This isn't a question of not getting a regularly-scheduled life-saving $thing. This is a phone book. If someone gets opted-out by a 3rd party and they still want to get a phone book, they should get an annual mailer (that everyone gets) telling them how to get one.
Tell me the publishers of the phone books wouldn't be happy to send one from their stockpile anytime someone wanted one.
They don't need anything more than an address to NOT deliver to.
RDP works great when you've got the router/firewall rules set up for it. However, it's a bit of a security risk to set it up and leave it.
TeamViewer is nice if you can get them to walk through the steps to get a connection going. Same goes for all other types of "request help" options.
I prefer the free version of LogMeIn. The agent is small and it generally stays out of the way when you're not using it. If you get a support call, you can just jump into the computer without any action on their part. If you pay to get a LogMeIn Pro account (it's not exactly cheap which discourages personal use), you can do a lot more back-end monitoring/alerting and system maintenance (file copies, remote command prompt console, event log viewer, start/stop services, etc.) without directly affecting the console session.
Your address alone should be sufficient. Your name should not be required (nor any other information) since it's the address they're delivering the books to. They don't need to know who lives there (even if they already do) or what their "marketing preferences" are (even if they already do). They can send a bulk flier in the mail once per year to let you know how to get one should you want/need one.
I was suggesting the sign be placed at my own front door, for instance. Or you could do so at your own front door. This isn't a public space we're talking about. It's clearly private property, beyond the reach of the typical easement. Just because you can see it from a public space doesn't mean it's a public space.
And, besides, at the very least, if they deliver a phone book to your door, that's a non-government entity - public or private - that is at least trespassing. A sign is sufficient for that to be a violation.
And, besides THAT, if the contractors delivering phone books on behalf of the company, they're representing the company, itself. There's substantial case law on such things (that I won't go digging for because I'm not too proud to admit I'm lazy). Much of that apparently depends on how much of their income is a result of that specific contract work (i.e.: whether or not they have other contracts for other companies, for instance) but, in small claims, you could easily make the case that the contractor represents the company so the company should be on the hook, not the poor shlub that needs a few extra bucks to drop a dead tree at everyone's door in a neighborhood.
The contractors are probably required by the company to deliver to every house (except the ones on their do-not-deliver-to list). But that's a contractual problem between the contractor and the company. If the contractor breaks a law because the company policy said to do it, that contractor is still breaking a law. And the company that told them to do it is likely in some hot water because the contractor is acting on behalf of the company.
I'm in my mid-30s and stopped using the phone book(s) for their intended purposes as soon as I got my first DSL connection back in late 90s. I've only ever used them since as weights or stands. The problem should be correcting itself already. It hasn't. And it's getting to the point where if I *don't* want one, I have to tell them more than my address, which should be simple enough. They're trying to turn a negative (for them) into something positive (for them). By collecting personally-identifiable information at the opt-out stage, they're able to use it for their own marketing purposes or sell it to someone else that will.
You really need to take it a step further. Post a sign on your property (by the front door, most likely) saying, in essence, that leaving any un-requested non-governmental (like tax notices, town hall meetings, and other municipal notices) material is assumed to be trash and will be billed $500 (or some other absurd amount just under the small-claims cap) per item. Then make sure you have a camera recording that space with the sign in frame. When the people come to drop off the phone books, send the company a bill for "disposal services." When they refuse to pay, explain that you have video evidence and will continue to pursue the matter now and for each future instance.
This will either make the company spend time and resources dealing with your case in small claims court or they'll skip it entirely giving you a default judgement. Bonus points if you live in a jurisdiction where formal representation is prohibited for both parties (they can't send a high-priced lawyer nor are you allowed to hire one of your own) so a company executive has to make the trip to court.
The point is to make yourself so much of a pain in the ass to them that they stop delivery to you altogether all while making a little money from turning a pain in the ass to you into a pain in the ass to them. If enough people do this, they'll eventually do something about it. Not sure WHAT that might be, but my hope is a full-on opt-in system or, at least, an opt-out without all the personally-identifiable information.
Note that I'm not a lawyer nor have I had to resort to this sort of action.
If they're wanting to connect and they're being extraordinarily sneaky and clever at it, it may be easier to simply let them connect but limit the damage. Set up whitelists for a select few domains/IPs once they're connected so as to limit any liability concerns (child porn, illegal music/movies, etc.) Also set up heavy throttling so they're getting throughput much less than an average dialup account would get. This assumes, of course, you've separated your access point from your actual router. Just hopping onto the WiFi signal will get them on your LAN (and you ARE separating the wireless traffic from your wired traffic, yes?) Then you can use your router to shape traffic to certain devices. Whitelist your own equipment. Throttle and filter the heck out of anything else that might connect.
Yes, it would also help to install directional antennas and keep the signal strength to a minimum outside of your immediate usage area(s). But they, too, can get a directional antenna and still latch on.
A more elaborate solution involves setting up a full-fledged authentication server and implementing 802.1x. Authorized devices get on the private LAN. Everything else gets dumped to a separate VLAN which may or may not have any other kind of network access (it's up to you). It's been quite a while since I played around with any of that and, quite frankly, is overkill for even mid-sized businesses much less a home network.
Either way, they'll eventually get the hint and give up for easier prey. They win the battle (the challenge of connecting to your wireless anytime they want) but you win the war (keeping them from affecting your network in any meaningful way).
There's actually a pretty big, untapped market for large-format e-ink displays. Two words: Digital Menus.
I once worked for a digital signage company and some of our largest customers were fast food restaurants. Since the menu doesn't change all that much during a 24 hour period, e-ink makes perfect sense. The cost of purchasing multiple large, commercial-grade LCDs was one of the biggest expenditures both in terms of initial outlay as well as TCO (due to the relatively high failure rate of such displays in a high-heat, high-moisture environment). Add to that the cost of electricity to drive a super-bright LCD for 16+ hours per day. As a result, most restaurants won't ever see any cost savings, which also include an on-site labor cost savings, storage and transportation cost savings, and a few other minor details as compared to printed menus. At best, it's usually a wash. (Aside - part of the reason we had those customers is the agreement that we would manage the menu content for them.)
With e-ink, the electricity usage goes WAY down. And, with less electricity comes less heat. That means better screen packaging to protect them from the elements for (probably) fewer failures and replacements. And, since they're a reflective technology rather than emissive (like LCDs), they work great in direct sunlight which means drive-thru menus can be digital, too.
E-ink isn't going to work for full-motion, full-color video. Not for a while, at least. Until they do, traditional LCDs will likely still be used for the flashy, draw-you-in stuff.
As an "enemy of the state" the U.S. government likely doesn't even need to file any sort of charges before "bringing him in". Besides, since when does the U.S. government worry about pesky little things like due process, particularly with regard to non-citizens? (hint: it stopped when the towers fell.)
However, I think it is interesting that he's looking to enter political life in Australia. If he can get on the ballot and/or get elected, he might be considered a diplomat (or some other protected political figure) and be able to leave the embassy without being (legally) snatched by law-enforcement.
I'm at the opposite end of the spectrum. My wife and I have TVs in just about every room of our home. She and I watch a lot of TV - it's on in the background as well as being available for specific shows we watch. We also have a lot of other things going on in our lives and TV is just one of the things that provides us with an alternate window to the outside world or a temporary escape from our real lives.
However, our toddler (under 3) doesn't fixate and doesn't exhibit any ADD behavior, either. For the most part, he ignores it. When he DOES pay attention to the TV, the content is usually some sort of musical content, like the music-only channels from our provider or certain talk show theme songs (he rather likes the Conan opening). We've had the kid-specific channels tuned for a while in the background but he doesn't seem to be too interested in those unless or until there's a song involved.
I guess what I'm saying is that it very much depends on the child and parent(s). Every child is different and responds to stimuli differently. Broad generalizations like the one suggested in the original article are dangerous and irresponsible. Good parents pay attention to their child(ren) and provide guidance for them appropriately regardless of what some "expert" says. Parents are really the only ones that can really say they're experts with regards to their child(ren).
It sounds like he's going to be doing freelance work for companies back home while he's visiting China on his own time. This doesn't sound like he's going to China specifically to work there. If he picks up a freelance job from back home, from a company back home, who will pay him back home, who cares what he does with his time in his own hotel room in China? As far as they're concerned, he's simply enjoying his time visiting China.
That said, I wouldn't want to risk violating Chinese law by trying to get around their national firewall, either, for ANY reason. Additionally, I would be highly suspicious of the customs officials in both China AND the U.S. - neither government is exactly friendly with regards to computers entering/leaving their borders.
If I were the one visiting China, I would leave most of my electronics at home, buy what I need/want locally while I'm there, and finally re-sell them before I leave.
For a long time, I've used my homeowners insurance policy to make sure ALL of my gadgets are covered - laptop, tablet, computers, music players, cameras, etc... Anything that costs more than about $100 to buy new I'd have added into my "technology" rider for a nominal fee per month on top of my regular homeowners policy.
More recently, however, they've explicitly started excluding smartphones which is likely due to the "I want the new iThing" phenomenon. Read: Insurance fraud.
In lieu of a formal policy from my insurance company, I've taken to setting aside about 75% of the cost of the unit and not worrying about coverage. If I do manage to break it in a catastrophic manner, I can use that money (plus a little extra out of pocket) to replace it. If it comes to that, I'll often buy a refurbished or used one to save a few bucks.
In the long-run, it's cheaper than formal insurance and I don't feel like I'm taking a bath in order to buy a new phone at unsubsidized prices.
Plenty of charities will accept phones for exactly this reason. They can refurbish old phones well enough so they'll keep a charge and be able to dial 911 for emergencies. Even if your phone has a single fatal flaw, they can re-use parts of it to get other, identical models working.
If the phone currently works (even if you have to use the charger to get it to power up), just remember to scrub your data before you send it in. Many smartphones have this ability as a built-in feature so the phone appears to be "factory fresh" from a software and data perspective.
As a former enterprise-grade desktop support staffer (i.e.: one level up from the front-line call-takers), I know there have always been ways to disable the Windows Gadget platform. If not through GPO, at least through most other alternative rights-management schemes. Ultimately, it's as simple as removing the sidebar.exe file from the Program Files folder(s). Alternatively, an anti-malware utility (that's centrally managed, right?) can prevent the executable from starting.
This should not be news to any company large enough to have a (competent) IT staff. Anything that runs applets or other code locally is potentially vulnerable. Disabling the platform entirely is one of the most effective ways of preventing this sort of vulnerability from being any sort of problem on a large-ish network. As such, assuming they're competent, they've already disabled or restricted this functionality long before a formal vulnerability existed.
And, like you said, what IS sorta newsworthy is the subtext - that Microsoft is choosing to eliminate the Gadget platform altogether rather than patch it appropriately. Heading into Windows 8, I'm betting they didn't want to expend the resources necessary to do a proper repair job and, instead, focus developer time on Windows 8, Windows Server 2012, and optimizations on their new tablet platform.
The actual answer is (as always) to have backups of anything you feel is important. If the data is important enough, you make multiple backups to different kinds of media and store them in different places.
And, with any backup solution, one must plan for contingencies. Now that MU is offline, and the other personal file uploading sites are in danger of the same scrutiny/takedown, maybe it's time to roll your own private cloud with friends and family as storage nodes. They host your files, you host theirs. Model it after a weird hybrid bittorrent/RAID setup. That whole Storage Spaces thing from Microsoft would be a good model if it can be scaled to the network layer. The loss of any node would not bring down the entire storage pool and would allow itself enough time to re-balance the load among the remaining nodes.
Obviously, there are some logistics concerns with this method. However, a private cloud like this would certainly survive the antics of a jilted media conglomerate (or a cabal of them). And, as it would be a backup solution to data you are already keeping elsewhere (right?), it wouldn't be the only copy of the data in the event the cloud goes down.
Look - the brain teaser questions really only do a few things in an interview and they're just one tool in an arsenal to determine if, as an interviewer, you have a good candidate on your hands.
First, it throws a question at an interviewee that s/he cannot possibly prepare and rehearse an answer for. As a result, you get to see how they think through (or not) something spontaneous. Also, sensing how the interviewee approaches the questions and, ultimately, how they answer can give a great amount of insight into how they might handle stressful situations.
Second, it opens the door of conversation to (possibly) something beyond the traditional job description, salary requirements, and hours discussion. It helps the interviewer form a more complete picture of a candidate. This can work well if you, as an interviewer, need a candidate to work well with an established team or if you want a specific personality type working for/with you.
However, as an interviewer, you need to ask the right kinds of brain teaser question to get the results you're looking for. Unless you've got a specific reason for asking them, and you'll usually want the true motive to be obscured from the interviewee, they really only hinder the interview process. The interview process is a bit of a dance and asking random brain teaser questions for the sake of themselves is akin to throwing some slam-dancing moves when the music calls for a slow walz.
In other words, have a reason for asking them. And if you're relying on brain teasers alone to make a hiring decision, you're doing it wrong.
I'm likely commenting too deeply for the person that asked the original question, but my advice seems to fit best here. What the company needs is an IT manager, whether hired directly or outsourced.
Firstly, assess the corporate attitude towards hiring (competent) staff directly and buying or leasing hardware directly vs. purchasing outsourced services. Once you know where that conversation leads, you'll have a better idea of how to address the larger problems that only a bunch of time (and usually money) can solve.
If the former, start the interviewing process ASAP. What you're looking for is self-starters that really do know their stuff. Take a handful of real-world scenarios, change some of the minor details a bit, and ask candidates what they'd do in that situation (or if they've encountered something like it before). Don't take them at their word, ask them to back it up with details of their own. Also, since you're going to wind up spending money on staff, you're probably going to be spending money on tools like new systems, software, and basic architecture hardware. Use an appropriate procurement process (and make sure it's followed) to meet your specific needs.
If the latter, like I and many others here suspect it is, be sure to negotiate favorable contract terms with this in mind - everything is about money. You might be able to get a better rate on some services if you limit support to 8x5 instead of going 24x7, for instance. Is remote support acceptable or do you want someone on-site when you have to make that call? What is the response time to various levels of service calls? Do you want to host hardware on-site or have that done elsewhere? Things like that should be priced out and assessed against the needs of the business.
Lastly, an important bit regardless of how the company wants to do it, the goal is to streamline operations which includes any support that's required when systems are not operating properly. Identify the weak subsystems and put them on a roadmap to be replaced with something more robust. It's a boring exercise in IT management that involves budgets and change control procedures but it does pay off in the long-run. If you need to get approval for spending, it helps to show what the current cost is, what the cost could be if things go wrong, and what costs could be if replaced with the more robust system. As long as you speak to your management in terms of money, they should listen.
Regardless of whether or not one views support contracts as a crutch to prop up lazy admins, the fact is that many businesses will make that decision as a simple budget matter. There are numerous cases where buying a support contract makes sense, particularly where the company's business is primarily not involved in providing IT-related products or services and, as a result, have no internal IT staff. To those companies, the support contract is often a fixed-cost addition to any technology purchase and is easy to fit into the budget.
To the OP - if your CIO says he doesn't believe in support contracts and has put the kibosh on them, I'd let that issue rest while documenting the heck out of any support issues that come up (hours spent, parts purchased, etc. - anything that costs the company money). When it comes time to run this exercise again, bring out your supporting documentation on the money the company spent by supporting it themselves vs. buying a support contract. If it's cheaper to get the support contact, say so and present your evidence. If not, then it does make sense to support it in-house and you should say that, too, also presenting the evidence you've collected. Basically, since the CIO is looking at support contracts as a value proposition (he seems to think they're worthless), it is your job to communicate to him in those terms. He may play solitaire on his laptop all day (or maybe that's just my former CIOs, I dunno), but he didn't get to be a CIO by blowing budgets left and right. Speak to him in terms of money and have actual data to back up your points.
If he still refuses service contracts after being presented with solid data, I recommend looking for a new job. A C-level exec that makes decisions DESPITE hard evidence typically has ulterior motives and is usually only looking out for himself (or someone else). You won't win any arguments and it's only a matter of time before you're at the pointy end of his bad decision-making.
Las Vegas casinos have better security than what we (collectively) put on election systems. There's a good reason for that as Las Vegas casinos need to be vigilant about their income else they risk violating a bunch of laws under which they operate. After all, they need to pay taxes on that money. The more money they bring in, the better for them and the better for their community. There are cameras that watch the entire flow of money coming in and going back out to make sure that nobody is trying to beat their system.
There is certainly as much motivation to tinker with election results as it would be to get a little more money out of a casino. Why we aren't putting better security measures in place for elections than what already exists completely baffles me. How can I trust that my vote actually counts as I cast it? How can I trust our government at all if they don't value our votes as much as a casino values their money? And the only thing I trust about casinos is that they're legally and openly screwing their customers while filming it to ensure they're doing it properly and it doesn't violate any rules. That should tell you how much I trust our government, regardless of which way the political winds blow - but that's a story for another time.
At this point, I am so dismayed that we (collectively) can't get this crap figured out. It's not difficult. It's not terribly more expensive than what we already have (which amounts to nearly nothing). Either let's get it done or tear it out and start over.
I'll be back over here shaking my fist at the kids on my lawn, now...
You hit the nail on the head. Usage such as that IS legal and constitutional. I would go so far as to encourage the municipality to use technology in similar ways throughout the city as they are being more efficient in the discharge of their duties. More 'bang' for the tax buck, so to speak.
Storing all the plates that were scanned along with some location data so someone can be tracked to a specific location is, arguably, a violation of 4th amendment rights, particularly when that data is being shared with other agencies.
The hypocrisy is outlandish, really. As tax-paying citizens, we grant our governments (federal, state, county, city, etc) limited, special rights to act on our behalf and in the best interests of the collective citizenry - rights that the ordinary citizen may not or should not be granted. In exchange, those with those rights should be held to the highest standards and should be punished if that power is misused or abused.
The intentions may be well-placed - the article quotes the MA state police spokesman, "What about the rights of someone who is already a victim to have their assailant brought to justice? There’s a freedom to being able to live your life not worried about being the victim of crime that’s also a freedom worth protecting." The plan they propose might mean more accurate and timely arrests. I'm not doubting that fact one bit. But tracking the entire populace is akin to assuming everyone is a criminal or a suspect before a crime is even committed. Not only is this constitutionally problematic, but the open sharing of the collected data with other agencies is a violation of privacy rights, as well. The potential for abuse is enormous, even with strong internal privacy policies in place.
Ultimately, at best, the police appear to be trampling citizen privacy in an effort to be more efficient in discharging their duties. At worst, this is a whole state police department that is too lazy to want to do actual police work. The truth, as usual, is most likely somewhere in the middle.
I am certainly not a lawyer, nor have I ever played one on TV. I have, however, casually studied my own rights on a regular basis. I am also a *#&@ing human being and know right from wrong. As a result, you should probably take all of what I wrote above with a huge amount of table salt.
The part that bothers me about this is the unreasonable double-standard. Law enforcement typically keeps records of their phone calls and radio traffic for between about 1 to 2 years, which is usually driven by statues of limitations. After that, the records are gone. The reason is simple - they often need to keep that data for liability issues such as when someone sues the police for misconduct. They purge that data after that retention period for exactly the same reasons the ISPs do not want to hang onto it - having it means they become responsible for it and becomes more of a problem than the data is worth.
As a public agency, law enforcement agencies have clear retention period policies, as well as policies outlining exactly who can and cannot access that data, in order to serve the public. As private entities, why should the ISPs be held to some arbitrary standard outlined by an outside party? Honestly, if an ISP wants to purge that data after 6 months (or even less) to serve *their* public - their paying customers - let them! The convenience store down the street isn't required to keep a minimum amount of surveillance video in case someone does something shady in the bathroom. They keep that video to protect themselves and their business from people that want to do harm. When police are called, the video is shared voluntarily because it's in their best interests to do so.
The only thing I would be in favor of is requiring ISPs to simply define a data retention policy and make it public to everyone, including the law enforcement community. The ISPs can then live and die by the policy they set for themselves and law enforcement will know exactly how long they have before that information is purged. I would also suggest that once an ISP is made aware that a warrant for certain information is coming, the ISP should retain the relevant data regardless of the policy. They don't necessarily have to share it until they receive the warrant, but the request alone should trigger a temporary hold on the data for a set period of, say, 60 days. This is no different than how law enforcement handles their data retention when a request is made of them, so ISPs should be treated the same way.
I'm not sure what I would want the penalties to be if any of the data retention policies were violated (purged early or accessed inappropriately), but it should fit the severity and scope of the violation and be defined in actual law.
Put your tin-foil hat on for this 'cause it's CRAZY...
Perhaps Comcast (et al) are really telling the truth. They, themselves, are not blocking access to TPB. But, what if (and this is a huge 'what if') they got someone to block it further upstream? They would be telling the truth in the strictest sense and still getting what they want. I'm sure Comcast has enough resources to try something like that.
But then, there's probably a more likely explanation like a certain web server pool having problems at the source end (which appears to be the case).
You bring up a good point, but I'm going to address this to the OP.
As previously noted by the other commenter, Powershell is useful if your environment is full of Vista computers or newer or if you have more control over the environment so Powershell can be installed (there is an XP installer). It's major draw is the usefulness to systems admins that want to do real-time execution.
Otherwise, you're looking at VBScript or batch scripts. Neither are nowhere near as elegant or smooth as some other languages, but tapping WMI and other Windows objects is actually really simple using VBScript. There are loads of examples here. Also, a Google search in the form of "vbscript %thing%" will usually get you pointed in the right direction.
Do yourself a huge favor, though - get a decent editor. While Windows has a simple notepad app, there is no context highlighting, in-line completion, or other helpful tools for looking at script code. Personally, I prefer PrimalScript because it's useful for other things like SQL, C, Perl, etc (including PowerShell). It also has a built-in debugging engine. However, that app can be expensive. One good free alternative is Notepad++ with the appropriate plug-ins for the files you want to create/edit. There are plenty of others out there, so grab whatever you feel works best for you.
If you're planning on using a database and are familiar with MySQL, you should feel nearly at home with Microsoft's version of SQL. There are some minor syntax differences (for example, the update query is slightly different, if my memory is correct) but it shouldn't take long to get used to them.
Lastly, ideally, you're going to want to an account that is a local administrator on all of the systems you will be touching. Yes, you can do some serious damage with such an account and is typically not the way of things in the *nix world, but many aspects of a Windows system are inaccessible unless you have an Administrator level account - especially remote access to certain things like the registry and WMI. If getting a local administrator account on all the systems you're responsible for isn't an option, have someone that does have one (or a domain admin account) on speed-dial in case your scripts fail due to permissions errors.
I haven't measured it scientifically, but my Firebox II consumes FAR less power than even a low-powered modern desktop PC. There's a disk controller, 3 network ports, a couple of low-RPM fans, the aforementioned Pentium MMX, a single PC133 module, and... that's about it. I'd have to guess it's ballparking at about 25w under my moderate usage. This is based on the readings on the "green" UPS when only the router is connected to it.
Finding a decent store-bought router that will accept DD-WRT or tomato (or any other distro) is getting more difficult as manufacturers try to lock you out of anything but firmware they provide. There are custom-built general purpose router boards that will take those alternate distros, but they're fairly expensive (about $400 for a complete package that includes the casing and power supply). Running a PC that you already have on-hand as a router - at least for a limited time while you calculate your network usage to compare against what your provider says you're using or while you're searching for another hardware solution - seems reasonable. You'll have zero up-front costs since you should already have the equipment. Ongoing costs may be higher, but it's still cheaper in the short-run to use the spare PC.
You don't need a fancy, embedded router to flash DD-WRT onto. It'll work just fine on standard PC hardware, too. In fact, I'm running the general PC build of DD-WRT on a slightly modified Firebox II (basically, an embedded-ified PC with a low-powered desktop CPU from about 10 years ago... a Pentium 1 MMX, if I recall). I'll readily admit it's overkill for most home users to build something, but any PC with a pair of working network ports should do the trick.
As an alternative, there should be plugins for IPCop and pfSense, too, among others.
The better (business) solution is to speak to management in terms they can understand - money.
I'm not saying that they need to feel threatened. Instead, point out that you are looking out for the interests of the company and want to ensure all bases are covered in the event of a short-notice software audit.
Then you outline a plan to audit the computers on your network and a plan for remediation (buying licenses, uninstalling software, and/or using some sort of network-wide metering package). Again, this should be done with the focus on how much this will cost the company versus not complying and getting caught with unlicensed software. Remember, management really only cares about budgets and how much of it needs to be expended. It might also help to explain that your own ass is on the line as the IT admin and that, by formally notifying management (you *are* documenting this formally, right?), they are just as culpable if/when a BSA audit occurs.
Part of a good admin's job is to audit the environment regularly for such things, anyway. Even if no action is taken on the findings, at least you know where you're starting from when action ultimately does need to be taken - for any sort of project, not just software license management.
Slashdot Mirror
This isn't a question of not getting a regularly-scheduled life-saving $thing. This is a phone book. If someone gets opted-out by a 3rd party and they still want to get a phone book, they should get an annual mailer (that everyone gets) telling them how to get one.
Tell me the publishers of the phone books wouldn't be happy to send one from their stockpile anytime someone wanted one.
They don't need anything more than an address to NOT deliver to.
RDP works great when you've got the router/firewall rules set up for it. However, it's a bit of a security risk to set it up and leave it.
TeamViewer is nice if you can get them to walk through the steps to get a connection going. Same goes for all other types of "request help" options.
I prefer the free version of LogMeIn. The agent is small and it generally stays out of the way when you're not using it. If you get a support call, you can just jump into the computer without any action on their part. If you pay to get a LogMeIn Pro account (it's not exactly cheap which discourages personal use), you can do a lot more back-end monitoring/alerting and system maintenance (file copies, remote command prompt console, event log viewer, start/stop services, etc.) without directly affecting the console session.
Your address alone should be sufficient. Your name should not be required (nor any other information) since it's the address they're delivering the books to. They don't need to know who lives there (even if they already do) or what their "marketing preferences" are (even if they already do). They can send a bulk flier in the mail once per year to let you know how to get one should you want/need one.
I was suggesting the sign be placed at my own front door, for instance. Or you could do so at your own front door. This isn't a public space we're talking about. It's clearly private property, beyond the reach of the typical easement. Just because you can see it from a public space doesn't mean it's a public space.
And, besides, at the very least, if they deliver a phone book to your door, that's a non-government entity - public or private - that is at least trespassing. A sign is sufficient for that to be a violation.
And, besides THAT, if the contractors delivering phone books on behalf of the company, they're representing the company, itself. There's substantial case law on such things (that I won't go digging for because I'm not too proud to admit I'm lazy). Much of that apparently depends on how much of their income is a result of that specific contract work (i.e.: whether or not they have other contracts for other companies, for instance) but, in small claims, you could easily make the case that the contractor represents the company so the company should be on the hook, not the poor shlub that needs a few extra bucks to drop a dead tree at everyone's door in a neighborhood.
The contractors are probably required by the company to deliver to every house (except the ones on their do-not-deliver-to list). But that's a contractual problem between the contractor and the company. If the contractor breaks a law because the company policy said to do it, that contractor is still breaking a law. And the company that told them to do it is likely in some hot water because the contractor is acting on behalf of the company.
I'm in my mid-30s and stopped using the phone book(s) for their intended purposes as soon as I got my first DSL connection back in late 90s. I've only ever used them since as weights or stands. The problem should be correcting itself already. It hasn't. And it's getting to the point where if I *don't* want one, I have to tell them more than my address, which should be simple enough. They're trying to turn a negative (for them) into something positive (for them). By collecting personally-identifiable information at the opt-out stage, they're able to use it for their own marketing purposes or sell it to someone else that will.
You really need to take it a step further. Post a sign on your property (by the front door, most likely) saying, in essence, that leaving any un-requested non-governmental (like tax notices, town hall meetings, and other municipal notices) material is assumed to be trash and will be billed $500 (or some other absurd amount just under the small-claims cap) per item. Then make sure you have a camera recording that space with the sign in frame. When the people come to drop off the phone books, send the company a bill for "disposal services." When they refuse to pay, explain that you have video evidence and will continue to pursue the matter now and for each future instance.
This will either make the company spend time and resources dealing with your case in small claims court or they'll skip it entirely giving you a default judgement. Bonus points if you live in a jurisdiction where formal representation is prohibited for both parties (they can't send a high-priced lawyer nor are you allowed to hire one of your own) so a company executive has to make the trip to court.
The point is to make yourself so much of a pain in the ass to them that they stop delivery to you altogether all while making a little money from turning a pain in the ass to you into a pain in the ass to them. If enough people do this, they'll eventually do something about it. Not sure WHAT that might be, but my hope is a full-on opt-in system or, at least, an opt-out without all the personally-identifiable information.
Note that I'm not a lawyer nor have I had to resort to this sort of action.
If they're wanting to connect and they're being extraordinarily sneaky and clever at it, it may be easier to simply let them connect but limit the damage. Set up whitelists for a select few domains/IPs once they're connected so as to limit any liability concerns (child porn, illegal music/movies, etc.) Also set up heavy throttling so they're getting throughput much less than an average dialup account would get. This assumes, of course, you've separated your access point from your actual router. Just hopping onto the WiFi signal will get them on your LAN (and you ARE separating the wireless traffic from your wired traffic, yes?) Then you can use your router to shape traffic to certain devices. Whitelist your own equipment. Throttle and filter the heck out of anything else that might connect.
Yes, it would also help to install directional antennas and keep the signal strength to a minimum outside of your immediate usage area(s). But they, too, can get a directional antenna and still latch on.
A more elaborate solution involves setting up a full-fledged authentication server and implementing 802.1x. Authorized devices get on the private LAN. Everything else gets dumped to a separate VLAN which may or may not have any other kind of network access (it's up to you). It's been quite a while since I played around with any of that and, quite frankly, is overkill for even mid-sized businesses much less a home network.
Either way, they'll eventually get the hint and give up for easier prey. They win the battle (the challenge of connecting to your wireless anytime they want) but you win the war (keeping them from affecting your network in any meaningful way).
There's actually a pretty big, untapped market for large-format e-ink displays. Two words: Digital Menus.
I once worked for a digital signage company and some of our largest customers were fast food restaurants. Since the menu doesn't change all that much during a 24 hour period, e-ink makes perfect sense. The cost of purchasing multiple large, commercial-grade LCDs was one of the biggest expenditures both in terms of initial outlay as well as TCO (due to the relatively high failure rate of such displays in a high-heat, high-moisture environment). Add to that the cost of electricity to drive a super-bright LCD for 16+ hours per day. As a result, most restaurants won't ever see any cost savings, which also include an on-site labor cost savings, storage and transportation cost savings, and a few other minor details as compared to printed menus. At best, it's usually a wash. (Aside - part of the reason we had those customers is the agreement that we would manage the menu content for them.)
With e-ink, the electricity usage goes WAY down. And, with less electricity comes less heat. That means better screen packaging to protect them from the elements for (probably) fewer failures and replacements. And, since they're a reflective technology rather than emissive (like LCDs), they work great in direct sunlight which means drive-thru menus can be digital, too.
E-ink isn't going to work for full-motion, full-color video. Not for a while, at least. Until they do, traditional LCDs will likely still be used for the flashy, draw-you-in stuff.
As an "enemy of the state" the U.S. government likely doesn't even need to file any sort of charges before "bringing him in". Besides, since when does the U.S. government worry about pesky little things like due process, particularly with regard to non-citizens? (hint: it stopped when the towers fell.)
However, I think it is interesting that he's looking to enter political life in Australia. If he can get on the ballot and/or get elected, he might be considered a diplomat (or some other protected political figure) and be able to leave the embassy without being (legally) snatched by law-enforcement.
I'm at the opposite end of the spectrum. My wife and I have TVs in just about every room of our home. She and I watch a lot of TV - it's on in the background as well as being available for specific shows we watch. We also have a lot of other things going on in our lives and TV is just one of the things that provides us with an alternate window to the outside world or a temporary escape from our real lives.
However, our toddler (under 3) doesn't fixate and doesn't exhibit any ADD behavior, either. For the most part, he ignores it. When he DOES pay attention to the TV, the content is usually some sort of musical content, like the music-only channels from our provider or certain talk show theme songs (he rather likes the Conan opening). We've had the kid-specific channels tuned for a while in the background but he doesn't seem to be too interested in those unless or until there's a song involved.
I guess what I'm saying is that it very much depends on the child and parent(s). Every child is different and responds to stimuli differently. Broad generalizations like the one suggested in the original article are dangerous and irresponsible. Good parents pay attention to their child(ren) and provide guidance for them appropriately regardless of what some "expert" says. Parents are really the only ones that can really say they're experts with regards to their child(ren).
It sounds like he's going to be doing freelance work for companies back home while he's visiting China on his own time. This doesn't sound like he's going to China specifically to work there. If he picks up a freelance job from back home, from a company back home, who will pay him back home, who cares what he does with his time in his own hotel room in China? As far as they're concerned, he's simply enjoying his time visiting China.
That said, I wouldn't want to risk violating Chinese law by trying to get around their national firewall, either, for ANY reason. Additionally, I would be highly suspicious of the customs officials in both China AND the U.S. - neither government is exactly friendly with regards to computers entering/leaving their borders.
If I were the one visiting China, I would leave most of my electronics at home, buy what I need/want locally while I'm there, and finally re-sell them before I leave.
For a long time, I've used my homeowners insurance policy to make sure ALL of my gadgets are covered - laptop, tablet, computers, music players, cameras, etc... Anything that costs more than about $100 to buy new I'd have added into my "technology" rider for a nominal fee per month on top of my regular homeowners policy.
More recently, however, they've explicitly started excluding smartphones which is likely due to the "I want the new iThing" phenomenon. Read: Insurance fraud.
In lieu of a formal policy from my insurance company, I've taken to setting aside about 75% of the cost of the unit and not worrying about coverage. If I do manage to break it in a catastrophic manner, I can use that money (plus a little extra out of pocket) to replace it. If it comes to that, I'll often buy a refurbished or used one to save a few bucks.
In the long-run, it's cheaper than formal insurance and I don't feel like I'm taking a bath in order to buy a new phone at unsubsidized prices.
Why isn't this comment modded up more?
Plenty of charities will accept phones for exactly this reason. They can refurbish old phones well enough so they'll keep a charge and be able to dial 911 for emergencies. Even if your phone has a single fatal flaw, they can re-use parts of it to get other, identical models working.
If the phone currently works (even if you have to use the charger to get it to power up), just remember to scrub your data before you send it in. Many smartphones have this ability as a built-in feature so the phone appears to be "factory fresh" from a software and data perspective.
As a former enterprise-grade desktop support staffer (i.e.: one level up from the front-line call-takers), I know there have always been ways to disable the Windows Gadget platform. If not through GPO, at least through most other alternative rights-management schemes. Ultimately, it's as simple as removing the sidebar.exe file from the Program Files folder(s). Alternatively, an anti-malware utility (that's centrally managed, right?) can prevent the executable from starting.
This should not be news to any company large enough to have a (competent) IT staff. Anything that runs applets or other code locally is potentially vulnerable. Disabling the platform entirely is one of the most effective ways of preventing this sort of vulnerability from being any sort of problem on a large-ish network. As such, assuming they're competent, they've already disabled or restricted this functionality long before a formal vulnerability existed.
And, like you said, what IS sorta newsworthy is the subtext - that Microsoft is choosing to eliminate the Gadget platform altogether rather than patch it appropriately. Heading into Windows 8, I'm betting they didn't want to expend the resources necessary to do a proper repair job and, instead, focus developer time on Windows 8, Windows Server 2012, and optimizations on their new tablet platform.
The actual answer is (as always) to have backups of anything you feel is important. If the data is important enough, you make multiple backups to different kinds of media and store them in different places.
And, with any backup solution, one must plan for contingencies. Now that MU is offline, and the other personal file uploading sites are in danger of the same scrutiny/takedown, maybe it's time to roll your own private cloud with friends and family as storage nodes. They host your files, you host theirs. Model it after a weird hybrid bittorrent/RAID setup. That whole Storage Spaces thing from Microsoft would be a good model if it can be scaled to the network layer. The loss of any node would not bring down the entire storage pool and would allow itself enough time to re-balance the load among the remaining nodes.
Obviously, there are some logistics concerns with this method. However, a private cloud like this would certainly survive the antics of a jilted media conglomerate (or a cabal of them). And, as it would be a backup solution to data you are already keeping elsewhere (right?), it wouldn't be the only copy of the data in the event the cloud goes down.
Look - the brain teaser questions really only do a few things in an interview and they're just one tool in an arsenal to determine if, as an interviewer, you have a good candidate on your hands.
First, it throws a question at an interviewee that s/he cannot possibly prepare and rehearse an answer for. As a result, you get to see how they think through (or not) something spontaneous. Also, sensing how the interviewee approaches the questions and, ultimately, how they answer can give a great amount of insight into how they might handle stressful situations.
Second, it opens the door of conversation to (possibly) something beyond the traditional job description, salary requirements, and hours discussion. It helps the interviewer form a more complete picture of a candidate. This can work well if you, as an interviewer, need a candidate to work well with an established team or if you want a specific personality type working for/with you.
However, as an interviewer, you need to ask the right kinds of brain teaser question to get the results you're looking for. Unless you've got a specific reason for asking them, and you'll usually want the true motive to be obscured from the interviewee, they really only hinder the interview process. The interview process is a bit of a dance and asking random brain teaser questions for the sake of themselves is akin to throwing some slam-dancing moves when the music calls for a slow walz.
In other words, have a reason for asking them. And if you're relying on brain teasers alone to make a hiring decision, you're doing it wrong.
I'm likely commenting too deeply for the person that asked the original question, but my advice seems to fit best here. What the company needs is an IT manager, whether hired directly or outsourced.
Firstly, assess the corporate attitude towards hiring (competent) staff directly and buying or leasing hardware directly vs. purchasing outsourced services. Once you know where that conversation leads, you'll have a better idea of how to address the larger problems that only a bunch of time (and usually money) can solve.
If the former, start the interviewing process ASAP. What you're looking for is self-starters that really do know their stuff. Take a handful of real-world scenarios, change some of the minor details a bit, and ask candidates what they'd do in that situation (or if they've encountered something like it before). Don't take them at their word, ask them to back it up with details of their own. Also, since you're going to wind up spending money on staff, you're probably going to be spending money on tools like new systems, software, and basic architecture hardware. Use an appropriate procurement process (and make sure it's followed) to meet your specific needs.
If the latter, like I and many others here suspect it is, be sure to negotiate favorable contract terms with this in mind - everything is about money. You might be able to get a better rate on some services if you limit support to 8x5 instead of going 24x7, for instance. Is remote support acceptable or do you want someone on-site when you have to make that call? What is the response time to various levels of service calls? Do you want to host hardware on-site or have that done elsewhere? Things like that should be priced out and assessed against the needs of the business.
Lastly, an important bit regardless of how the company wants to do it, the goal is to streamline operations which includes any support that's required when systems are not operating properly. Identify the weak subsystems and put them on a roadmap to be replaced with something more robust. It's a boring exercise in IT management that involves budgets and change control procedures but it does pay off in the long-run. If you need to get approval for spending, it helps to show what the current cost is, what the cost could be if things go wrong, and what costs could be if replaced with the more robust system. As long as you speak to your management in terms of money, they should listen.
Regardless of whether or not one views support contracts as a crutch to prop up lazy admins, the fact is that many businesses will make that decision as a simple budget matter. There are numerous cases where buying a support contract makes sense, particularly where the company's business is primarily not involved in providing IT-related products or services and, as a result, have no internal IT staff. To those companies, the support contract is often a fixed-cost addition to any technology purchase and is easy to fit into the budget.
To the OP - if your CIO says he doesn't believe in support contracts and has put the kibosh on them, I'd let that issue rest while documenting the heck out of any support issues that come up (hours spent, parts purchased, etc. - anything that costs the company money). When it comes time to run this exercise again, bring out your supporting documentation on the money the company spent by supporting it themselves vs. buying a support contract. If it's cheaper to get the support contact, say so and present your evidence. If not, then it does make sense to support it in-house and you should say that, too, also presenting the evidence you've collected. Basically, since the CIO is looking at support contracts as a value proposition (he seems to think they're worthless), it is your job to communicate to him in those terms. He may play solitaire on his laptop all day (or maybe that's just my former CIOs, I dunno), but he didn't get to be a CIO by blowing budgets left and right. Speak to him in terms of money and have actual data to back up your points.
If he still refuses service contracts after being presented with solid data, I recommend looking for a new job. A C-level exec that makes decisions DESPITE hard evidence typically has ulterior motives and is usually only looking out for himself (or someone else). You won't win any arguments and it's only a matter of time before you're at the pointy end of his bad decision-making.
Good luck!
Las Vegas casinos have better security than what we (collectively) put on election systems. There's a good reason for that as Las Vegas casinos need to be vigilant about their income else they risk violating a bunch of laws under which they operate. After all, they need to pay taxes on that money. The more money they bring in, the better for them and the better for their community. There are cameras that watch the entire flow of money coming in and going back out to make sure that nobody is trying to beat their system.
There is certainly as much motivation to tinker with election results as it would be to get a little more money out of a casino. Why we aren't putting better security measures in place for elections than what already exists completely baffles me. How can I trust that my vote actually counts as I cast it? How can I trust our government at all if they don't value our votes as much as a casino values their money? And the only thing I trust about casinos is that they're legally and openly screwing their customers while filming it to ensure they're doing it properly and it doesn't violate any rules. That should tell you how much I trust our government, regardless of which way the political winds blow - but that's a story for another time.
At this point, I am so dismayed that we (collectively) can't get this crap figured out. It's not difficult. It's not terribly more expensive than what we already have (which amounts to nearly nothing). Either let's get it done or tear it out and start over.
I'll be back over here shaking my fist at the kids on my lawn, now...
You hit the nail on the head. Usage such as that IS legal and constitutional. I would go so far as to encourage the municipality to use technology in similar ways throughout the city as they are being more efficient in the discharge of their duties. More 'bang' for the tax buck, so to speak.
Storing all the plates that were scanned along with some location data so someone can be tracked to a specific location is, arguably, a violation of 4th amendment rights, particularly when that data is being shared with other agencies.
The hypocrisy is outlandish, really. As tax-paying citizens, we grant our governments (federal, state, county, city, etc) limited, special rights to act on our behalf and in the best interests of the collective citizenry - rights that the ordinary citizen may not or should not be granted. In exchange, those with those rights should be held to the highest standards and should be punished if that power is misused or abused.
The intentions may be well-placed - the article quotes the MA state police spokesman, "What about the rights of someone who is already a victim to have their assailant brought to justice? There’s a freedom to being able to live your life not worried about being the victim of crime that’s also a freedom worth protecting." The plan they propose might mean more accurate and timely arrests. I'm not doubting that fact one bit. But tracking the entire populace is akin to assuming everyone is a criminal or a suspect before a crime is even committed. Not only is this constitutionally problematic, but the open sharing of the collected data with other agencies is a violation of privacy rights, as well. The potential for abuse is enormous, even with strong internal privacy policies in place.
Ultimately, at best, the police appear to be trampling citizen privacy in an effort to be more efficient in discharging their duties. At worst, this is a whole state police department that is too lazy to want to do actual police work. The truth, as usual, is most likely somewhere in the middle.
I am certainly not a lawyer, nor have I ever played one on TV. I have, however, casually studied my own rights on a regular basis. I am also a *#&@ing human being and know right from wrong. As a result, you should probably take all of what I wrote above with a huge amount of table salt.
The part that bothers me about this is the unreasonable double-standard. Law enforcement typically keeps records of their phone calls and radio traffic for between about 1 to 2 years, which is usually driven by statues of limitations. After that, the records are gone. The reason is simple - they often need to keep that data for liability issues such as when someone sues the police for misconduct. They purge that data after that retention period for exactly the same reasons the ISPs do not want to hang onto it - having it means they become responsible for it and becomes more of a problem than the data is worth.
As a public agency, law enforcement agencies have clear retention period policies, as well as policies outlining exactly who can and cannot access that data, in order to serve the public. As private entities, why should the ISPs be held to some arbitrary standard outlined by an outside party? Honestly, if an ISP wants to purge that data after 6 months (or even less) to serve *their* public - their paying customers - let them! The convenience store down the street isn't required to keep a minimum amount of surveillance video in case someone does something shady in the bathroom. They keep that video to protect themselves and their business from people that want to do harm. When police are called, the video is shared voluntarily because it's in their best interests to do so.
The only thing I would be in favor of is requiring ISPs to simply define a data retention policy and make it public to everyone, including the law enforcement community. The ISPs can then live and die by the policy they set for themselves and law enforcement will know exactly how long they have before that information is purged. I would also suggest that once an ISP is made aware that a warrant for certain information is coming, the ISP should retain the relevant data regardless of the policy. They don't necessarily have to share it until they receive the warrant, but the request alone should trigger a temporary hold on the data for a set period of, say, 60 days. This is no different than how law enforcement handles their data retention when a request is made of them, so ISPs should be treated the same way.
I'm not sure what I would want the penalties to be if any of the data retention policies were violated (purged early or accessed inappropriately), but it should fit the severity and scope of the violation and be defined in actual law.
Put your tin-foil hat on for this 'cause it's CRAZY...
Perhaps Comcast (et al) are really telling the truth. They, themselves, are not blocking access to TPB. But, what if (and this is a huge 'what if') they got someone to block it further upstream? They would be telling the truth in the strictest sense and still getting what they want. I'm sure Comcast has enough resources to try something like that.
But then, there's probably a more likely explanation like a certain web server pool having problems at the source end (which appears to be the case).
You bring up a good point, but I'm going to address this to the OP.
As previously noted by the other commenter, Powershell is useful if your environment is full of Vista computers or newer or if you have more control over the environment so Powershell can be installed (there is an XP installer). It's major draw is the usefulness to systems admins that want to do real-time execution.
Otherwise, you're looking at VBScript or batch scripts. Neither are nowhere near as elegant or smooth as some other languages, but tapping WMI and other Windows objects is actually really simple using VBScript. There are loads of examples here. Also, a Google search in the form of "vbscript %thing%" will usually get you pointed in the right direction.
Do yourself a huge favor, though - get a decent editor. While Windows has a simple notepad app, there is no context highlighting, in-line completion, or other helpful tools for looking at script code. Personally, I prefer PrimalScript because it's useful for other things like SQL, C, Perl, etc (including PowerShell). It also has a built-in debugging engine. However, that app can be expensive. One good free alternative is Notepad++ with the appropriate plug-ins for the files you want to create/edit. There are plenty of others out there, so grab whatever you feel works best for you.
If you're planning on using a database and are familiar with MySQL, you should feel nearly at home with Microsoft's version of SQL. There are some minor syntax differences (for example, the update query is slightly different, if my memory is correct) but it shouldn't take long to get used to them.
Lastly, ideally, you're going to want to an account that is a local administrator on all of the systems you will be touching. Yes, you can do some serious damage with such an account and is typically not the way of things in the *nix world, but many aspects of a Windows system are inaccessible unless you have an Administrator level account - especially remote access to certain things like the registry and WMI. If getting a local administrator account on all the systems you're responsible for isn't an option, have someone that does have one (or a domain admin account) on speed-dial in case your scripts fail due to permissions errors.
Good luck!
I haven't measured it scientifically, but my Firebox II consumes FAR less power than even a low-powered modern desktop PC. There's a disk controller, 3 network ports, a couple of low-RPM fans, the aforementioned Pentium MMX, a single PC133 module, and... that's about it. I'd have to guess it's ballparking at about 25w under my moderate usage. This is based on the readings on the "green" UPS when only the router is connected to it.
Finding a decent store-bought router that will accept DD-WRT or tomato (or any other distro) is getting more difficult as manufacturers try to lock you out of anything but firmware they provide. There are custom-built general purpose router boards that will take those alternate distros, but they're fairly expensive (about $400 for a complete package that includes the casing and power supply). Running a PC that you already have on-hand as a router - at least for a limited time while you calculate your network usage to compare against what your provider says you're using or while you're searching for another hardware solution - seems reasonable. You'll have zero up-front costs since you should already have the equipment. Ongoing costs may be higher, but it's still cheaper in the short-run to use the spare PC.
You don't need a fancy, embedded router to flash DD-WRT onto. It'll work just fine on standard PC hardware, too. In fact, I'm running the general PC build of DD-WRT on a slightly modified Firebox II (basically, an embedded-ified PC with a low-powered desktop CPU from about 10 years ago... a Pentium 1 MMX, if I recall). I'll readily admit it's overkill for most home users to build something, but any PC with a pair of working network ports should do the trick.
As an alternative, there should be plugins for IPCop and pfSense, too, among others.
The better (business) solution is to speak to management in terms they can understand - money.
I'm not saying that they need to feel threatened. Instead, point out that you are looking out for the interests of the company and want to ensure all bases are covered in the event of a short-notice software audit.
Then you outline a plan to audit the computers on your network and a plan for remediation (buying licenses, uninstalling software, and/or using some sort of network-wide metering package). Again, this should be done with the focus on how much this will cost the company versus not complying and getting caught with unlicensed software. Remember, management really only cares about budgets and how much of it needs to be expended. It might also help to explain that your own ass is on the line as the IT admin and that, by formally notifying management (you *are* documenting this formally, right?), they are just as culpable if/when a BSA audit occurs.
Part of a good admin's job is to audit the environment regularly for such things, anyway. Even if no action is taken on the findings, at least you know where you're starting from when action ultimately does need to be taken - for any sort of project, not just software license management.