Systems "just work" and installing software is no more difficult than looking for what you need in an "app store" just like on a phone.
In what kind of enterprise system does any kind of "app store" make any sense at all. The "personal computer"
Also if you have a need for per anything licenced software you'd tend to also need a suitable licence tracking system. An obvious advantage here of OSS is that it effectivly comes with a site/enterprise licence.
Because, while Linux doesn't have Active Directory, it has other benefits that Windows does not have. So, if you define your criteria to be "must support Active Directory", then, obviously, Linux doesn't pass. If, on the other hand, you define your requirement as (for example), "must support SELinux", then Linux is your only choice.
Effectivly they appear to be saying "The Windows way of doing things is the best/only way to do it". (Or possibly "The only way I know of is the Windows method.")
As for the "nice GUI tools", they may make manageability easy, but they don't make it efficient.
It's quite possible for "inefficient" to equate to "hard". e.g. if they expect you click X boxes for everything in list Y. Rather than just being able to tell the machine "Do X to everything in list Y and don't bug me til you've finished".
Separate sewers are much better from an environmental point of view because they don't wastefully put surface water through the sewage treatment system and are much less likely to end up releasing raw sewage during storms but are rather hard to retrofit.
Except that a separate system means you have twice as many underground pipes to build and maintain.
Gasoline doesn't burst into flames the second it touches air, you know. The vast majority of tank punctures in gasoline/diesel vehicles end with an empty tank and a stinky mess on the road.
Leaking diesel is very hard to ignite (so is aviation turbine fuel). They tried this on Mythbusters. Thery've also tried multiple times to create fuel tank explosions. Even gasoline typically only burns as a gas mixed with air. (With the resulting radiant heat tending to help boil any nearby which is in its liquid state.)
One thing fuel leaks are good at is damaging asphalt road surfaces.
A new California law will require local bars to eliminate any alcohol consumed by minors from their bodies on demand. Supporters say this new law will reduce the amount of drunk-driving and poor decisions made by drunk minors. It might help them avoid personal and work-related problems.
Maybe a simpler option would be only to allow adults to drive.
"Googeling" somebody is not as easy as you make it sound. It already requires careful checks to make sure you have the right person and it requires interpretation by experienced experts.
It also depends on how common a name someone has. If they have a very common name it can be difficult finding the right person at all. This has been an issue even since the invention of the telephone directory. With the added complication that the distribution of names of telephone subscribers, Facebook users, "Tweeters", etc need not be that of the general population.
A lot of companies are deathly afraid of a scandal, and it is easier to cut it off in the hiring process than to fire people later. (Which means you get sneaker scoundrels, which is what they want, I guess.)
The open internet does not forget widely shared information. Closed, walled-garden systems such as facebook are capable of forgetting.
Don't believe me? Lets test it. I will delete a picture from facebook in the next ten minutes. Try and recover it.
Are you issuing that challenge to Facebook and/or NSA? Since Facebook is a closed system only a few people have any way of knowing what might happen when a user tries to "delete" something. (Even if this differs depending on user attributes...)
The better question is "How do you scrub something off the Internet?" Barbra Streisand wants to know...
The NSA wants to be sure they can collect all "tried to erase this" metadata. (Together with the original data in the unlikely event that Google, Facebook, Twitter, etc will actually really delete it.)
Our Founders (and for that matter, the Supreme Court) acknowledged that a Democratic form of government is not possible without free and anonymous speech, and anonymous voting.
Democracy, as invented in classical Athens, does not require any kind of voting. Government using elected representatives appears to be a Roman invention.
Give people the choice of creating a "Real Name" account with proof or a "Pseudonym" account, and make this choice visible to everyone else.
You'd first need a clear definition of what a "real name" actually is. Even when someone uses one name in all contexts this need not be the same as their "birth name" or "legal name". Someone's legal name may in some cases be a "pseudonym" anyway. It is also a false assumption that everyone has exactly one legal (or even birth) name. IIRC there's a site which debunks a rather large list of common assumptions about names which are simply wrong. Incorrect assumptions about names have been important ever since people started using computers to store names...
And yet, it still then didn't add up to a statistically significant enough threat to bother with additional security.
Simple.... all those grenades....0 of them in the hands of terrorists. That should tell you this is a stupid issue.
Or possibly some are in the hands of terrorists who's only interests in planes is as a means of transport.
When AT&T was providing cable Internet to me, there was a time when my IPSEC VPN did not work. The VPN apparently connected, but data traffic never made it though. Other people complained, but AT&T claimed they were doing nothing to VPNs. Using tcpdump at both ends, I could see that the media (udp/500) was not getting though while the AH and ESP packets (required to set up the connection) were getting though. Clearly AT&T was blocking VPNs, but in such a way that it would not be obvious to the average user what was wrong. Pure evil.
Or they blocked everything unless they knew it was needed. Possibly only at one (or a few points) in their network. e.g. they only let IP protocols 1, 6 & 17 through because someone didn't realise the other 253 were perfectly valid. Even though many which are assigned are, in practice, hardly ever used.
I realize it makes certain kinds of personalities comfortable to assume that government and its employees are always incompetent all of the time.
There also people who believe that government and government employees are always competent all of the time...
The problem is that one person's "incompetent" is another's following of rules and procedures, usually put in place by people with a political agenda of some sort, even if that agenda is simply "keep my name off the news". You see this in corporations all the time, where sales is easy to reach and customer service takes forever. The customer service people may or may not be competent, but their organization works as designed--it's just not designed to do what you think it is.
In any organisation beyond a certain size you also get all sorts of internal politics. Which may be incomprehensible to people outside. Also the actual "rules" may be impossible to actually follow because parts are mutually exclusive.
To be fair, a MitM attack on a VPN probably would introduce a delay.
How would you preform a sucessful MitM attack on an OpenVPN connection though? It's not like HTTPS where browsers will accept anything signed by a large number of certificate authorities. (Even if different from what was seen the previous time.)
It's also funny how regulations and policies have never stopped abusive governments in the past, so why would they now? Our government is clearly willing to violate the highest law of the land, so why exactly would a few inconsequential policies and rules stop them?
The really odd thing is how much faith many people have in current politicians. No matter how bad the "last lot" proved to be. Even if the "current lot" are mostly exactly the same people...
Um, arguing that coal mining AND nuclear power have their dangers isn't an argument against renewables, now is it?
So called "renewables" also produce plenty of pollution and come with associated dangers. Ironically wind and solar can turn out to have a bigger "carbon footprint" than fossil fuel plants. Once all applicable factors are considered.
We have an expectation of going about our business without being tracked, and stalked by authorities (or anyone else) for no reason at all.
The public space is owned equally by all, and simply because you walk down a sidewalk or drive down a road there is no valid reason for the government to record that event, or to be able to prove that you did walk or drive there. Its not their space. Its OUR space.
Interestingly one group which often makes a lot of fuss about being filmed "going about their business" in public are police officers. Even to the extent of arresting people using very creative interpretations of laws.
All stolen/wanted vehicle plate numbers should be downloaded to these police cars, and the plate recognition software should check against THAT LIST ONLY, and immediately discard any other recognized plate number. Don't allow it to be kept for even 10 seconds.
Which might well be a less complex system. It might make sense to identify "duplicate" plates. But a system to do so does not need to track every single vehicle. Also depends if the recognition system is able to identify the "wrong vehicle". Which makes it harder for criminals to swap plates also not all criminals would do this anyway. Identifying "inactive" or never issued plates would also be useful, but probably impossible outside of Japan, Australia, New Zealand, Sri Lanka, Madagascar, Iceland, etc.
You can even share documents with anyone else who has the key, perhaps delivered by carrier pigeon.
PGP/GPG have always had the ability to generate a cyphertext which can be decrypted by multiple keys. Which might be another option if the number of people who need to share is small.
Slashdot Mirror
Systems "just work" and installing software is no more difficult than looking for what you need in an "app store" just like on a phone.
In what kind of enterprise system does any kind of "app store" make any sense at all. The "personal computer"
Also if you have a need for per anything licenced software you'd tend to also need a suitable licence tracking system. An obvious advantage here of OSS is that it effectivly comes with a site/enterprise licence.
Because, while Linux doesn't have Active Directory, it has other benefits that Windows does not have. So, if you define your criteria to be "must support Active Directory", then, obviously, Linux doesn't pass. If, on the other hand, you define your requirement as (for example), "must support SELinux", then Linux is your only choice.
Effectivly they appear to be saying "The Windows way of doing things is the best/only way to do it". (Or possibly "The only way I know of is the Windows method.")
As for the "nice GUI tools", they may make manageability easy, but they don't make it efficient.
It's quite possible for "inefficient" to equate to "hard". e.g. if they expect you click X boxes for everything in list Y. Rather than just being able to tell the machine "Do X to everything in list Y and don't bug me til you've finished".
The best part is that they often explode while still airborne!
:)
Often these explosions are actual gasoline. In a plastic bottle with some other explosive attached triggered by pyrotechnicians though
Separate sewers are much better from an environmental point of view because they don't wastefully put surface water through the sewage treatment system and are much less likely to end up releasing raw sewage during storms but are rather hard to retrofit.
Except that a separate system means you have twice as many underground pipes to build and maintain.
Gasoline doesn't burst into flames the second it touches air, you know. The vast majority of tank punctures in gasoline/diesel vehicles end with an empty tank and a stinky mess on the road.
Leaking diesel is very hard to ignite (so is aviation turbine fuel). They tried this on Mythbusters. Thery've also tried multiple times to create fuel tank explosions. Even gasoline typically only burns as a gas mixed with air. (With the resulting radiant heat tending to help boil any nearby which is in its liquid state.) One thing fuel leaks are good at is damaging asphalt road surfaces.
A new California law will require local bars to eliminate any alcohol consumed by minors from their bodies on demand. Supporters say this new law will reduce the amount of drunk-driving and poor decisions made by drunk minors. It might help them avoid personal and work-related problems.
Maybe a simpler option would be only to allow adults to drive.
"Googeling" somebody is not as easy as you make it sound. It already requires careful checks to make sure you have the right person and it requires interpretation by experienced experts.
It also depends on how common a name someone has. If they have a very common name it can be difficult finding the right person at all.
This has been an issue even since the invention of the telephone directory. With the added complication that the distribution of names of telephone subscribers, Facebook users, "Tweeters", etc need not be that of the general population.
A lot of companies are deathly afraid of a scandal, and it is easier to cut it off in the hiring process than to fire people later. (Which means you get sneaker scoundrels, which is what they want, I guess.)
Or simply those with the most common names...
The open internet does not forget widely shared information. Closed, walled-garden systems such as facebook are capable of forgetting.
Don't believe me? Lets test it. I will delete a picture from facebook in the next ten minutes. Try and recover it.
Are you issuing that challenge to Facebook and/or NSA? Since Facebook is a closed system only a few people have any way of knowing what might happen when a user tries to "delete" something. (Even if this differs depending on user attributes...)
The better question is "How do you scrub something off the Internet?" Barbra Streisand wants to know...
The NSA wants to be sure they can collect all "tried to erase this" metadata. (Together with the original data in the unlikely event that Google, Facebook, Twitter, etc will actually really delete it.)
Our Founders (and for that matter, the Supreme Court) acknowledged that a Democratic form of government is not possible without free and anonymous speech, and anonymous voting.
Democracy, as invented in classical Athens, does not require any kind of voting. Government using elected representatives appears to be a Roman invention.
Give people the choice of creating a "Real Name" account with proof or a "Pseudonym" account, and make this choice visible to everyone else.
You'd first need a clear definition of what a "real name" actually is. Even when someone uses one name in all contexts this need not be the same as their "birth name" or "legal name". Someone's legal name may in some cases be a "pseudonym" anyway.
It is also a false assumption that everyone has exactly one legal (or even birth) name. IIRC there's a site which debunks a rather large list of common assumptions about names which are simply wrong. Incorrect assumptions about names have been important ever since people started using computers to store names...
With an uplink speed of 75bps.
Asymetric data links were around long before "broadband". Someone realised that they could add this onto a 1200 baud half duplex modem.
And yet, it still then didn't add up to a statistically significant enough threat to bother with additional security.
Simple.... all those grenades....0 of them in the hands of terrorists. That should tell you this is a stupid issue.
Or possibly some are in the hands of terrorists who's only interests in planes is as a means of transport.
A conviceted fraudster for an MP? I thought they were at least supposed to *start* honest.
More likely many start claiming to be honest.
I am putting money on a flase flag that FOIA will release in 20 years. Sad part is the story is always the same. Just different details.
Unlikely to be that soon. 30-60 years appears to be the more usual timescale.
Something tells me that version 2.0 of these skunk-work projects will show up at your doorstep if you show serious interest in this offer.
Or more likely v3 which invisibly replaces your doorstep.
When AT&T was providing cable Internet to me, there was a time when my IPSEC VPN did not work. The VPN apparently connected, but data traffic never made it though. Other people complained, but AT&T claimed they were doing nothing to VPNs. Using tcpdump at both ends, I could see that the media (udp/500) was not getting though while the AH and ESP packets (required to set up the connection) were getting though. Clearly AT&T was blocking VPNs, but in such a way that it would not be obvious to the average user what was wrong. Pure evil.
Or they blocked everything unless they knew it was needed. Possibly only at one (or a few points) in their network.
e.g. they only let IP protocols 1, 6 & 17 through because someone didn't realise the other 253 were perfectly valid. Even though many which are assigned are, in practice, hardly ever used.
I realize it makes certain kinds of personalities comfortable to assume that government and its employees are always incompetent all of the time.
There also people who believe that government and government employees are always competent all of the time...
The problem is that one person's "incompetent" is another's following of rules and procedures, usually put in place by people with a political agenda of some sort, even if that agenda is simply "keep my name off the news". You see this in corporations all the time, where sales is easy to reach and customer service takes forever. The customer service people may or may not be competent, but their organization works as designed--it's just not designed to do what you think it is.
In any organisation beyond a certain size you also get all sorts of internal politics. Which may be incomprehensible to people outside. Also the actual "rules" may be impossible to actually follow because parts are mutually exclusive.
To be fair, a MitM attack on a VPN probably would introduce a delay.
How would you preform a sucessful MitM attack on an OpenVPN connection though?
It's not like HTTPS where browsers will accept anything signed by a large number of certificate authorities. (Even if different from what was seen the previous time.)
It's also funny how regulations and policies have never stopped abusive governments in the past, so why would they now? Our government is clearly willing to violate the highest law of the land, so why exactly would a few inconsequential policies and rules stop them?
The really odd thing is how much faith many people have in current politicians. No matter how bad the "last lot" proved to be. Even if the "current lot" are mostly exactly the same people...
Um, arguing that coal mining AND nuclear power have their dangers isn't an argument against renewables, now is it?
So called "renewables" also produce plenty of pollution and come with associated dangers. Ironically wind and solar can turn out to have a bigger "carbon footprint" than fossil fuel plants. Once all applicable factors are considered.
We have an expectation of going about our business without being tracked, and stalked by authorities (or anyone else) for no reason at all.
The public space is owned equally by all, and simply because you walk down a sidewalk or drive down a road there is no valid reason for the government to record that event, or to be able to prove that you did walk or drive there. Its not their space. Its OUR space.
Interestingly one group which often makes a lot of fuss about being filmed "going about their business" in public are police officers. Even to the extent of arresting people using very creative interpretations of laws.
All stolen/wanted vehicle plate numbers should be downloaded to these police cars, and the plate recognition software should check against THAT LIST ONLY, and immediately discard any other recognized plate number. Don't allow it to be kept for even 10 seconds.
Which might well be a less complex system.
It might make sense to identify "duplicate" plates. But a system to do so does not need to track every single vehicle. Also depends if the recognition system is able to identify the "wrong vehicle". Which makes it harder for criminals to swap plates also not all criminals would do this anyway.
Identifying "inactive" or never issued plates would also be useful, but probably impossible outside of Japan, Australia, New Zealand, Sri Lanka, Madagascar, Iceland, etc.
Then try sugar pills vs starch pills.
Remember that the latter contain more glucose and are likely to be digested faster.
You can even share documents with anyone else who has the key, perhaps delivered by carrier pigeon.
PGP/GPG have always had the ability to generate a cyphertext which can be decrypted by multiple keys. Which might be another option if the number of people who need to share is small.