We need to fix the social problems that cause terrorism before that happens.
Agreed.
In real terms, that involves raising the level of education and the quality of life in all parts of the globe to the point where there are no large groups of people who are still so poor that they have nothing to lose, or so ignorant that they have nothing to believe in beyond what their local preacher tells them.
Nope. That's more likely to cause it. The best way of stopping terrorism is to stop sticking your nose into what goes on in other countries. Let them lead their own lives and stop telling them what to do. Of course, I'm not saying that facilitating education isn't a good thing, but start preaching to other countries about how their citizens should live and what they should do and you're no better than the nutter at the mosque/synagogue/church directing their congregation to do evil.
Your argument would hold water if we were actively doing things to protect against future events.
However, we're not.
Somebody takes a shoe bomb in so we ramp up security to check everybody's shoes.
Then somebody takes a liquid bomb in so we restrict which liquids can be carried.
Then somebody takes a knife in so we restrict blades.
Then... and so we...
ad nauseum.
Everything we are doing is reactive. It does nothing to stop future events, nothing at all.
The only benefit to implementing the assinine restrictions we have in place are solely to the politicians who then look like they're doing something about the problem. Of course, they're not. They're doing something about the effects of the problem, not the problem itself.
The problem is how we (or more accurately, the US) is percieved by the rest of the world. That's the problem which needs solving.
Personally, I'd be quite happy to fly with the security checks which were in place 20 years ago. I mean, come on, let's face it, if somebody wants to bring a flight down, they'll do it. Statistically I have about a 5000 times greater chance of being involved in a road traffic accident. The risks are miniscule. Stop worrying about it and enjoy your life.
“[channel 4 shall] foster the new and experimental in television. It will encourage pluralism, provide a favoured place for the untried and encourage innovation in style content perspective and talent on and off screen”.
It would be nice if you got your facts in order before mouthing off.
There is no fine/tax on the purchase of a new TV (I don't think I know a single person who calls them 'tellys' any more).
There is a licence fee - GBP142.50 a year. For that, we get many TV channels, umpteen national radio stations and even more local radio stations.
All of it without adverts.
News quality is absolutely superb. I think it's the biggest news broadcaster in the world which is not owned by some media billionaire or controlled by government. Personally, I'd trust the BBC news over any other source (note I'm not saying they're perfect though).
As a Brit, I'm proud of the BBC. Having visited many many countries, I can safely say there is absolutely no competition. None at all.
Firstly, this sounds like a Daily Mail [wikipedia.org] article, but nevertheless.....
How do the government propose than ISPs determine whether content being downloaded is pirated or not? What is the difference between your browser downloading a copyrighted image on [insert name of favourite photo library site] for viewing and downloading an MP3 file? You and I may both download [copyrightedsong.mp3] but I may have permission from the publisher and you may not. How will the ISPs determine this? What if our connections were encrypted, encoded or used IPv6?
I could go on. And on. And on......
The fact is that apart from monitoring visits to [downloadyourillegalaudiofilesandfilmshere.com], there's absolutely sod all that anybody can do which is even remotely effective.
Now, on the other hand, if the government were brave enough to stand up to the music/film groups and come up with some sensible laws which benefit both the citizens and the music/film groups.... well, if that happend, I'd be living in cloud-cookoo land.
I have a G1 through T-Mobile in the UK. My terms and conditions say that I'm not allowed to use VoIP services (well, the wording's a little more complicated than that, but that's the gist of it).
Be interesting to see what happens as and when Google Voice gets rolled out to the UK. In the meantime, can somebody invite me to join the US trial and provide the necessary details of harbour?
I would agree with you entirely, were it not for the fact that Voda appear to be locking this box down to certain handsets.
However, I agree entirely - why should I pay an additional monthly fee to Voda just so I can use their service from my house when I can walk fifty yards down the street and not have to pay? Further, not only am I paying Voda for the privilege of saving them money, but I then have to fork out for additional bandwidth on my home broadband.
All that having been said, one of only two reasons my company has an office is for mobile coverage. If I can get coverage at home (and those of my staff), there's no reason not to move to home working any more. The additional cost of the cells would still result in a saving if we don't have to pay for the offices.
The British Library has a copy of every book ever to be published (at least, published in the UK). Some of those books contain some very very dodgy material - those Victorians had some fetishes which are more than a little bit illegal now.
In association with third parties, the Library maintains an index of all the books such that if you were to look up, for example, "donkey sex", you'd be able to find the appropriate publications. However, if you went to the Library and asked to see these publications, you wouldn't be allowed (except under very clearly defined circumstances). If, on the other hand, you looked up "Housebuilding for beginners", the Library wouldn't stop you accessing those publications.
If this verdict were applied to the companies who maintained the index for/with the British Library, there would be uproar.
TPB did nothing more than provide the index. Google do the same, the British Library do the same.
Fine, by all means beat the living daylights out of the people who follow the index to read the books or download the files, but there is no logical reason why the parties doing the indexing should be held liable for what they are indexing.
The main sticking point for me is all UK ISPs are IPv4 only.
You haven't been looking hard enough. AAISP (http://www.aaisp.net.uk/) support both IPv6 and IPv4. I know because they've given me 1208925819614629174706176 addresses!
I run a small comms company in the UK. Every now and again we have a problem that causes everything to grind to a halt. Our on-call engineers were using their mobiles (cells) for support notification, but we kept missing faults. There are so many flaws with the way mobiles notify SMSs:
1 - It can take days for a SMS to be delivered (rare, but certainly happens on occasion). We have *never* had a page delivered more than 2 minutes delay. Most of the time, it's about 10 seconds!
2 - If you're away from your mobile when the SMS arrives, you've no way of knowing that it's there unless you look at the phone. Our pagers are configured to beep/vibrate continuously until they're acknowledged.
3 - Mobiles don't have loud enough beeps or vibrate strongly enough. Pagers do!
4 - Go to a customer in a dodgy signal area and you don't get the SMS/voicemail until you get signal back. We haven't found an area of the country in which our pager (Vodafone) doesn't work. They work inside buildings, they work in the open countryside and they work in built up areas.
What's more, they're not expensive - GBP10 a month gets you a decent unit with a personalised answering service ("Hello, company XXXXX, please can I take your message") as well as an e-mail to pager service and you can even do HTTP POSTs to Vodafone's website to send from there.
We wouldn't be without our pagers. If anybody's interested, we get ours from http://pagers.co.uk/.
First, let me say that I'm an Asterisk consultant with experience of the SOHO and SME marketplaces (plus a few Enterprise level call centres). I have a lot of experience of what people want from their phones. I'd also add that my home number has had this feature on it for the past three years!!
I would be very surprised if they shifted a lot of these boxes in the UK. Nuisance calls aren't as much of a problem as they are in the US and I simply can't see that many people thinking it worth while spending GBP100 on a box to filter them out.
However, the box has an inbuilt answerphone and for an additional GBP25, it'll do call recording too.
Now, that's where the value is forget everything else, a call recorder for GBP125 is pretty good value. Add to that the fact that you've got an answerphone _and_ you can screen calls and that's amazing value.
So, IMHO, their marketing's all wrong. In the UK, the value is definitely in call recording.
Yes. Along with pretty much any nationality you can think of. We're all dumb.
If Dell won't sell one particular configuration through one particular channel, there'll be a reason for it. More likely than not, it's not profitable for them to do so - it'll cost them more to do you a special than they'll make back in profit.
If that's the case, they don't want your money - they may just as well mail you a check/cheque for the difference and call it quits. They're hardly likely to do that now are they?
I never cease to be amazed at the number of people who complain when a company won't take their cash. If they won't take it, they don't want it and your complaining isn't going to do anything about it.
Anyway, allow me to climb down off my hobby-horse. If you want to make Dell pay, buy a normal Windows-ified PC and claim the money back as per the EULA.
So, don't complain - you have no right to complain. However, what you do have is a choice. Use it.
The issue is that anything that is transmitted over a public channel is open for analysis, and hence private information need to be secure.
No, that's not the issue. The good old PSTN is public and insecure. The post (snail mail) is public and insecure. If people want to send their information securely, they scramble their phone calls and encrypt (code/cipher/whatever) their post. The same applies to VoIP (VPN, encryption etc.).
The issue here is cost.
When a VoIP system is cracked, it costs somebody money.
The problem here is a lack of understanding on how to secure (*NOT* encrypt) VoIP connections.
I run a business which supplies telephone systems. All our systems run VoIP and all can be remotely accessed. It doesn't matter how much I jump up and down about social/network/hardware security, the customers just don't get it.
Luckily, we do.
Hypothetical: One of their PCs gets compromised. It runs packet sniffing software which then copies the voice traffic off elsewhere.
Hypothetical: One of their PCs gets compromised. It runs packet sniffing software which then registers with the switch and proxys external connections out over the customer's PSTN/VoIP trunks, at the customer's expense.
None of these have happened yet (in fact, one compromised machine we were called in to look after could have given the cracker access to 30 PSTN lines, but was just used for IRC botting), but I'm just waiting for the day when the customer's trunks are attacked. Of course, when this happens, there is a tangible cost element (in terms of the telco charges for the calls made).
The worrying thing is that there are a number of telecomms wannabees starting up. These are typically IT companies who are seeing their margins disappear and wanting to branch out. These people are mainly selling Asterisk or some form of virtual PBX service. Sadly, these people don't understand telecomms and (much to my surprise), don't appear to understand basic network protocols and terminology (let alone security). These are the companies who'll give VoIP a bad name and who'll cost their customers a fortune.
Luckily, as with IT, when the sh1t hits the fan, companies like ours will be there to sort it out (and make more money from sorting it out than we would have done in the first place).
Somehow I have a bit of trouble believing this. How hard would it be for a large company like Telewest to send it's subsribers a CD with anti-virus/adware removal tools on it?
Erm... Not as easy as you would have us believe. Firstly, the software has to be sourced, secondly, the licences have to be checked (they could get into trouble, for example, if they gave a CD containing 'free for home use' software to a business), the CD has to be produced and then it has to be distributed to the customers. If the total cost of this broke down to less than GBP1.50 per CD for 16,000 copies, I'd be very surprised. Of course, the other issue with this is how do you make sure the end user doesn't throw the CD straight in the bin, but follows the instructions?
Or an email with such software in it?
Nooooooooo. People are just starting to get the hang of not running attachments which arrive out of the blue and look genuine. Want to undo all that good work?
Or even call users and tell them they have an issue?
Given that this situation has occurred in the first place, it is clear that Telewest don't have a monitoring policy. a) This would have to be put in place, including expenditure on hardware and labour, and b) a team would have to be set up to make the calls. Given that the end user is likely to ask "What should I do", the person making the call has to have at least an idea of what a computer is, and man-hours aren't cheap.
All three of your proposed solutions would also require Telewest to provide some sort of helpdesk to provide support to their customers, either by providing help with installing/running the software sent, or on cleaning their machine.
In the UK, the margin on broadband products for volume providers such as Telewest is very low - it's a numbers game. Any action (such as sending CDs, making calls etc.) has an impact directly on their bottom line. They will have done some sort of cost:benefit analysis on tackling this problem and, although I don't know the results, riddle me this: What benefit to the bottom line is there in their reducing the number of infected machines?
Here's what'll happen: Telewest will scream loudly and make sure that their smarthost is removed from the blocklist. Like other ISPs, they won't care if the IPs allocated to their customers are blocked - in fact, it saves them having to do all the work outlined above! After a week or so, everything will settle down and the whole situation will be forgotton. The bean counters will sit back and pat themselves on the back for not unnecessarily spending money on prevention.
So, in summary, nice ideas, but not realistic - this is business and all business cares about is the bottom line.
"asterisk is a cool project, but it's huge and designed to interface to lots of legacy hardware."
Nope. Asterisk is designed so that if you want to interface with lots of legacy hardware, it's easy to write an application interface to do so. There's a big difference.
"and you can get pots to SIP adapters for much cheaper than the specalized cards that asterisk uses"
Or, alternatively, you could just use those cheaper adaptors with Asterisk as we do.
We have built our business based on Asterisk and have several SIP-only installations as well as SIP and TDM combined installations. We regularly undertake product surveys, but as yet we haven't found any product which can match Asterisk, let alone beat it!
Perhaps foolishly, I'll assume for the moment that most people who play the kind of games which need specialist kit are the kind of people who know what kind of specialist kit they need. If they know what kit they need, the chances are that they'll know where to buy it cheaply. I'll also assume that the kind of people who want specialist kit (which, another assumption, would be bleeding edge) will be the kind of people who're likely to upgrade those individual components in need of a little more ooomph. If they're the kind of person who does their own upgrades, won't they just buy the bits themselves?
OK, OK, a lot of assumptions, but what I'm trying to say is that I can't imagine that this'll be popular with real gamers.
So, if this service is not going to be used by real gamers, who will order a specialist games PC? Probably the kind of numpty who would order a PC from the likes of HP/Dell/Whatever anyway. If this is the case, then we're not talking about news of earth-shattering importance. It's just a manufacturer introducing a new range to try to grab new market share. Just like soap powder manufacturers introducing a new powder to try to grab more market share.
I've bought plenty of stuff on eBay and sold odds and sods too. Like most people who've done more than a few trades, I've been caught out and I know that some people who've bought from me didn't read the item description properly.
However, how is this eBay's fault? Why should eBay be responsible for my failure to check out the items I'm buying or the buyer I'm buying from? Likewise, why should eBay care if my buyer didn't read the item description?
One thing's clear from looking at that list - spend more time on testing your code.
Unfortunately, speaking as an ex-programmer, time is one luxury that PHBs don't afford their minions. A project needs to be completed and knocked out of the door as soon as possible. The less time spent on unnecessary work, the better.
It is also unfortunate that PC users have been brought up expecting to have buggy software in front of them and expecting to have to reboot/reinstall. What motivation is there to produce bug free code when the users will accept buggy code?
Ho well, at least I run my own company now - master of my own wallet - and can concentrate on quality solutions.
While all of us here will all agree that removing Telnet/FTP traffic from campus networks is a very silly thing indeed, the worrying thing is that it's not going to be the IT literate people who will make the decision.
Imagine, if you will, the head honcho at the college. For years s/he's been bombarded with tales of insecurity, hacking (sic) and other computer misuse. They see an article in a 'trusted' publication which seems to solve all their problems. What are they going to do? Out of sheer ignorance, they'll make the order that Telnet and FTP should be banned.
Slashdot Mirror
We need to fix the social problems that cause terrorism before that happens.
Agreed.
In real terms, that involves raising the level of education and the quality of life in all parts of the globe to the point where there are no large groups of people who are still so poor that they have nothing to lose, or so ignorant that they have nothing to believe in beyond what their local preacher tells them.
Nope. That's more likely to cause it. The best way of stopping terrorism is to stop sticking your nose into what goes on in other countries. Let them lead their own lives and stop telling them what to do. Of course, I'm not saying that facilitating education isn't a good thing, but start preaching to other countries about how their citizens should live and what they should do and you're no better than the nutter at the mosque/synagogue/church directing their congregation to do evil.
Your argument would hold water if we were actively doing things to protect against future events.
However, we're not.
Somebody takes a shoe bomb in so we ramp up security to check everybody's shoes.
Then somebody takes a liquid bomb in so we restrict which liquids can be carried.
Then somebody takes a knife in so we restrict blades.
Then... and so we...
ad nauseum.
Everything we are doing is reactive. It does nothing to stop future events, nothing at all.
The only benefit to implementing the assinine restrictions we have in place are solely to the politicians who then look like they're doing something about the problem. Of course, they're not. They're doing something about the effects of the problem, not the problem itself.
The problem is how we (or more accurately, the US) is percieved by the rest of the world. That's the problem which needs solving.
Personally, I'd be quite happy to fly with the security checks which were in place 20 years ago. I mean, come on, let's face it, if somebody wants to bring a flight down, they'll do it. Statistically I have about a 5000 times greater chance of being involved in a road traffic accident. The risks are miniscule. Stop worrying about it and enjoy your life.
what on earth are they thinking?!
That's an easy one.
From the Channel 4 remit as laid out in the statement of programme policy, attached to the Channel 4 licence:
“[channel 4 shall] foster the new and experimental in television. It will encourage pluralism, provide a favoured place for the untried and encourage innovation in style content perspective and talent on and off screen”.
Nick.
It would be nice if you got your facts in order before mouthing off.
There is no fine/tax on the purchase of a new TV (I don't think I know a single person who calls them 'tellys' any more).
There is a licence fee - GBP142.50 a year. For that, we get many TV channels, umpteen national radio stations and even more local radio stations.
All of it without adverts.
News quality is absolutely superb. I think it's the biggest news broadcaster in the world which is not owned by some media billionaire or controlled by government. Personally, I'd trust the BBC news over any other source (note I'm not saying they're perfect though).
As a Brit, I'm proud of the BBC. Having visited many many countries, I can safely say there is absolutely no competition. None at all.
Nick.
Firstly, this sounds like a Daily Mail [wikipedia.org] article, but nevertheless.....
How do the government propose than ISPs determine whether content being downloaded is pirated or not? What is the difference between your browser downloading a copyrighted image on [insert name of favourite photo library site] for viewing and downloading an MP3 file? You and I may both download [copyrightedsong.mp3] but I may have permission from the publisher and you may not. How will the ISPs determine this? What if our connections were encrypted, encoded or used IPv6?
I could go on. And on. And on......
The fact is that apart from monitoring visits to [downloadyourillegalaudiofilesandfilmshere.com], there's absolutely sod all that anybody can do which is even remotely effective.
Now, on the other hand, if the government were brave enough to stand up to the music/film groups and come up with some sensible laws which benefit both the citizens and the music/film groups.... well, if that happend, I'd be living in cloud-cookoo land.
Finally, an article in my area of expertise. Now this is likely to earn me +5 insightful, interesting and everything else.
So, why is Vanish useful to us?
Well... [BEGIN VANISH]u5vw7b658we77kw4657865v87zb68e7y678ctr63or63o7t6ox9587x4ygfiouhx .lwaje .og8unl98nst.oby487rw;zbv5l936tlisd rnzsche.ldnj ekqb;wv4ioa
eo84yre kl76v5los79y6to89xep89x7e4v6eotyl9e84lbvr8xy76ebl9txevl9r8
ygnl8odvr,i8xeyvti8seybvto eby5tli8xevynlr8n776vsot7vnl9xe84nyu
aowpibtulieut,iwvy,o39u dryswrl9uzfna484ytlo8cwjnlv ig78wfp9cnusgl8w
3n4aly8u
ur.,zwjsehg f,vhlfiawvutileuklrla wucbtrqil37ctlasehjctn;laiwuerciluqw3ybt
ow875ntliu awu[9c57st8nzwci4ycrnhseu6go38ny cfukbtw347v6f5o93vsb
y to9y347icr yisuryctw 37bt6l9s38 ucr,ugbvt6o8w 3nyu.oulv87vg[END VANISH]
I think we can all agree with that.
Nick.
I have a G1 through T-Mobile in the UK. My terms and conditions say that I'm not allowed to use VoIP services (well, the wording's a little more complicated than that, but that's the gist of it).
Be interesting to see what happens as and when Google Voice gets rolled out to the UK. In the meantime, can somebody invite me to join the US trial and provide the necessary details of harbour?
Nick.
The UK mobile network voicemail systems are very very insecure.
Fake your caller ID (very easily done if you have half a clue) and dial into the message centre for whichever network the mobile number's on.
That's it. Simple. We've been doing this since 2004 to enable our customers to retrieve voicemail from their desktops.
It doesn't matter whether there's a PIN on the voicemail or not - none of the networks prompt for PINs if the caller ID is one of theirs.
And, to answer the question, "How did famously technologically-challenged reporters manage the feat without BT catching on?"
1 - It wasn't the reporters who did it, it wasy the PIs they hired
2 - What have BT got to do with it?
Nick.
I would agree with you entirely, were it not for the fact that Voda appear to be locking this box down to certain handsets.
However, I agree entirely - why should I pay an additional monthly fee to Voda just so I can use their service from my house when I can walk fifty yards down the street and not have to pay? Further, not only am I paying Voda for the privilege of saving them money, but I then have to fork out for additional bandwidth on my home broadband.
All that having been said, one of only two reasons my company has an office is for mobile coverage. If I can get coverage at home (and those of my staff), there's no reason not to move to home working any more. The additional cost of the cells would still result in a saving if we don't have to pay for the offices.
Ho hum.
Nick.
...of the possibilities the porn industry could come up with.
Hmmm. OK. On second thoughts, don't.
The British Library has a copy of every book ever to be published (at least, published in the UK). Some of those books contain some very very dodgy material - those Victorians had some fetishes which are more than a little bit illegal now.
In association with third parties, the Library maintains an index of all the books such that if you were to look up, for example, "donkey sex", you'd be able to find the appropriate publications. However, if you went to the Library and asked to see these publications, you wouldn't be allowed (except under very clearly defined circumstances). If, on the other hand, you looked up "Housebuilding for beginners", the Library wouldn't stop you accessing those publications.
If this verdict were applied to the companies who maintained the index for/with the British Library, there would be uproar.
TPB did nothing more than provide the index. Google do the same, the British Library do the same.
Fine, by all means beat the living daylights out of the people who follow the index to read the books or download the files, but there is no logical reason why the parties doing the indexing should be held liable for what they are indexing.
I despair. I really do.
The main sticking point for me is all UK ISPs are IPv4 only.
You haven't been looking hard enough. AAISP (http://www.aaisp.net.uk/) support both IPv6 and IPv4. I know because they've given me 1208925819614629174706176 addresses!
Nick.
I run a small comms company in the UK. Every now and again we have a problem that causes everything to grind to a halt. Our on-call engineers were using their mobiles (cells) for support notification, but we kept missing faults. There are so many flaws with the way mobiles notify SMSs:
1 - It can take days for a SMS to be delivered (rare, but certainly happens on occasion). We have *never* had a page delivered more than 2 minutes delay. Most of the time, it's about 10 seconds!
2 - If you're away from your mobile when the SMS arrives, you've no way of knowing that it's there unless you look at the phone. Our pagers are configured to beep/vibrate continuously until they're acknowledged.
3 - Mobiles don't have loud enough beeps or vibrate strongly enough. Pagers do!
4 - Go to a customer in a dodgy signal area and you don't get the SMS/voicemail until you get signal back. We haven't found an area of the country in which our pager (Vodafone) doesn't work. They work inside buildings, they work in the open countryside and they work in built up areas.
What's more, they're not expensive - GBP10 a month gets you a decent unit with a personalised answering service ("Hello, company XXXXX, please can I take your message") as well as an e-mail to pager service and you can even do HTTP POSTs to Vodafone's website to send from there.
We wouldn't be without our pagers. If anybody's interested, we get ours from http://pagers.co.uk/.
Nick.
First, let me say that I'm an Asterisk consultant with experience of the SOHO and SME marketplaces (plus a few Enterprise level call centres). I have a lot of experience of what people want from their phones. I'd also add that my home number has had this feature on it for the past three years!!
I would be very surprised if they shifted a lot of these boxes in the UK. Nuisance calls aren't as much of a problem as they are in the US and I simply can't see that many people thinking it worth while spending GBP100 on a box to filter them out.
However, the box has an inbuilt answerphone and for an additional GBP25, it'll do call recording too.
Now, that's where the value is forget everything else, a call recorder for GBP125 is pretty good value. Add to that the fact that you've got an answerphone _and_ you can screen calls and that's amazing value.
So, IMHO, their marketing's all wrong. In the UK, the value is definitely in call recording.
However, your views may vary!
Erm. Fibre is narrowband, not broadband.
Just my 2 bits.
> American Consumers are DUMB!
Yes. Along with pretty much any nationality you can think of. We're all dumb.
If Dell won't sell one particular configuration through one particular channel, there'll be a reason for it. More likely than not, it's not profitable for them to do so - it'll cost them more to do you a special than they'll make back in profit.
If that's the case, they don't want your money - they may just as well mail you a check/cheque for the difference and call it quits. They're hardly likely to do that now are they?
I never cease to be amazed at the number of people who complain when a company won't take their cash. If they won't take it, they don't want it and your complaining isn't going to do anything about it.
Anyway, allow me to climb down off my hobby-horse. If you want to make Dell pay, buy a normal Windows-ified PC and claim the money back as per the EULA.
So, don't complain - you have no right to complain. However, what you do have is a choice. Use it.
The issue is that anything that is transmitted over a public channel is open for analysis, and hence private information need to be secure.
No, that's not the issue. The good old PSTN is public and insecure. The post (snail mail) is public and insecure. If people want to send their information securely, they scramble their phone calls and encrypt (code/cipher/whatever) their post. The same applies to VoIP (VPN, encryption etc.).
The issue here is cost.
When a VoIP system is cracked, it costs somebody money.
The problem here is a lack of understanding on how to secure (*NOT* encrypt) VoIP connections.
Nick.
I run a business which supplies telephone systems. All our systems run VoIP and all can be remotely accessed. It doesn't matter how much I jump up and down about social/network/hardware security, the customers just don't get it.
Luckily, we do.
Hypothetical: One of their PCs gets compromised. It runs packet sniffing software which then copies the voice traffic off elsewhere.
Hypothetical: One of their PCs gets compromised. It runs packet sniffing software which then registers with the switch and proxys external connections out over the customer's PSTN/VoIP trunks, at the customer's expense.
None of these have happened yet (in fact, one compromised machine we were called in to look after could have given the cracker access to 30 PSTN lines, but was just used for IRC botting), but I'm just waiting for the day when the customer's trunks are attacked. Of course, when this happens, there is a tangible cost element (in terms of the telco charges for the calls made).
The worrying thing is that there are a number of telecomms wannabees starting up. These are typically IT companies who are seeing their margins disappear and wanting to branch out. These people are mainly selling Asterisk or some form of virtual PBX service. Sadly, these people don't understand telecomms and (much to my surprise), don't appear to understand basic network protocols and terminology (let alone security). These are the companies who'll give VoIP a bad name and who'll cost their customers a fortune.
Luckily, as with IT, when the sh1t hits the fan, companies like ours will be there to sort it out (and make more money from sorting it out than we would have done in the first place).
Ho hum.
Nick.
Erm... Not as easy as you would have us believe. Firstly, the software has to be sourced, secondly, the licences have to be checked (they could get into trouble, for example, if they gave a CD containing 'free for home use' software to a business), the CD has to be produced and then it has to be distributed to the customers. If the total cost of this broke down to less than GBP1.50 per CD for 16,000 copies, I'd be very surprised.
Of course, the other issue with this is how do you make sure the end user doesn't throw the CD straight in the bin, but follows the instructions?
Nooooooooo. People are just starting to get the hang of not running attachments which arrive out of the blue and look genuine. Want to undo all that good work?
Given that this situation has occurred in the first place, it is clear that Telewest don't have a monitoring policy. a) This would have to be put in place, including expenditure on hardware and labour, and b) a team would have to be set up to make the calls. Given that the end user is likely to ask "What should I do", the person making the call has to have at least an idea of what a computer is, and man-hours aren't cheap.
All three of your proposed solutions would also require Telewest to provide some sort of helpdesk to provide support to their customers, either by providing help with installing/running the software sent, or on cleaning their machine.
In the UK, the margin on broadband products for volume providers such as Telewest is very low - it's a numbers game. Any action (such as sending CDs, making calls etc.) has an impact directly on their bottom line. They will have done some sort of cost:benefit analysis on tackling this problem and, although I don't know the results, riddle me this: What benefit to the bottom line is there in their reducing the number of infected machines?
Here's what'll happen: Telewest will scream loudly and make sure that their smarthost is removed from the blocklist. Like other ISPs, they won't care if the IPs allocated to their customers are blocked - in fact, it saves them having to do all the work outlined above! After a week or so, everything will settle down and the whole situation will be forgotton. The bean counters will sit back and pat themselves on the back for not unnecessarily spending money on prevention.
So, in summary, nice ideas, but not realistic - this is business and all business cares about is the bottom line.
We have built our business based on Asterisk and have several SIP-only installations as well as SIP and TDM combined installations. We regularly undertake product surveys, but as yet we haven't found any product which can match Asterisk, let alone beat it!
Perhaps foolishly, I'll assume for the moment that most people who play the kind of games which need specialist kit are the kind of people who know what kind of specialist kit they need. If they know what kit they need, the chances are that they'll know where to buy it cheaply. I'll also assume that the kind of people who want specialist kit (which, another assumption, would be bleeding edge) will be the kind of people who're likely to upgrade those individual components in need of a little more ooomph. If they're the kind of person who does their own upgrades, won't they just buy the bits themselves?
OK, OK, a lot of assumptions, but what I'm trying to say is that I can't imagine that this'll be popular with real gamers.
So, if this service is not going to be used by real gamers, who will order a specialist games PC? Probably the kind of numpty who would order a PC from the likes of HP/Dell/Whatever anyway. If this is the case, then we're not talking about news of earth-shattering importance. It's just a manufacturer introducing a new range to try to grab new market share. Just like soap powder manufacturers introducing a new powder to try to grab more market share.
So...
Move along, there's nothing to see....
Nick.
Nick.
I've bought plenty of stuff on eBay and sold odds and sods too. Like most people who've done more than a few trades, I've been caught out and I know that some people who've bought from me didn't read the item description properly.
However, how is this eBay's fault? Why should eBay be responsible for my failure to check out the items I'm buying or the buyer I'm buying from? Likewise, why should eBay care if my buyer didn't read the item description?
Nanny bloody society.
Nick.
One thing's clear from looking at that list - spend more time on testing your code.
Unfortunately, speaking as an ex-programmer, time is one luxury that PHBs don't afford their minions. A project needs to be completed and knocked out of the door as soon as possible. The less time spent on unnecessary work, the better.
It is also unfortunate that PC users have been brought up expecting to have buggy software in front of them and expecting to have to reboot/reinstall. What motivation is there to produce bug free code when the users will accept buggy code?
Ho well, at least I run my own company now - master of my own wallet - and can concentrate on quality solutions.
While all of us here will all agree that removing Telnet/FTP traffic from campus networks is a very silly thing indeed, the worrying thing is that it's not going to be the IT literate people who will make the decision.
Imagine, if you will, the head honcho at the college. For years s/he's been bombarded with tales of insecurity, hacking (sic) and other computer misuse. They see an article in a 'trusted' publication which seems to solve all their problems. What are they going to do? Out of sheer ignorance, they'll make the order that Telnet and FTP should be banned.
Ah well. At least I left university 8 years ago.
Nick.