Until you realize that this will also put a moratorium on things like privacy laws, as well as put a hold on any action regarding things like bandwidth caps, net neutrality, and copyright enforcement legislation. That may be good or bad, depending on how we're represented, but I'd rather have the debate in congress, rather than have them be forced to sit idly by while the incumbents go unchecked.
Your distro will have a regular patch channel that will address most vendor-introduced vulnerabilities. Patch religiously, and often. At least once per week. It's not like you're responsible for SLA's or regression testing. If you somehow uncover a bug when you patch, muscle through it, and keep going.
Use a firewall and only expose necessary ports. Protect the ports with strong authentication, encryption where applicable, and possibly a reactive blocker such as fail2ban to keep the script kiddies at bay. If you must run an external SSH server, run it as a seperate process, and only allow key auth, and only for a single user.
Get on whatever mailing lists or errata lists support your distro and apps, and try and keep up with them. If your apps are maintained as source, try and use the repos to update your apps instead of just relying on standard stable packages. You'll get bug fixes faster (probably bugs as well. See above)
Use something like logwatch and read the daily mails.
Also use something like rkhunter to alert you in case something changes.
You sound like you're endorsing living a life with no roots, no community involvement, and no long-term commitments. Seeing the world and its cities and cultures is a really cool experience, but eventually most people like to settle down and do things like have families, hobbies, and own possessions that don't have to fit in a suitcase.
The career-long road warrior mentality directly contradicts with the need most folks have for being close with extended family, laying down roots in a community, or having long-term friendships with close physical proximity.
Working hard may give you a sense of purpose, but trivializing work-life balance will only isolate you.
Since you're a member of the 4-digit ID club, then you may just be old and gray enough to have survived more than 10 of them. Are you functional or technical?
This says less about Sony, and more about the judge in the case. According to several ratings websites, Hon. Joseph Spero is pretty new to the Magistrate bench, and has the reputation for being predisposed to siding with government and business 100% of the time. Hopefully there will be an injunction and appeal coming soon on this.
Mostly, except in very small organizations, there are several implicit safeguards to keep any one person from doing evil with the systems. They are subtle, but effective.
Peer review: Most sysadmins are hired by other sysadmins, or at the very least a technical manager. This means that you are hired based on your skills, reputation, track record, and demonstrated attitude. This means that ideally, you wouldn't even *think* about intentionally subverting a system, because that would mean breaking it or compromising it in some way, and most professional SA'a are simply too OCD to allow it.
Business continuity: Most organizations have several layers of continuity in place, such as disaster recovery scenarios, system snapshots, monitoring, and auditing. This means that unless you are VERY subtle, or work for an entirely incompetent team, you WILL get caught, and the damage will be minimized as you are being put into a police car, never to work in IT again.
There are no "indispensable people:" If you are a sysadmin, and you are the only one who knows your systems, you have not done your job. Every system and app should be documented, and there should be accountability for every change and decision.
No technical solution will ever replace good management and planning, and a design that eliminates the vulnerabilities of a system to rogue sysadmins, will also eliminate its flexibility. It's just a lot cheaper and easier to try and run a good shop.
If you're like most IT managers, you probably have a budget. Which is probably wholly inadequate for immediately and elegantly solving your problems.
Look at your company's business, and how the different offices interact with each other, and with your customers. By just upgrading existing infrastructure, you may be putting some of the money and time where it's not needed, instead of just shutting down a service or migrating it to something more modern or easier to manage. Free is not always better, unless your time has no value.
Pick a few projects to help you get a handle on the things that need more planning, and try and put out any fires as quickly as possible, without committing to a long-term technology plan for remediation.
Your objective is to make the transition as boring as possible for the end users, except for the parts where things just start to work better.
SAP is a German company. Microsoft is already in enough trouble in Europe.
Also, most of SAP's large stakeholders are SAP customers, and few of the large installations are on Windows/MSSQL. Most large implementations are on some flavor of Unix, Oracle, DB2, or mainframe. That's not saying that there aren't some major installations on Windows/MSSQL, but with Microsoft's history of lock-in, and with the extremely low speed at which implementations occur, there's no way in hell these customers (who all have a lot more money and pull than MicroSoft) are going to allow vendor lock-in at the OS/DB level.
Assuming you are now 24 or so, your career should be just starting. Best thing you can do is get in school, take up computers as a hobby, and figure out what you are going to do with yourself when the GI Bill money runs out, or you get a degree, whichever comes first. In my experience, there aren't very many honest, meritocratic companies out there. Being run by human beings tends to kill off all of the idealistic notions of a start-up pretty quickly, so if you want to advance AND stay honest, you are going to have to be somewhat of a mercenary. Good luck on your last trip out of the Main Gate, avoid moving back in with your folks at all costs, and be patient with yourself if you don't immediately begin earning that 40k per year on the outside the recruiter promised you when you enlisted.
There are many things out there to learn about besides computers, networks, and hard science.
Being a technical geek is a little on the narrow side for many folks. Some of the most brilliant people I know do their best work with things like pencil and paper, stringed instruments, needle and thread, or the like. Though I wouldn't consider them geeks, I would say their intellectual curiosity has led them to develop their own talents far beyond what a non-curious mind would be capable of.
Here's to you, Mr. "I have a kid old enough to post intelligently on Slashdot, yet I'm still geeky enough to build out my own multi-head MythTV setup."
According to TFA, Unilever is not so much "going with the lower bidder" as stepping back and applying common sense to their IT decisions.
"Unilever CIO Neil Cameron, said the cost benefits of migrating en masse to an open source platform are no longer as clear cut as they were two years ago because of security and support issues."
Sounds more like he got his ass handed to him by an enterprise architecture team after attempting to push through a bad idea based on a flawed financial model.
Actually, Cobb County is one of the wealthier counties around Atlanta. Problem is, Georgia is what's known as a "Jacksonian Democracy," meaning "Ruled by illiterate rednecks who spit tobacco juice on the living room carpet."
Cobb County is home to mainly soccer moms and NASCAR dads, Hummers, houseboats, McMansions, and Southern Baptists. These folks have plenty of money, little reason to back down, and a knack for being a pain in the ass to the rest of their neighboring Georgians. They will take this to SCOTUS if they can.
This has more to do with political power than protecting the rights of copyright holders. Until the last decade or two, the government's primary function was in national defense and regulation of interstate commerce.
Now that the primary means of interstate trade is via information exchange, look for all sorts of ways that the government is going to try and is presently trying to get as many fingers into the information economy pie as possible. This is really just to establish regulatory agencies. If hatch could put a "protect the children" clause in there somewhere, he would.
If someone wants to show where the sound card goes in this e450, I'd love to see it. As it is, one of the newer Intel P4's with hyperthreading, coupled with a pair of SATA drives and fast memory will blow this thing out of the water on almost every count. I wouldn't waste my time or the space trying to get the beast hooked up.
Remember that your occupation is not your identity, and be sure to keep your social networks in good shape outside of the office. Also, try to keep your personal debt to a minimum. If you balance your personal and professional life, you can avoid most of the stress typically associated with most IT jobs.
Unfortunately, this is never as simple as it sounds, but if you keep the simple goal of balance in mind, you can look forward to a good career.
Even just few years ago, the only way to get Progress, Sybase, or Oracle to work under linux was to use SCO libs and iBCS (thanks AC) to get a SCO-compiled binary to run.
If you're saying that AutoZone's app was binary-only, and never ran under the Progress or any other runtime, cool. What did they run their DB under?
I stand by my opinion that this is a bait and switch technique. It has absolutely nothing to do with any SCO "intellectual property" in the kernel. Until it actually gets in front of a judge, it's just another attention-grabbing press release. We're all feeding the troll, here.
A while back, there was a utility called ipcs, which could take core SCO UNIX libraries, and make them available under linux for programs compiled to run under SCO OpenServer.
Almost all of AutoZone's store inventory and pick machines used to be Wyse terminals connected to an X86 SCO server in the back room, running a Progress application for the front-end.
In order to have a clean migration path away from what was at the time viewed as a dying technology, they probably used IPCS, along with the libraries from their previously purchased SCO servers for new Progress rollouts under linux.
Eventually, Progress Corporation got bright enough to natively support glibc, and Autozone could hopefully do away with all of the SCO hybrids in place. Unfortunately, SCO licensing has always been on a per-user basis, so they're going to hit up AutoZone for proof that they didn't have 500 users connected to libraries that were stripped from a server licensed for five users.
WTF any of this has to do with their lawsuit against IBM is up for debate, but this looks like a bait and switch.
It's not all technobabble. They're trying to avoid using the word "commodity."
They're just spinning off commodity computing as if it's the latest, greatest product offering, rather than the natural evolution of technology. Commoditization of technology has been the downfall of just about every past for-profit technology fad. What these companies and groups are doing is trying to pretend that they created the trend, for some reason. In the end, the result is still the same.
Slashdot Mirror
They built a rube goldberg machine without any thought to how they would maintain it or upgrade it.
Which describes every large software project implemented by a non-software company, ever.
Until you realize that this will also put a moratorium on things like privacy laws, as well as put a hold on any action regarding things like bandwidth caps, net neutrality, and copyright enforcement legislation. That may be good or bad, depending on how we're represented, but I'd rather have the debate in congress, rather than have them be forced to sit idly by while the incumbents go unchecked.
Back when GoDaddy was publicly in support of SOPA, I moved away from them. Ended up saving a lot as well.
No regrets.
Your distro will have a regular patch channel that will address most vendor-introduced vulnerabilities. Patch religiously, and often. At least once per week. It's not like you're responsible for SLA's or regression testing. If you somehow uncover a bug when you patch, muscle through it, and keep going.
Use a firewall and only expose necessary ports. Protect the ports with strong authentication, encryption where applicable, and possibly a reactive blocker such as fail2ban to keep the script kiddies at bay. If you must run an external SSH server, run it as a seperate process, and only allow key auth, and only for a single user.
Get on whatever mailing lists or errata lists support your distro and apps, and try and keep up with them. If your apps are maintained as source, try and use the repos to update your apps instead of just relying on standard stable packages. You'll get bug fixes faster (probably bugs as well. See above)
Use something like logwatch and read the daily mails.
Also use something like rkhunter to alert you in case something changes.
I really wish I had mod points for this. Thank you, sir.
You sound like you're endorsing living a life with no roots, no community involvement, and no long-term commitments. Seeing the world and its cities and cultures is a really cool experience, but eventually most people like to settle down and do things like have families, hobbies, and own possessions that don't have to fit in a suitcase.
The career-long road warrior mentality directly contradicts with the need most folks have for being close with extended family, laying down roots in a community, or having long-term friendships with close physical proximity.
Working hard may give you a sense of purpose, but trivializing work-life balance will only isolate you.
Since you're a member of the 4-digit ID club, then you may just be old and gray enough to have survived more than 10 of them. Are you functional or technical?
This says less about Sony, and more about the judge in the case. According to several ratings websites, Hon. Joseph Spero is pretty new to the Magistrate bench, and has the reputation for being predisposed to siding with government and business 100% of the time. Hopefully there will be an injunction and appeal coming soon on this.
Mostly, except in very small organizations, there are several implicit safeguards to keep any one person from doing evil with the systems. They are subtle, but effective.
Peer review: Most sysadmins are hired by other sysadmins, or at the very least a technical manager. This means that you are hired based on your skills, reputation, track record, and demonstrated attitude. This means that ideally, you wouldn't even *think* about intentionally subverting a system, because that would mean breaking it or compromising it in some way, and most professional SA'a are simply too OCD to allow it.
Business continuity: Most organizations have several layers of continuity in place, such as disaster recovery scenarios, system snapshots, monitoring, and auditing. This means that unless you are VERY subtle, or work for an entirely incompetent team, you WILL get caught, and the damage will be minimized as you are being put into a police car, never to work in IT again.
There are no "indispensable people:" If you are a sysadmin, and you are the only one who knows your systems, you have not done your job. Every system and app should be documented, and there should be accountability for every change and decision.
No technical solution will ever replace good management and planning, and a design that eliminates the vulnerabilities of a system to rogue sysadmins, will also eliminate its flexibility. It's just a lot cheaper and easier to try and run a good shop.
I'm guessing your work email address ends in .edu?
If you're like most IT managers, you probably have a budget. Which is probably wholly inadequate for immediately and elegantly solving your problems.
Look at your company's business, and how the different offices interact with each other, and with your customers. By just upgrading existing infrastructure, you may be putting some of the money and time where it's not needed, instead of just shutting down a service or migrating it to something more modern or easier to manage. Free is not always better, unless your time has no value.
Pick a few projects to help you get a handle on the things that need more planning, and try and put out any fires as quickly as possible, without committing to a long-term technology plan for remediation.
Your objective is to make the transition as boring as possible for the end users, except for the parts where things just start to work better.
SAP is a German company. Microsoft is already in enough trouble in Europe.
Also, most of SAP's large stakeholders are SAP customers, and few of the large installations are on Windows/MSSQL. Most large implementations are on some flavor of Unix, Oracle, DB2, or mainframe. That's not saying that there aren't some major installations on Windows/MSSQL, but with Microsoft's history of lock-in, and with the extremely low speed at which implementations occur, there's no way in hell these customers (who all have a lot more money and pull than MicroSoft) are going to allow vendor lock-in at the OS/DB level.
Assuming you are now 24 or so, your career should be just starting. Best thing you can do is get in school, take up computers as a hobby, and figure out what you are going to do with yourself when the GI Bill money runs out, or you get a degree, whichever comes first. In my experience, there aren't very many honest, meritocratic companies out there. Being run by human beings tends to kill off all of the idealistic notions of a start-up pretty quickly, so if you want to advance AND stay honest, you are going to have to be somewhat of a mercenary. Good luck on your last trip out of the Main Gate, avoid moving back in with your folks at all costs, and be patient with yourself if you don't immediately begin earning that 40k per year on the outside the recruiter promised you when you enlisted.
There are many things out there to learn about besides computers, networks, and hard science.
Being a technical geek is a little on the narrow side for many folks. Some of the most brilliant people I know do their best work with things like pencil and paper, stringed instruments, needle and thread, or the like. Though I wouldn't consider them geeks, I would say their intellectual curiosity has led them to develop their own talents far beyond what a non-curious mind would be capable of.
This is for your dad:
Here's to you, Mr. "I have a kid old enough to post intelligently on Slashdot, yet I'm still geeky enough to build out my own multi-head MythTV setup."
"Unilever CIO Neil Cameron, said the cost benefits of migrating en masse to an open source platform are no longer as clear cut as they were two years ago because of security and support issues."
Sounds more like he got his ass handed to him by an enterprise architecture team after attempting to push through a bad idea based on a flawed financial model.
I'm sure she'll be just fine with it if she gets to pick the other guy.
Actually, Cobb County is one of the wealthier counties around Atlanta. Problem is, Georgia is what's known as a "Jacksonian Democracy," meaning "Ruled by illiterate rednecks who spit tobacco juice on the living room carpet."
Cobb County is home to mainly soccer moms and NASCAR dads, Hummers, houseboats, McMansions, and Southern Baptists. These folks have plenty of money, little reason to back down, and a knack for being a pain in the ass to the rest of their neighboring Georgians. They will take this to SCOTUS if they can.
Now that the primary means of interstate trade is via information exchange, look for all sorts of ways that the government is going to try and is presently trying to get as many fingers into the information economy pie as possible. This is really just to establish regulatory agencies. If hatch could put a "protect the children" clause in there somewhere, he would.
If someone wants to show where the sound card goes in this e450, I'd love to see it. As it is, one of the newer Intel P4's with hyperthreading, coupled with a pair of SATA drives and fast memory will blow this thing out of the water on almost every count. I wouldn't waste my time or the space trying to get the beast hooked up.
Remember that your occupation is not your identity, and be sure to keep your social networks in good shape outside of the office. Also, try to keep your personal debt to a minimum. If you balance your personal and professional life, you can avoid most of the stress typically associated with most IT jobs.
Unfortunately, this is never as simple as it sounds, but if you keep the simple goal of balance in mind, you can look forward to a good career.
Even just few years ago, the only way to get Progress, Sybase, or Oracle to work under linux was to use SCO libs and iBCS (thanks AC) to get a SCO-compiled binary to run.
If you're saying that AutoZone's app was binary-only, and never ran under the Progress or any other runtime, cool. What did they run their DB under?
I stand by my opinion that this is a bait and switch technique. It has absolutely nothing to do with any SCO "intellectual property" in the kernel. Until it actually gets in front of a judge, it's just another attention-grabbing press release. We're all feeding the troll, here.
You're absolutely right. Thanks.
A while back, there was a utility called ipcs, which could take core SCO UNIX libraries, and make them available under linux for programs compiled to run under SCO OpenServer.
Almost all of AutoZone's store inventory and pick machines used to be Wyse terminals connected to an X86 SCO server in the back room, running a Progress application for the front-end.
In order to have a clean migration path away from what was at the time viewed as a dying technology, they probably used IPCS, along with the libraries from their previously purchased SCO servers for new Progress rollouts under linux.
Eventually, Progress Corporation got bright enough to natively support glibc, and Autozone could hopefully do away with all of the SCO hybrids in place. Unfortunately, SCO licensing has always been on a per-user basis, so they're going to hit up AutoZone for proof that they didn't have 500 users connected to libraries that were stripped from a server licensed for five users.
WTF any of this has to do with their lawsuit against IBM is up for debate, but this looks like a bait and switch.
They're just spinning off commodity computing as if it's the latest, greatest product offering, rather than the natural evolution of technology. Commoditization of technology has been the downfall of just about every past for-profit technology fad. What these companies and groups are doing is trying to pretend that they created the trend, for some reason. In the end, the result is still the same.