and reliable.
Mr. Dewar is under the incredibly flawed belief that avionics are bug-free, when in fact this is not even close to true. Airbus planes in particular...commercial passenger planes...have been plagued with many software flaws, including one for their fly-by-wire system that, under certain circumstances, gave feedback to the control stick which was 100% in the wrong direction. So the plane would be going into a dive, and the stick pulled at you like you were climbing instead. (Imagine going into a skid, and having the power steering lie to you about the forces acting on your tires, and you get some sense of just how horribly bad this is.) The flaw almost resulted in more than one crash.
The space shuttle's software was carefully reviewed after the Challenger explosion. Among other things, they noticed that the gravitational effect of the moon was accidentally reversed...the software calculated the moon's effect as being a repulsive force, rather than an attractive one. As one engineer to examine the software in the course of that review put it, "We have been really, really lucky."
If you're looking for an industry that is fanatical about software quality and safety, the financial sector is where to look. What spurred this discussion is the reason why. These systems move bilions or even trillions of dollars a month, and the survival of the entities that run them depend on the software's reliability and availability. I would point out the sudden discussion about just how much high-frequency trading and high-frequency optioning is going on these days...all of which is run by this kind of software. The amounts involved go into the hundreds of billions of dollars, daily, and it's been building for years. That it took this long for this kind of mistake to happen indicates that the financial industry probably has more to teach than to learn when it comes to software quality.
"I Have No Mouth, and I Must Scream"
Can you imagine being in the control of something with the powers of a God over you, that utterly hates you and has no outlet for its rage but to torture you?
Actually, if you read the sequels, you'll find out just how on-the-money your assessment is. Indeed, that hatred gets directed towards Ender, and he's considered a kind of uber-Hitler. He's referred to as "The Xenocide," rather than by his name, even, as though he single-handedly performed this horrific act for no particular reason.
"since the care and feeding and, most of all, cosseting of employees has been a critical element to Google's success at creating an always-sunny work environment"
Actually, the first and foremost reason for Google's success has been its people. And Yahoo has been taking a beating long enough not to have the same caliber of individuals at this point...so cosseting them isn't exactly going to give the same results as Google gets for taking care of their own employees. Not that it isn't a good idea, but I think Yahoo needs to come up with more compelling reasons to work for them, instead of an up-and-comer (which they absolutely are not, unfortunately). I'm a huge fan of companies providing perks for their people; both scientific studies and my own personal experience show that you get a much bigger ROI on those than on straight salary bumps, for the most part. But they aren't going to improve your company's bottom line automatically.
So you fill all usb ports not used for your keyboard with epoxy
Uh...and what keeps a person from plugging a USB hub into that port, and their keyboard into the USB hub along with whatever other naughtiness they have in mind?
...and doing no good.
The Stuxnet and Flame malware payloads were not just unleashed on the open Internet to find their way to Iran. The infection pattern of both of them indicates that they are targeted...and that means delivery via geographic means. In other words, human assets with hands on keyboards, and no degree of network separation has any effect on that. In fact, airgapping a network actually reduces your ability to fight against the consequences of an attack in many ways. (Ask anyone who's had to clean up an infection that got onto an airgapped network via an infected laptop.) Now granted, with regard to Flame, if there's no way to call home, there's no way to exfiltrate data using a direct network connection. But that doesn't mean that an attacker can't build themselves a nice nest egg of data on a hard drive to take with them.
As someone currently trying to find a place to live - craigslist is a shithole.
CL is pretty bad, except when compared to the alternatives.
Saying that there isn't a Ruth's Chris nearby does not make McDonald's into a steak house.
Age/gender/orientation/class discrimination is rampant and uncontrolled
If they are advertising for a tenant, then discrimination on age/gender is illegal, and CL will take down offending ads if you report them. If they are advertising for a roommate/boarder (someone who shares the same living space) then this discrimination is perfectly legal in many jurisdictions. Discrimination for/against GLBT tenants may or may not be illegal depending on the jurisdiction.
Saying that muggings and rapes are illegal and that there are cops does not make a bad neighborhood into a good one.
It's also firmly stuck around 1996 technology.
There is nothing wrong with that. 1996 technology is perfectly adequate for what CL is doing.
Totally valid.
The searching sucks.
Use Google, and put "site:craigslist.org" as one of your search criteria.
We all know that Google's searching is good...but when you have to use Google as the lens through which you view a website...that website's searching sucks.
Up until recently they were profiteering off the sex industry (which uses human trafficking)
One of the main reasons for abuse in the sex industry (including human trafficking), is that it is a hidden black market. By helping to make it more open and competitive, CL was arguably making it less abusive. I think it is unfair to blame CL for a problem created by politicians.
Based on this logic, the people on street corners selling crack are also blameless. Look, it doesn't matter if there's a market for something bad, or why that is. It is still wrong to profit from it. I could make money doing bad things in many ways...but it's on me if I choose to do so. Period.
I for one support the continuous production of highly enriched nuclear material. Enriched nuclear material is not waste, and can be fed back into the reactor to make more energy. We should continue enriching the waste products until we've burned out most of it and have little waste left, though that might take 200,000 years or so. Considering the amount of nuclear material available, we may be able to add fresh material to the pile and have some 70% left over when it comes time for the sun to burn out.
I think you're confusing things here. This is about enriching uranium past the point that is necessary for use in a reactor. You don't need (or want) weapons-grade uranium to go into a reactor for peaceful purposes. And in fact, it's WAY harder to get uranium to the point where you can get it to detonate (instead of just heat up and melt) at critical mass...so much so that you need to use entirely different means to get there. So there really isn't a benefit to what you're saying here.
It's worth noting that this order is part and parcel of a lawsuit settlement that the MPD reached with someone who was victimized for recording the police at a traffic stop. This order isn't entirely being done spontaneously because the MPD are good little fonzies. I like Chief Lanier, a lot...but for the most part the MPD remain a group of heavily-armed monkeys, most of whom seem to have a racial issue with whatever races they don't belong to. A white officer recently was suspended for stating...openly, to fellow officers...that he would shoot Michelle Obama. And I can state plainly that I've gotten a lot of trouble from non-white officers, personally. It's one of the reasons I moved from DC to a nearby suburb.
Only if that server is on the same local network as the conference. Which it isn't.
It wasn't a phishing email. Here's the email body itself:
This is a note from BlackHat 2012.
________________________________________
You have requested a new password. Here are your details:
Username:
Password:
To sign in, please go to this URL:
https://svel1023/BH12/Admin/
Okay...so that link, if you notice, wouldn't even work. (Try it and see for yourself if you like.) It turns out that this was a software error; a password provisioning function at ITN (the event company supporting BH) sent the email to everyone instead of (presumably) the intended recipient. Indeed, the headers of the email indicate that it emanated from ITN's email server as well. So, the OP is ass-poundingly dishonest in referring to this as a "lame phishing attempt".
You've clearly never even looked at the speakers list or topics for Black Hat. It's not at all watered down; in fact, there used to be a time when a good enough talk would be given at both...but at Defcon, the talk would leave out certain details and depth. By no means is what's delivered light, either...Moxie Marlinspike revealed how to subvert SSL, for example. Dug Song and Thomas Lopatic revealed how to root a Checkpoint Firewall (back when Checkpoint was the big one to get). Major and very serious vulnerabilities in AMI meters (used for Smart Grid) were revealed by IOActive...the list goes on. And you get an incredible mix of major industry players like Cisco and Apple speaking frankly (there's a talk this year on the security architecture of Apple's IOS) along with independent researchers and even lateral thinkers. Jose Nazario...now the Senior Manager for Security Research at Arbor networks, and a Board Member at the Honeynet Project, gave a talk when he was fresh out of finishing his Ph.D. in biochemistry...on viral propagation algorithms for computer viruses. It turns out that what he did his thesis on...viral propagation models for biological viruses...mapped directly to the concept, and the man never worked a day in the biochem field after he finished his doctorate.
So, just because you're not able to afford the ticket, or for some reason you can't gain entry into the infosec field (past criminal record, perhaps? Caught with the ganja, were we?), don't try to tarnish the people trying to share information at the front end of things.
If you think that abuse of a word means the word becomes invalid, then you'd end up with an incredibly abbreviated vocabulary. "Best," "better," "good," "intelligent," "pretty," "fit"...I can go on and on, listing the words that would become invalid. Just because one person lies doesn't mean the word has no relevance when it's used to represent the truth. And you don't have to calibrate terms like these in order to use them. You're making up characteristics of some mythical VPN you imagine, which in fact does not represent what standard (in terms of adoption, in terms of majority of products, or any other majority view) VPNs are like today.
By the way...I know what I'm talking about here. In 2001, I gave a talk at DefCon on the Uber Hax0r track on attacking VPN security to validate vendor claims. Trust me...there has been a hell of a lot of improvement in 11 years, and I can't think of a VPN on the market today which is just "a VPN that uses authentication".
Or, to put things in business terms..what would you alternative be, hm? Simply to not have remote access? Good luck with that. Or perhaps you would prefer a VPN that is classifed as "insecure?" Security is the business of being helpful by facilitating things. Going into jihad mode over a single necessary word simply because someone abused it is not helpful. Finding solutions is helpful..claiming with blanket assumptions that all of a particular body of technology...a widely-adopted and proven technology at that...is not usable is not.
Everyone's saying "cloud, cloud," but I don't think that's necessarily a great idea. Why? Latency, for one...being a law firm, I assume your primary application for users is Microsoft Word. So, imagine that you have a Word document open, not on the other end of a switched 100MB or 1GB link, but at the other end of a 30MB connection that you share with everyone else in the office. You double-click on the document, and wait while it is downloaded. Now, mind you, you also have to think about the autosave feature, but you can set that to save locally to avoid any issues with this problem. But each time you hit 'save,' that document goes back up to the server.
There is enormous potential for trouble here. Word is not network-aware in ways that will help manage this latency and slow activity...and the user experience will suffer. I've done IT work for law firms, and trust me...as you must already know, lawyers are not usually accepting of things like Word seeming to lock up for several seconds every time they open, close, or save a document. And this doesn't even take into account the issue of making your entire infrastructure beholden to that one Internet link...if it goes down, you lose access to everything. That's not good.
I do wonder why you would drop a centralized point of authentication (which is what you have, running Windows Server), which gives you the ability to have role-based access and easy resetting of passwords as needed (again, I have worked with a lot of lawyers in my time). If I were in your shoes, I would go the other way, keeping the server going and making more use of what it has to offer (like some very helpful Group Policy settings). But I don't know your exact situation, skillset, or requirements, so that may be off base. I would definitely NOT use cloud as your primary storage, however.
I do take issue with the term "secure vpn", nothing is totally secure as such a name implies.
Only a noob thinks that anything is totally secure, but there's definitely a difference between "secure" and "not secure." The term is not invalid just because it is not absolute, any more than the word "safe" is invalid to refer to a firearm with the safety on. Do safeties fail? Yes. Do they not make a huge difference in the probablity of an accidental discharge? Also, yes. Thus, the term is valid and holds utility because it does define a meaningful state where risk is significantly reduced. The same is true of secure solutions in the IT sector...the fact that there are no magic bullets that are entirely without risk does not invalidate an entire lexicon of security.
That's my point. It's happening now. Look at the funding cycle, and look at when the shuttle disasters have taken place. Don't forget to look before the first disaster, going back to the period where the shuttle was being built, too. Oh, also...add in the mistakes like the failed probe mission due to a conversion error. Those correlate too.
This posting (and you) are missing an entire aspect of loss when an astronaut dies: funding. The days when a disaster would result in little more than the canonization of the fallen astronauts ended a long time ago; these days, disasters like a shuttle explosion result in congressional hearings, bad press, and talk on the Hill that questions the role and value of NASA as a whole. Maybe it costs less than 28 billion to replace the astronaut, but how much funding will you lose, over time, if your budget gets cut 10% or you can't get the funds approved for the next big project in the first place? And if you can't pull off that next big project, and it looks like NASA isn't as useful as it used to be...then what? This is the nightmare scenario, where NASA is underfunded such that it becomes less effective, which in turn becomes a justification for even less funding.
Why not call it Yoko instead?
"New, from Microsoft..."
"Sweaty Pits 8"
Of course, Apple will have that covered already...
This hasn't been true for about 2 decades. I worked for EDS...and interviewed with a goatee, having ridden a motorcycle there (I had the jacket with me as well as the helmet). They didn't notice the piercing until later, but that didn't get me fired and I didn't need to remove it. The days of extreme conformity went out the door back in the early 90s...and at the beginning of EDS, they made sense. For one thing, people normally wore business suits in the first place, and there were no purple suits as we see nowadays on some people...so the rules weren't all *that* radical. And for another, EDS started the outsourcing business. So it was quite a leap for a business to trust them with a critical business function that even they didn't understand all that well (since mainframes were so very new), so being able to project a monolithic, stable image was crucial to their success at earning trust.
There's a deeper side to this. Back when EDS was still EDS, they were doing a pretty good job for GM. The problem is, HP bought them, and started to apply the same goals/metrics to the services side (formerly EDS) that they use for the product side (that was losing money, and makes fucking printers in the first place). Side note: here is where my self-control keeps me from using terms like "fucking incompetent faggots" and "galactic assclowns" to describe the piss-chugging buttmonkeys that displaced EDS' leadership. As a result, the quality of service that GM got dropped...and the value proposition of outsourcing went with it.
Now, in all fairness, the fact that HP's leadership couldn't figure out how to get wet if they were dropped in the middle of the ocean is probably only part of the problem. Their ass-pounding mediocrity is probably also compounded by the current political situation and the drive to bring jobs back to the USA. So it's not entirely the fault of a bunch of circle-jerking sycophantic pole-chain-smokers. Just 99.99% their fault.
Guess who I used to work for before I quit? :)
Yes, but there's a vast chasm of difference between not knowing about a pre-existing set of tools, and just saying (to quote one answer) "Sharepoint" with no additional information beyond that. Let's face it; that's not a helpful answer, even towards going down the wrong path. But even more noteworthy is that I didn't have anyone else teach me about IPAM options. When the time came and I needed to do something like that, I found out abou them via Google. Of course, at that point, I knew how to develop requirements and take it from there...which is a rare skill set because nobody seems to be teaching it, but an essential one as well to successfully implement a new system. The OP may not have searched the right way to get what I got, but why are there so many people who are talking as though they know how to do this, but are offering options that just plain won't work?
There's a big difference between not knowing the answer and asking (which is good...that's how you learn) and pulling an answer out of your ass with no experience to back it up (which is very, very bad), and that's what makes me so nuts about the answers the OP has gotten from so many people here. And I absolutely agree with you...there's a dearth of information exchange and teaching about the "meta-skills" and "meta-solutions" around managing the stables of technology that a lot of organizations have. It seems to be getting better, but only very slowly and through a lot of pain. And the improvement isn't coming from the collegiate world, unfortunately.
I'm reading all the recommendations, and it's giving me a case of Tourette's. Haven't any of these people actually had to DO what they're talking about? There's a whole realm of software meant just for this purpose: it's called IPAM, or "IP Address Management." The proper solutions also contain exactly the information you're looking to capture in addition as well, and integrate with DNS (or, in some cases, include robust DNS capability) so that they are accurate and you don't need to update the database when you set a new DNS entry. Infoblox makes one of the better implementations that I've seen, but since I don't know your exact needs in detail, I would simply look at IPAM solutions in general.