Here's more ammo - Microsoft offers a fix for Windows Server 2003 which is based on many of the same core components as Windows XP. You very well might be able to use the Windows Server 2003 hotfix on Windows XP without any modification. If I were in charge of patching desktops in a large corporate environment (and I was at one point), that's exactly what I would do (after testing that it works) while screaming bloody murder to my Microsoft rep. Then, I'd let the network guys know about it so they can lock things down at the gateway, as well, if it wasn't already.
Translation: "By NOT fixing Windows XP like we should, we are artificially creating a reason for you home users to 'upgrade' to Windows Vista or Windows 7 and seriously pissing off our corporate customers."
Simple (like property taxes, natch) - residency. Or, more accurately termed, residency of the registered owner. There is NO need to get GPS involved at all as it can be used for all sorts of data mining, nefarious or not.
I've had a bit of experience with this, so I'll chime in...
The first thing to do is determine the precise audience for the documentation. Is it your peers for use in operations? Is it for managers or other process owners to keep track of processes and procedures? Once you have that figured out, you can determine the minimum level of knowledge/experience/etc that the audience is supposed to have (assuming the reader is qualified and competent in the position they hold). The purpose to this is to set boundaries on the level of detail you need to provide. Assuming no boundaries at all is a mistake and your documentation project will fail.
The next step is to outline the items that need covering. I stress the term outline. That outline should be written by those with as much experience/knowledge/etc as needed to give a high-level overview of the process. One outline should be made per process and should also be maintained in some sort of version control system.
THEN you begin writing the documentation. I typically write up step-by-step guides for people with a little bit of knowledge and absolutely no experience, so you might want to try starting with something similar and go from there. Remember to include as much or as little detail as required by the intended audience. Again, these documents should be written by those with enough knowledge and experience to perform the functions being documented and should also be maintained in a version control system. Additionally, these documents should be reviewed regularly for accuracy and relevancy, so some sort of time-out mechanism would be good, too. Lastly, someone needs to approve final drafts before they're added to the repository (which is a whole separate process that should be documented, giving rise to a chicken-and-egg problem).
As a final note, it's much more difficult to start writing something from scratch than it is to modify an existing document. Buckle down and start somewhere. First drafts are almost always going to suck (ask any professional or amateur author). Accept those facts and you'll feel much better.
In a more general IT sense, you're not too far off the mark.
The question isn't meant to test the technical ability of a candidate - though is certainly can be used that way. It is more effective as a method by which the interviewer forces the interviewee to display critical thinking skills. Even if the interviewee answers incorrectly, the interviewer will likely have some insight in to their thought process - an important factor when evaluating specific experience.
At a previous employer I worked for, the team prepared a list of 10 very difficult technical questions (both related to the position and not) just for this purpose. One of the goals was to get the interviewee to say, "I don't know." Bonus 'points' were given if they added, "...but I'd like to know." The point of getting the candidate to say that was to see if they're smart enough to admit their lack of knowledge/experience and seek assistance when they really don't know the answer to a problem.
However, I considered the GMail route before I actually deployed anything on my personal network. I also have only 2 actual accounts there, one of which is rarely touched (the WAF is kinda low on this despite being infinitely more reliable than our own mail server).
Another option I considered is having a small hosting company (that I once worked for long ago and still know the admins, natch) provide EMail-only service. The advantages compared to GMail include being outside of Google's 'collective' and knowing that I could reach an admin nearly instantly if I needed any assistance. However, I'd have to pay for that service and just isn't worth it for an EMail-only account.
So - Google it went. Even for a home user with only 2 accounts.
While I completely agree that I don't want anyone touching my screen (yuk!), there ARE better methods of inputting x/y coordinate data than a computer mouse. A tablet is certainly effective, but a little bulky for most desks. The trackball is also effective, but equally disgusting to me unless it's cleaned regularly. The track-stick is favored by many, but I never found it truly useful - probably because I can't seem to get the hang of it.
Another point to make is that the Wii Remote is (with the exception of the accelerometers) functionally identical to a computer mouse with the optical eye reading many images per second to detect motion. The method by which the receiving end translates the data into x/y coordinate data is certainly different, though.
1: If you've got multiple geographic locations that require a duplication or replication of services, using the geographic location in the name makes sense.
2: You certainly would NOT want to use room or building location in a name for exactly the reason you cited.
Naming conventions are mainly for humans to understand the relationship of the servers and their duties, locations, configurations, etc. A good naming convention takes many of these elements into account. There isn't a single naming convention that's right for every situation, though being more specific and concise is generally better than not.
For example, a small company I worked for a number of years ago used Greek and Roman mythology. Zeus and Hera were the PDC and BDC, respectively. Apollo was the mail server. For our small environment, that made sense.
A bigger company I recently worked for used something much less creative - a combination of the subnet we assigned for the branch office, the role of the server, and a sequential number:
XXXYYsssnn...where:
XXX was an abbreviation of the company YY was the server role sss was the subnet info nn was the sequential number
It was difficult to determine exactly where that server was located physically, but it was easy to determine where it was on the network.
Both of those methods offer some advantages and have some drawbacks. If the first method were used in the second example, we'd have run out of names to use and nobody would be able to remember where each server was located physically OR on the network. Conversely, there wasn't any need to apply the second method to the first example as there was only a single location and a small number of servers to keep track of.
The larger your pool of servers, the larger the area in which they're dispersed, and the larger the differences in roles each server has, the more specific you'll need to be with naming.
My first thought when I read the OP is that this could be the means by which some terrorists plan their next attack.
No, I'm not trying to jump on the paranoia bandwagon (though I take a step closer every day), but seriously... This is rather benign information by itself that, when gathered and analyzed, is very dangerous.
"Where are the most people gathering right now? Where can we get the best results from an attack?" "Here's a list of the 5 most populated areas."
pfSense isn't exactly a 'turnkey solution' - I know, I've tried. Though I'll admit it's much easier than rolling a completely custom linux distro for that purpose.
The base install is easy enough to get up and running with a single WAN connection. Getting that second WAN connection configured involves a few more rather unintuitive steps. Here's a tutorial on just how to do this, though.
The awesome thing about pfSense is that you're not limited to only 2 WAN connections. If you've got more, you're able to configure them however you want. I can easily imagine setting up a cable modem, a DSL line, an analog modem, and a wireless connection for various redundancy and load-balancing scenarios. Using the above tutorial and pfSense, I should be able to handle it (if I ever decided to do that much, anyway).
I guess the point I'm trying to make is that, while pfSense is certainly powerful and offers features usually found on only the most expensive of integrated networking hardware (think Cisco), those advanced features (like dual-WAN) are certainly not as dead simple as the average Linksys router or even something like IPCop, smoothwall, or m0n0wall.
If you can find one, an old Sony 505-series is an excellent option. You've got options for a fast P1/MMX or a first-gen P2 (depending on specific model), 128-256MB of RAM and a 8-10GB hard disk is common. It's roughly a 10" screen and about 3 lbs.
What you DON'T get is an optical drive or built-in wifi. You'd need to source those separately, though booting from a USB disk and using a PC-Card or Cardbus wifi card isn't terribly difficult.
Because they're late-90s vintage, they're getting harder to find. However, because of their age, they're also much cheaper than current sub-compact models.
The method I use is both effective and moderately cheap.
First, I've got an independent insurance policy on my computers to cover the cost of any stolen hardware. This is important for the following steps.
Second, I keep a repository of my data in at least two locations. The primary location is a 'server' in my home that is nothing more than a disk on the LAN. The second location is a pair of USB/Firewire hard disks that I rotate between work and home roughly every week (whenever I feel like it, really).
Third, the data on my laptop is kept to a minimum. The data I DO keep on there is of so little value to others since nothing personally identifiable is kept on there.
In the event of a theft, I simply report it to the police to generate a report, file a claim with my insurance company with that report, and buy a new laptop. Then I can simply pull the data I need out of my storage 'server'. Total downtime would be anywhere between a few hours to a few days (depending on whether or not I choose to build a laptop from an online vendor or simply buy from local store stock).
The added benefit is that the policies I take out on my hardware covers damage. No more arguing with the goons in tech support about repair or replacement costs since it's covered under my own policy. Should the repair facility lose or destroy my system, that's also covered. The lawyers for the insurance company will be quick and/or painful in getting things moving if they have to pay out a claim.
It helps that I don't lug my laptop around and crack it open everywhere I go. It goes to work with me and is used in the car for long-haul GPS duties when the wife and I go on vacation. Other than that, it's used around the house by both me and my wife to check mail and surf. It does NOT go to Starbucks or any other public location unless it's truly needed, like when the office calls and I need to connect via VPN.
To sum up: An ounce of (theft) prevention is worth a pound of (recovery) cure. Second, if you must lug your laptop everywhere you go, get your own insurance policy on it. Third, limit your potential losses by keeping only the data you MUST have on it.
Follow those guidelines, and you'll have much fewer headaches and/or ulcers.
I have no scientific data to back this up, but things like that are more common than you think.
In High School, I had a similar incident where a girl in our small group of friends started to hit me at random times. I later found out that she liked me and that was her way of trying to tell me. I've been told that younger girls tend to do this as a way of 'fitting in' with the guys (since their view of guys is that they do this to one another and apparently enjoy it).
And in response to the article in the OP: In the last couple of decades, guys have had to deal with feminism - some of it pretty extreme. An example from my personal experiences, I tend to hold doors for people - guys AND gals - if they're near enough that I'm not going out of my way (golden rule). I once did this for a young woman once (I don't exactly recall where or when), but she intentionally went through another door (that she opened herself) and scolded me that she doesn't need help. The undertone there was that she wouldn't accept my gesture of courtesy because I was male. Due to that one instance, I've pretty much stopped holding doors for people (unless they're really going to need help with the door, i.e.: arms full of stuff). I will hold the door open a little longer as I go through it if I notice someone following, but that's about it.
That example was an extreme way of illustrating that men are continually getting mixed messages about what's acceptable and what's not, which may help explain why "men were quite likely to misperceive sexual interest as friendliness." In certain scenarios, a simple misinterpretation can lead to loss of employment or even a lawsuit. For that reason, I suspect, guys will tend to play it safe and interpret everything in purely platonic terms.
Personally, I'm mildly outraged that (some) women do this - my wife included. If women want men to read the signals properly, we need to know the rules and they need to be consistent. It's manipulative, sneaky, underhanded, and just plain unfair. I feel like I'm playing by a constantly-changing set of rules (Calvinball, anyone?). If that's going to be the case, I refuse the play the game. Because that's all it is - a game. I don't like playing games with people's emotions and I REALLY don't like people playing with mine./Soapbox
"I'd be pretty disappointed to find out that anyone with access to a particular console in 1962 could have initiated a first strike on the Soviet Union because all they had to do was guess the code '123456'."
(Obligatory) Damn... Now I have to change the locks on my luggage.
Seriously, though. You're right. Even if things are 'secret' now doesn't mean that they should always be. I'm politically agnostic (I've had a fair share of dislike for both Republicans AND Democrats) so this shouldn't come off as a slam against any one party, but our elected officials at the highest levels need to understand that they are held accountable. It is particularly true for the current administration. To provide the excuse that the backups were lost (or any other lame excuse that I couldn't get away with in elementary school) is insulting. There are procedures for these things and multiple records are kept ABOUT the records that are kept (ever fill out a form in triplicate?). Tracking the media for the backups - without the need to know what that data was, exactly - is easy. Unless someone intentionally deleted those records (and perhaps including the actual backup data, itself), there should be a paper trail showing what happened to the backup media after is was used to take said backup. No secrets need be revealed. Then we'd know who accessed those media and when.
Seeing as how those records don't seem to exist anymore, something smells like rotten fish.
I'm insulted, personally, that this administration can't or won't keep track of it's backup media. For an organization to have so little control over something as simple as backup procedures indicates the people involved are either incompetent to even serve in office or have so little regard for the laws governing both them and the rest of us (depending on if they're truly lost or whether it was ordered destroyed).
While it's entirely plausible that the federal government is just that bad at keeping records, it's unlikely that data backups completely vanished without a trace. I'm guessing that someone at a high level in the administration (definitely not the President, but someone close to him) ordered the destruction of the media and all records associated with them. Quietly. And that's what I find so insulting.
Solution? Get Jack Bauer on it with Chloe feeding him instructions on recovery via his awesome cell phone. Oh, wait... There's no time! (or 2008 season, but I digress)
Vista is 'much' slower than XP because of exactly two things:
1: A service called 'SuperFetch' - This scans your HD and loads lots of things into RAM that it thinks you might use soon. In this way, access to those things takes less time since they're already loaded. The problem with this approach is that it uses about 40% of your physical RAM to do this and, on a system with many gigabytes of RAM, could take a while to complete mainly due to disk access times. In addition, this is an ongoing and dynamic process. As you need free RAM to load programs and other data, the some of the cache is purged to make room. When the program(s) is(are) closed, SuperFetch goes to work to fill up unused RAM again. It would be fine if this were done completely in the background and took a back seat to every other process on the system. Unfortunately, the hit on disk access times when SuperFetch is enabled is what drags things to a crawl.
2: The Aero window dressing - Every window in Aero is effectively a 3D surface (to the video card, anyway). As such, more processing is required to render even a single window than with XP. Getting past the need to render every surface of the UI by using the 3D hardware, the amount of data that needs to be sent from the CPU to the GPU is greatly increased, as well. So there's a CPU and GPU hit on the system.
Combine the two, and you're hitting the CPU, GPU and disk trifecta. Any one of those might be transparent to the average user. Two might be a stretch. Hit all three and a delay in any of those subsystems will cascade into the others.
Turn both of the above features off and you're nearly back to Windows XP speeds and system requirements.
One last note: If you've got a fast USB flash drive (or any flash card in, say, a multi-card reader), forget about ReadyBoost as well. In a number of subjective speed test (basically, how I use my computer on a daily basis), there doesn't seem to be much difference with it either on or off. Whatever benefit you MIGHT see just isn't perceptible and the flash drive is likely better served for transport duty.
All that being said, I have SuperFetch and Aero turned on and a USB flash drive running ReadyBoost duty on my desktop computer. The speed difference with all that turned on vs. off isn't that bad (to me). However, my laptop has all three turned off since I don't like the constant disk access while on battery and want every ounce of performance out of it even if it's plugged in.
Not necessarily true, but you're mostly right. Wireless has one disadvantage in that the everyones data must be carried over a finite spectrum. You can certainly chop up the spectrum and do some fancy things with encoding to increase the overall throughput to everyone using it. However, there's only one pool of bandwidth available at any given time. Over a wired network, everyones traffic is segregated to their own discrete connection and can re-use the same wire frequencies as a neighbor. (Yes, I'm making some generalizations, but the basis for this is generally sound). Given the choice, I'd rather have a wired connection over a wireless one. I'd take wireless if it were necessary or simply that much more convenient.
Getting back to the core of the topic... Once of the things that will have to be addressed before consumer broadband speeds are bumped higher is the core infrastructure that the providers connect to/with. Yeah, it's great that I might have access to a 100Mbps downstream connection from my chosen provider (hypothetically). However, it isn't going to do me much good if that connection is bottlenecked upstream to the rest of the internet.
Personally, I'm looking forward to the residential broadband providers disclosing their bandwidth caps. If I know what my cap is, I can better monitor my usage and keep from going over and getting hit with an absurd fee. I'd be able to hold them to their end of the agreement as a provider just as much as they're already holding me accountable if I consume too much bandwidth. It's a much more fair way of doing business with customers.
I actually participate - yes, voluntarily - in a version of this type of program. It's a program that's been in place for many years and is available to everyone my local power company services.
They offer a control box that sits on the main A/C circuit and will cut power during peak demand situations. If you opt-out of the control box, you get charged a higher rate but keep your residential A/C running as much as you want (and paying all the while). However, almost nobody opts-out because the 'forced' cycling is only slightly worse than normal cycling during a really bad day, anyway.
Some things to keep in mind:
1: The control box is usually installed only on large, whole-house A/C units. Window/Wall units aren't usually connected in this way. 2: There's nothing stopping anyone from using an alternate (read: portable) A/C unit in their home on a different circuit.
I certainly wouldn't give _any_ amount of control of my thermostat to anyone else. This is primarily due to the fact that my thermostat controls both an A/C unit and a furnace. That's just too much for me to risk giving control over.
The issue of whether constant connectivity is a benefit or not greatly depends on the individual.
For example, as an IT worker myself, I think having that 24x7 accessibility to my work can be a benefit, but it's also the greatest source of my frustration. As a result, I've stopped carrying such devices for business use.
I've been much happier carrying only a cell phone - that I pay for - that I can turn off when I'm out of the office. I've made it a point to separate work and home. Since I started doing that a few years ago, I'm much less stressed and can focus more. Work stuff stays at work and my personal life can stay out of the office.
When it's mandated that I be available 24x7 for a period of time (such as an on-call rotation or a major project), I still weigh my choices and, if it's too demanding, I'll decline. Yes, even if it's career-limiting decision. Usually, it's not a problem and, in fact, some managers have gained respect for such a decision (even if they didn't think so at the time they asked).
Obviously, others will have differing points of view. However, it's important to keep a balance. That balance will differ from person to person.
No more wrestling with goopy rollers. That is the reason why trackballs aren't more popular than they already are. I've used multiple variations of both the large and small trackball (thumb-ball?) input devices and found that they are the hardest *@&#@ing things to keep clean. Other than that, I found them to be the easiest to get comfortable with and use on a day-to-day basis.
The most obvious difference to note is how a trackball comes in direct contact with your hand. Even if you're a clean-freak, you're still going to leave oils from your skin on the ball where it will be deposited on the internal bits. This would ultimately affect tracking performance and requires a periodic cleaning. Even if you have a fancy direct optical tracking model, those deposits can still affect the mechanisms keeping the ball from rotating smoothly in the socket.
I've since given up on my beloved trackballs and moved on to the direct optical mouse and laser mouse. Combined with the right surface and ergonomic extras (wrist-rest, elbow support, etc, which you'd likely want to use with a trackball, anyway), I find a mouse no less cumbersome or uncomfortable to use than a trackball. Plus, they require almost zero maintenance.
I do see the benefits a software firewall can have. As I noted, I simply have a preference to an external firewall appliance over a software-based solution installed to each of the hosts on my private LAN. Given the choice, I will continue to run my external firewall as my primary line of defense. If, for some reason, I couldn't have that device at my disposal, I would need to rely on a software-based solution on my hosts instead. In some environments, like when I want to host a LAN party at my home, it makes sense to use both (although I would still run a segment off the firewall independent of my private LAN for such a purpose).
I hate to nit-pick (okay, I love it, really) but the only 'safe' hardware firewall is to have absolutely no connection at all. Better yet, turn the computer off. That's the only way to be sure.
And, in all seriousness, there may very well be unforseen vulnerabilities in the device in question. However, that's certainly no reason to write it off as a completely useless product. Like everything else relating to security, the question is one of balance. More specifically, how to balance access to those that should have it while denying those that shouldn't. Many factors contribute to that equation. Knowing that, this software firewall on steroids sounds like it has promise if implemented correctly and/or slightly differently. I'd need to evaluate the product before I can determine if and how I'd want to use it. For $180, I'll probably pass, though.
Personally, I don't like software firewalls all that much for a number of reasons. Mostly, it's that I don't trust a program to protect the computer it's running on, especially any Windows computer. There's a reason that programs run at a higher level than the OS and other components, and a software firewall is really a hack into that lower level. If that program is compromised, how can I trust anything it does?
It is my opinion that all network ports should have their own lightweight firewall built-in. I haven't researched such a product so it may already exist. It would be better if embedded network interfaces had this sort of functionality as a requirement. At a minimum, all laptops should have an embedded firewall independent of the host OS for each network connection offered. All wireless cards - PCI, PCIe, PC-Card, Cardbus, ExpressCard, etc - should have it, as well. Note that the requirement is that it be turned on by default, just that it be made available.
Given the choice, I'd run an external, independent firewall first. Then, if that weren't an option (such as roaming about), I'd have to pick a software firewall of some type. If the network environment is overly hostile, I'll just go without that connection. When I go to LAN parties and such, I typically re-load my OS of choice and protect it the best I can knowing I can blow it all away when I get home. When hosting a LAN party, I have an alternate network segment off my firewall to run on and treat it as if I were on someone else's LAN.
If I'm not mistaken (and I very well could be), one of the SOX requirements is that all external communications be logged and retained for a certain period of time.
By running *all* external traffic through a proxy, a company *can* effectively do this. Whether or not they do is really up to the company's security/IT folks.
As one of the guys address this problem on our network of nearly 8000 Windows desktops, I can attest to the problem the DST rules change causes. There are three critical issues to address from a Microsoft point of view:
1: Exchange hotfix - Exchange, itself, needs to know how to handle local time(s) so it can process messages and calendar items appropriately.
2: OS Hotfix - Probably the most important one of all. Even computers that aren't in the U.S. need to get patched due to the fact that they still need to communicate with systems that are in the U.S. This hotfix is simply some registry entries that tell Windows how to calculate DST for any given time zone. You don't need a Micorosoft-provided hotfix for this, either. All you really need is the registry information. Microsoft provides this free of charge on their own website. I leave it as an exercise to the reader if they want to find it (we did, and it works rather well, thank you). We rolled our own patch with some scripts and it turned out nicely. Didn't need weeks of planning or multiple versions, either. So far, the official hotfix from Microsoft has gone through at least 2 revisions that I'm aware of, and probably more that I'm not aware of.
3: Outlook calendar re-basing - If your Outlook calendar has entries in the extended DST window, those entries will be a hour off once you adjust Exchange and/or your Windows clocks. The calendar items in that window will need to be adjusted for the modified DST rules. Microsoft does offer a tool for more recent version of Outlook, but you'll either need to pay them to get it for the older versions or just deal with it. The recommended solution? Print your calendar for those 3 weeks in spring and 1 week in the fall and manually adjust them. In a worst-case scenario, people will show up an hour early or late to their meetings. Hardly the end of the world.
The biggest problem is that Microsoft didn't really start pushing this issue until about 6 weeks ago. They're still releasing new versions of the Outlook calendar time zone update tool. They just don't seem all that prepared. They're scrambling to get fixes out the door to customers as we all run them and discover how crappy they're written. There are some things that Microsoft does well (yes, I said it), but patches just doesn't seem to be in that category.
Then again, there are a number of other products that need patches for the DST 2007 rules and still aren't ready for deployment at all. I think I remember a Blackberry patch causing some catastrophic problems...
Maybe it's just me, and I don't claim to be a super-smrt - sorry, smart - rocket-scientist (because I'm not), but why don't they put the foam insulation on the inside of the fuel tank shell?
I'm sure there are reasons why they don't, but can those reasons out-weigh the problems it's causing with the foam on the outside?
Does anyone know if this has been considered? If so, why hasn't it been done, yet? Please be as specific as you can. I'm really interested in this.
Slashdot Mirror
Here's more ammo - Microsoft offers a fix for Windows Server 2003 which is based on many of the same core components as Windows XP. You very well might be able to use the Windows Server 2003 hotfix on Windows XP without any modification. If I were in charge of patching desktops in a large corporate environment (and I was at one point), that's exactly what I would do (after testing that it works) while screaming bloody murder to my Microsoft rep. Then, I'd let the network guys know about it so they can lock things down at the gateway, as well, if it wasn't already.
Translation: "By NOT fixing Windows XP like we should, we are artificially creating a reason for you home users to 'upgrade' to Windows Vista or Windows 7 and seriously pissing off our corporate customers."
Simple (like property taxes, natch) - residency. Or, more accurately termed, residency of the registered owner. There is NO need to get GPS involved at all as it can be used for all sorts of data mining, nefarious or not.
Besides, isn't GPS failing, anyway?
I've had a bit of experience with this, so I'll chime in...
The first thing to do is determine the precise audience for the documentation. Is it your peers for use in operations? Is it for managers or other process owners to keep track of processes and procedures? Once you have that figured out, you can determine the minimum level of knowledge/experience/etc that the audience is supposed to have (assuming the reader is qualified and competent in the position they hold). The purpose to this is to set boundaries on the level of detail you need to provide. Assuming no boundaries at all is a mistake and your documentation project will fail.
The next step is to outline the items that need covering. I stress the term outline. That outline should be written by those with as much experience/knowledge/etc as needed to give a high-level overview of the process. One outline should be made per process and should also be maintained in some sort of version control system.
THEN you begin writing the documentation. I typically write up step-by-step guides for people with a little bit of knowledge and absolutely no experience, so you might want to try starting with something similar and go from there. Remember to include as much or as little detail as required by the intended audience. Again, these documents should be written by those with enough knowledge and experience to perform the functions being documented and should also be maintained in a version control system. Additionally, these documents should be reviewed regularly for accuracy and relevancy, so some sort of time-out mechanism would be good, too. Lastly, someone needs to approve final drafts before they're added to the repository (which is a whole separate process that should be documented, giving rise to a chicken-and-egg problem).
As a final note, it's much more difficult to start writing something from scratch than it is to modify an existing document. Buckle down and start somewhere. First drafts are almost always going to suck (ask any professional or amateur author). Accept those facts and you'll feel much better.
In a more general IT sense, you're not too far off the mark.
The question isn't meant to test the technical ability of a candidate - though is certainly can be used that way. It is more effective as a method by which the interviewer forces the interviewee to display critical thinking skills. Even if the interviewee answers incorrectly, the interviewer will likely have some insight in to their thought process - an important factor when evaluating specific experience.
At a previous employer I worked for, the team prepared a list of 10 very difficult technical questions (both related to the position and not) just for this purpose. One of the goals was to get the interviewee to say, "I don't know." Bonus 'points' were given if they added, "...but I'd like to know." The point of getting the candidate to say that was to see if they're smart enough to admit their lack of knowledge/experience and seek assistance when they really don't know the answer to a problem.
Amen to that...
However, I considered the GMail route before I actually deployed anything on my personal network. I also have only 2 actual accounts there, one of which is rarely touched (the WAF is kinda low on this despite being infinitely more reliable than our own mail server).
Another option I considered is having a small hosting company (that I once worked for long ago and still know the admins, natch) provide EMail-only service. The advantages compared to GMail include being outside of Google's 'collective' and knowing that I could reach an admin nearly instantly if I needed any assistance. However, I'd have to pay for that service and just isn't worth it for an EMail-only account.
So - Google it went. Even for a home user with only 2 accounts.
What's funny is my desktop is intentionally black. Has been for years - through Windows 2000, Windows XP, and now Vista. I just like it that way.
Active desktop? Puh-leeze.
Pictures of cats? Why?!
Patterns? Too distracting.
Other colors? Meh.
I once tried BGInfo but even that was a black background with green text. It lasted a week before I took it out and went back to basic black.
While I completely agree that I don't want anyone touching my screen (yuk!), there ARE better methods of inputting x/y coordinate data than a computer mouse. A tablet is certainly effective, but a little bulky for most desks. The trackball is also effective, but equally disgusting to me unless it's cleaned regularly. The track-stick is favored by many, but I never found it truly useful - probably because I can't seem to get the hang of it.
Another point to make is that the Wii Remote is (with the exception of the accelerometers) functionally identical to a computer mouse with the optical eye reading many images per second to detect motion. The method by which the receiving end translates the data into x/y coordinate data is certainly different, though.
Two comments about location-based naming:
1: If you've got multiple geographic locations that require a duplication or replication of services, using the geographic location in the name makes sense.
2: You certainly would NOT want to use room or building location in a name for exactly the reason you cited.
Naming conventions are mainly for humans to understand the relationship of the servers and their duties, locations, configurations, etc. A good naming convention takes many of these elements into account. There isn't a single naming convention that's right for every situation, though being more specific and concise is generally better than not.
For example, a small company I worked for a number of years ago used Greek and Roman mythology. Zeus and Hera were the PDC and BDC, respectively. Apollo was the mail server. For our small environment, that made sense.
A bigger company I recently worked for used something much less creative - a combination of the subnet we assigned for the branch office, the role of the server, and a sequential number:
XXXYYsssnn ...where:
XXX was an abbreviation of the company
YY was the server role
sss was the subnet info
nn was the sequential number
It was difficult to determine exactly where that server was located physically, but it was easy to determine where it was on the network.
Both of those methods offer some advantages and have some drawbacks. If the first method were used in the second example, we'd have run out of names to use and nobody would be able to remember where each server was located physically OR on the network. Conversely, there wasn't any need to apply the second method to the first example as there was only a single location and a small number of servers to keep track of.
The larger your pool of servers, the larger the area in which they're dispersed, and the larger the differences in roles each server has, the more specific you'll need to be with naming.
My first thought when I read the OP is that this could be the means by which some terrorists plan their next attack.
No, I'm not trying to jump on the paranoia bandwagon (though I take a step closer every day), but seriously... This is rather benign information by itself that, when gathered and analyzed, is very dangerous.
"Where are the most people gathering right now? Where can we get the best results from an attack?"
"Here's a list of the 5 most populated areas."
See where this is going?
The base install is easy enough to get up and running with a single WAN connection. Getting that second WAN connection configured involves a few more rather unintuitive steps. Here's a tutorial on just how to do this, though.
The awesome thing about pfSense is that you're not limited to only 2 WAN connections. If you've got more, you're able to configure them however you want. I can easily imagine setting up a cable modem, a DSL line, an analog modem, and a wireless connection for various redundancy and load-balancing scenarios. Using the above tutorial and pfSense, I should be able to handle it (if I ever decided to do that much, anyway).
I guess the point I'm trying to make is that, while pfSense is certainly powerful and offers features usually found on only the most expensive of integrated networking hardware (think Cisco), those advanced features (like dual-WAN) are certainly not as dead simple as the average Linksys router or even something like IPCop, smoothwall, or m0n0wall.
Agreed.
If you can find one, an old Sony 505-series is an excellent option. You've got options for a fast P1/MMX or a first-gen P2 (depending on specific model), 128-256MB of RAM and a 8-10GB hard disk is common. It's roughly a 10" screen and about 3 lbs.
What you DON'T get is an optical drive or built-in wifi. You'd need to source those separately, though booting from a USB disk and using a PC-Card or Cardbus wifi card isn't terribly difficult.
Because they're late-90s vintage, they're getting harder to find. However, because of their age, they're also much cheaper than current sub-compact models.
The method I use is both effective and moderately cheap.
First, I've got an independent insurance policy on my computers to cover the cost of any stolen hardware. This is important for the following steps.
Second, I keep a repository of my data in at least two locations. The primary location is a 'server' in my home that is nothing more than a disk on the LAN. The second location is a pair of USB/Firewire hard disks that I rotate between work and home roughly every week (whenever I feel like it, really).
Third, the data on my laptop is kept to a minimum. The data I DO keep on there is of so little value to others since nothing personally identifiable is kept on there.
In the event of a theft, I simply report it to the police to generate a report, file a claim with my insurance company with that report, and buy a new laptop. Then I can simply pull the data I need out of my storage 'server'. Total downtime would be anywhere between a few hours to a few days (depending on whether or not I choose to build a laptop from an online vendor or simply buy from local store stock).
The added benefit is that the policies I take out on my hardware covers damage. No more arguing with the goons in tech support about repair or replacement costs since it's covered under my own policy. Should the repair facility lose or destroy my system, that's also covered. The lawyers for the insurance company will be quick and/or painful in getting things moving if they have to pay out a claim.
It helps that I don't lug my laptop around and crack it open everywhere I go. It goes to work with me and is used in the car for long-haul GPS duties when the wife and I go on vacation. Other than that, it's used around the house by both me and my wife to check mail and surf. It does NOT go to Starbucks or any other public location unless it's truly needed, like when the office calls and I need to connect via VPN.
To sum up: An ounce of (theft) prevention is worth a pound of (recovery) cure. Second, if you must lug your laptop everywhere you go, get your own insurance policy on it. Third, limit your potential losses by keeping only the data you MUST have on it.
Follow those guidelines, and you'll have much fewer headaches and/or ulcers.
I have no scientific data to back this up, but things like that are more common than you think.
/Soapbox
In High School, I had a similar incident where a girl in our small group of friends started to hit me at random times. I later found out that she liked me and that was her way of trying to tell me. I've been told that younger girls tend to do this as a way of 'fitting in' with the guys (since their view of guys is that they do this to one another and apparently enjoy it).
And in response to the article in the OP: In the last couple of decades, guys have had to deal with feminism - some of it pretty extreme. An example from my personal experiences, I tend to hold doors for people - guys AND gals - if they're near enough that I'm not going out of my way (golden rule). I once did this for a young woman once (I don't exactly recall where or when), but she intentionally went through another door (that she opened herself) and scolded me that she doesn't need help. The undertone there was that she wouldn't accept my gesture of courtesy because I was male. Due to that one instance, I've pretty much stopped holding doors for people (unless they're really going to need help with the door, i.e.: arms full of stuff). I will hold the door open a little longer as I go through it if I notice someone following, but that's about it.
That example was an extreme way of illustrating that men are continually getting mixed messages about what's acceptable and what's not, which may help explain why "men were quite likely to misperceive sexual interest as friendliness." In certain scenarios, a simple misinterpretation can lead to loss of employment or even a lawsuit. For that reason, I suspect, guys will tend to play it safe and interpret everything in purely platonic terms.
Personally, I'm mildly outraged that (some) women do this - my wife included. If women want men to read the signals properly, we need to know the rules and they need to be consistent. It's manipulative, sneaky, underhanded, and just plain unfair. I feel like I'm playing by a constantly-changing set of rules (Calvinball, anyone?). If that's going to be the case, I refuse the play the game. Because that's all it is - a game. I don't like playing games with people's emotions and I REALLY don't like people playing with mine.
"I'd be pretty disappointed to find out that anyone with access to a particular console in 1962 could have initiated a first strike on the Soviet Union because all they had to do was guess the code '123456'."
(Obligatory) Damn... Now I have to change the locks on my luggage.
Seriously, though. You're right. Even if things are 'secret' now doesn't mean that they should always be. I'm politically agnostic (I've had a fair share of dislike for both Republicans AND Democrats) so this shouldn't come off as a slam against any one party, but our elected officials at the highest levels need to understand that they are held accountable. It is particularly true for the current administration. To provide the excuse that the backups were lost (or any other lame excuse that I couldn't get away with in elementary school) is insulting. There are procedures for these things and multiple records are kept ABOUT the records that are kept (ever fill out a form in triplicate?). Tracking the media for the backups - without the need to know what that data was, exactly - is easy. Unless someone intentionally deleted those records (and perhaps including the actual backup data, itself), there should be a paper trail showing what happened to the backup media after is was used to take said backup. No secrets need be revealed. Then we'd know who accessed those media and when.
Seeing as how those records don't seem to exist anymore, something smells like rotten fish.
I'm insulted, personally, that this administration can't or won't keep track of it's backup media. For an organization to have so little control over something as simple as backup procedures indicates the people involved are either incompetent to even serve in office or have so little regard for the laws governing both them and the rest of us (depending on if they're truly lost or whether it was ordered destroyed).
While it's entirely plausible that the federal government is just that bad at keeping records, it's unlikely that data backups completely vanished without a trace. I'm guessing that someone at a high level in the administration (definitely not the President, but someone close to him) ordered the destruction of the media and all records associated with them. Quietly. And that's what I find so insulting.
Solution? Get Jack Bauer on it with Chloe feeding him instructions on recovery via his awesome cell phone. Oh, wait... There's no time! (or 2008 season, but I digress)
--Me, ending on a high note.
Quick note:
Vista is 'much' slower than XP because of exactly two things:
1: A service called 'SuperFetch' - This scans your HD and loads lots of things into RAM that it thinks you might use soon. In this way, access to those things takes less time since they're already loaded. The problem with this approach is that it uses about 40% of your physical RAM to do this and, on a system with many gigabytes of RAM, could take a while to complete mainly due to disk access times. In addition, this is an ongoing and dynamic process. As you need free RAM to load programs and other data, the some of the cache is purged to make room. When the program(s) is(are) closed, SuperFetch goes to work to fill up unused RAM again. It would be fine if this were done completely in the background and took a back seat to every other process on the system. Unfortunately, the hit on disk access times when SuperFetch is enabled is what drags things to a crawl.
2: The Aero window dressing - Every window in Aero is effectively a 3D surface (to the video card, anyway). As such, more processing is required to render even a single window than with XP. Getting past the need to render every surface of the UI by using the 3D hardware, the amount of data that needs to be sent from the CPU to the GPU is greatly increased, as well. So there's a CPU and GPU hit on the system.
Combine the two, and you're hitting the CPU, GPU and disk trifecta. Any one of those might be transparent to the average user. Two might be a stretch. Hit all three and a delay in any of those subsystems will cascade into the others.
Turn both of the above features off and you're nearly back to Windows XP speeds and system requirements.
One last note: If you've got a fast USB flash drive (or any flash card in, say, a multi-card reader), forget about ReadyBoost as well. In a number of subjective speed test (basically, how I use my computer on a daily basis), there doesn't seem to be much difference with it either on or off. Whatever benefit you MIGHT see just isn't perceptible and the flash drive is likely better served for transport duty.
All that being said, I have SuperFetch and Aero turned on and a USB flash drive running ReadyBoost duty on my desktop computer. The speed difference with all that turned on vs. off isn't that bad (to me). However, my laptop has all three turned off since I don't like the constant disk access while on battery and want every ounce of performance out of it even if it's plugged in.
Not necessarily true, but you're mostly right. Wireless has one disadvantage in that the everyones data must be carried over a finite spectrum. You can certainly chop up the spectrum and do some fancy things with encoding to increase the overall throughput to everyone using it. However, there's only one pool of bandwidth available at any given time. Over a wired network, everyones traffic is segregated to their own discrete connection and can re-use the same wire frequencies as a neighbor. (Yes, I'm making some generalizations, but the basis for this is generally sound). Given the choice, I'd rather have a wired connection over a wireless one. I'd take wireless if it were necessary or simply that much more convenient.
Getting back to the core of the topic... Once of the things that will have to be addressed before consumer broadband speeds are bumped higher is the core infrastructure that the providers connect to/with. Yeah, it's great that I might have access to a 100Mbps downstream connection from my chosen provider (hypothetically). However, it isn't going to do me much good if that connection is bottlenecked upstream to the rest of the internet.
Personally, I'm looking forward to the residential broadband providers disclosing their bandwidth caps. If I know what my cap is, I can better monitor my usage and keep from going over and getting hit with an absurd fee. I'd be able to hold them to their end of the agreement as a provider just as much as they're already holding me accountable if I consume too much bandwidth. It's a much more fair way of doing business with customers.
I actually participate - yes, voluntarily - in a version of this type of program. It's a program that's been in place for many years and is available to everyone my local power company services.
They offer a control box that sits on the main A/C circuit and will cut power during peak demand situations. If you opt-out of the control box, you get charged a higher rate but keep your residential A/C running as much as you want (and paying all the while). However, almost nobody opts-out because the 'forced' cycling is only slightly worse than normal cycling during a really bad day, anyway.
Some things to keep in mind:
1: The control box is usually installed only on large, whole-house A/C units. Window/Wall units aren't usually connected in this way.
2: There's nothing stopping anyone from using an alternate (read: portable) A/C unit in their home on a different circuit.
I certainly wouldn't give _any_ amount of control of my thermostat to anyone else. This is primarily due to the fact that my thermostat controls both an A/C unit and a furnace. That's just too much for me to risk giving control over.
The issue of whether constant connectivity is a benefit or not greatly depends on the individual.
For example, as an IT worker myself, I think having that 24x7 accessibility to my work can be a benefit, but it's also the greatest source of my frustration. As a result, I've stopped carrying such devices for business use.
I've been much happier carrying only a cell phone - that I pay for - that I can turn off when I'm out of the office. I've made it a point to separate work and home. Since I started doing that a few years ago, I'm much less stressed and can focus more. Work stuff stays at work and my personal life can stay out of the office.
When it's mandated that I be available 24x7 for a period of time (such as an on-call rotation or a major project), I still weigh my choices and, if it's too demanding, I'll decline. Yes, even if it's career-limiting decision. Usually, it's not a problem and, in fact, some managers have gained respect for such a decision (even if they didn't think so at the time they asked).
Obviously, others will have differing points of view. However, it's important to keep a balance. That balance will differ from person to person.
The most obvious difference to note is how a trackball comes in direct contact with your hand. Even if you're a clean-freak, you're still going to leave oils from your skin on the ball where it will be deposited on the internal bits. This would ultimately affect tracking performance and requires a periodic cleaning. Even if you have a fancy direct optical tracking model, those deposits can still affect the mechanisms keeping the ball from rotating smoothly in the socket.
I've since given up on my beloved trackballs and moved on to the direct optical mouse and laser mouse. Combined with the right surface and ergonomic extras (wrist-rest, elbow support, etc, which you'd likely want to use with a trackball, anyway), I find a mouse no less cumbersome or uncomfortable to use than a trackball. Plus, they require almost zero maintenance.
I do see the benefits a software firewall can have. As I noted, I simply have a preference to an external firewall appliance over a software-based solution installed to each of the hosts on my private LAN. Given the choice, I will continue to run my external firewall as my primary line of defense. If, for some reason, I couldn't have that device at my disposal, I would need to rely on a software-based solution on my hosts instead. In some environments, like when I want to host a LAN party at my home, it makes sense to use both (although I would still run a segment off the firewall independent of my private LAN for such a purpose).
I hate to nit-pick (okay, I love it, really) but the only 'safe' hardware firewall is to have absolutely no connection at all. Better yet, turn the computer off. That's the only way to be sure.
And, in all seriousness, there may very well be unforseen vulnerabilities in the device in question. However, that's certainly no reason to write it off as a completely useless product. Like everything else relating to security, the question is one of balance. More specifically, how to balance access to those that should have it while denying those that shouldn't. Many factors contribute to that equation. Knowing that, this software firewall on steroids sounds like it has promise if implemented correctly and/or slightly differently. I'd need to evaluate the product before I can determine if and how I'd want to use it. For $180, I'll probably pass, though.
Personally, I don't like software firewalls all that much for a number of reasons. Mostly, it's that I don't trust a program to protect the computer it's running on, especially any Windows computer. There's a reason that programs run at a higher level than the OS and other components, and a software firewall is really a hack into that lower level. If that program is compromised, how can I trust anything it does?
It is my opinion that all network ports should have their own lightweight firewall built-in. I haven't researched such a product so it may already exist. It would be better if embedded network interfaces had this sort of functionality as a requirement. At a minimum, all laptops should have an embedded firewall independent of the host OS for each network connection offered. All wireless cards - PCI, PCIe, PC-Card, Cardbus, ExpressCard, etc - should have it, as well. Note that the requirement is that it be turned on by default, just that it be made available.
Given the choice, I'd run an external, independent firewall first. Then, if that weren't an option (such as roaming about), I'd have to pick a software firewall of some type. If the network environment is overly hostile, I'll just go without that connection. When I go to LAN parties and such, I typically re-load my OS of choice and protect it the best I can knowing I can blow it all away when I get home. When hosting a LAN party, I have an alternate network segment off my firewall to run on and treat it as if I were on someone else's LAN.
You should have returned your Sony laptop battery when it was still a part of the recall, then.
(I'm wearing my asbestos underwear for this)
If I'm not mistaken (and I very well could be), one of the SOX requirements is that all external communications be logged and retained for a certain period of time.
By running *all* external traffic through a proxy, a company *can* effectively do this. Whether or not they do is really up to the company's security/IT folks.
As one of the guys address this problem on our network of nearly 8000 Windows desktops, I can attest to the problem the DST rules change causes. There are three critical issues to address from a Microsoft point of view:
1: Exchange hotfix - Exchange, itself, needs to know how to handle local time(s) so it can process messages and calendar items appropriately.
2: OS Hotfix - Probably the most important one of all. Even computers that aren't in the U.S. need to get patched due to the fact that they still need to communicate with systems that are in the U.S. This hotfix is simply some registry entries that tell Windows how to calculate DST for any given time zone. You don't need a Micorosoft-provided hotfix for this, either. All you really need is the registry information. Microsoft provides this free of charge on their own website. I leave it as an exercise to the reader if they want to find it (we did, and it works rather well, thank you). We rolled our own patch with some scripts and it turned out nicely. Didn't need weeks of planning or multiple versions, either. So far, the official hotfix from Microsoft has gone through at least 2 revisions that I'm aware of, and probably more that I'm not aware of.
3: Outlook calendar re-basing - If your Outlook calendar has entries in the extended DST window, those entries will be a hour off once you adjust Exchange and/or your Windows clocks. The calendar items in that window will need to be adjusted for the modified DST rules. Microsoft does offer a tool for more recent version of Outlook, but you'll either need to pay them to get it for the older versions or just deal with it. The recommended solution? Print your calendar for those 3 weeks in spring and 1 week in the fall and manually adjust them. In a worst-case scenario, people will show up an hour early or late to their meetings. Hardly the end of the world.
The biggest problem is that Microsoft didn't really start pushing this issue until about 6 weeks ago. They're still releasing new versions of the Outlook calendar time zone update tool. They just don't seem all that prepared. They're scrambling to get fixes out the door to customers as we all run them and discover how crappy they're written. There are some things that Microsoft does well (yes, I said it), but patches just doesn't seem to be in that category.
Then again, there are a number of other products that need patches for the DST 2007 rules and still aren't ready for deployment at all. I think I remember a Blackberry patch causing some catastrophic problems...
Maybe it's just me, and I don't claim to be a super-smrt - sorry, smart - rocket-scientist (because I'm not), but why don't they put the foam insulation on the inside of the fuel tank shell?
I'm sure there are reasons why they don't, but can those reasons out-weigh the problems it's causing with the foam on the outside?
Does anyone know if this has been considered? If so, why hasn't it been done, yet? Please be as specific as you can. I'm really interested in this.