By the time you get into your fifties you have more answers, less problems, some entrenched bad habits that are nearly impossible to break, a whole lot of dreams that you know you'll never achieve, someone who looks like your parent looking back at you in the mirror, and the search for sex is no longer an overarching need - but inside you'll still feel young.
At thirty you probably feel as old as you'll ever feel. You always feel young inside but at thirty the world stops looking new. That soon passes though once you realise that you haven't been paying close enough attention. The world will always be new and that you'll always feel young even if you live to be a hundred.
Installed it, was happily browsing the web for about 5 minutes. Thought I'd give it a bit of java to test it, browsed through java.com for a few minutes - then my entire computer froze. Went to make a cup of coffee, came back and the screen was in 640x480 in 16 colours! Error box up saying "The nv4_disp driver has stopped working normally." All my other windows had vanished (couple of explorer, couple of the new IE). A reboot seemed to restore me to full res, full colour glory though. Methinks I'll disable java in it now though...
IT security is not about restricting what users can and cannot do - it is about enabling users to do what they need to do in a secure and stable fashion. As an IT professional, all too often I hear through the company grapevine about someone who has been grumbling that the IT security policy was too restrictive, but when you go and talk to the person it turns out that whatever it is they wanted to do can be done, they just didn't know how to do it properly with the systems you have in place. Naturally, they blame the systems, not themselves. Why would you want to send outbound emails from your box, when you can relay through the corporate mail server? Why do you need to run an FTP server to upload your files from home, when SSH is running on your computer already? Why do you need IT to open up ports 1024-65535 in the firewall to allow your new piece of code to work when you could just write it properly in the first place?
IT security policy should not be inflexible, but neither should users assume that it is there just to block them from doing things. If it is, then that is because company management have decreed that behaviour X is not allowed - and that's not an IT security problem.
While your admin may have issues with the default configuration for Firefox, there are genuine reasons for not deploying firefox to your network. Most security concious organisations have a very rigourous patching system for the authorised applications and operating systems. Any app which doesn't fit into that patching system (whether it be up2date, apt-get, SUS/WUS/SMS, yum or another flavour) presents a massive overhead to the IT team. Every time there is an update to Firefox, it needs to be repackaged and redeployed to every desktop in your organisation. And it's not just Firefox, but by setting a precedent of deploying MyRequestedAppX, they face pressure from all sides for AppY, AppZ, etc. Then the questions come - "you support Mr X's AppX with updates and patches - why not mine?".
Unless your organisation has the infrastructure to deal with non-baseline application patching, those apps WILL present a security risk while the IT team tries to find the resource to patch/update and deploy the latest version.
Take a tripod too - to give you the stability you need for those long exposures - which give that spooky, misty effect to the flowing water. You can get very lightweight ones nowadays - or even a combined monopod/walking stick. Of course, that means that whatever camera you end up with, it will need to be tripod-mountable in its waterproof form.
Unfortunately, UCARP has not (yet?) implemented one of the most desirable features (to me) of OpenBSD's CARP - Arpbalance. I guess this would require kernel level changes though.
We use IRC when we are forced to have an online meeting. The time-logging is done for you by your favourite IRC client, as is the logging. Our solution to voting/etc was to use private messages to the secretary, or a simple "show of hands" where appropriate.
Anarchy Online and Neocron spring to mind as non-tolkienesque games - they're sci-fi. Some will argue that sci-fi and fantasy are almost the same thing.
"Real world", there's obviously the sims online - get up, go to the toilet, eat breakfast, go to work, come home, go to the toilet, eat dinner, watch telly, rinse and repeat.
There are also non-massivly multiplayer real world scenarios that are infinitely more exciting than the sims crap-a-thonline - things like CounterStrike, Rainbow Six, etc. CS is more just FPS online, but Rainbow 6 pushes into RPG territory.
It also made the news on GameSpot. Not anywhere near as much detail here though.
They suggest somewhat more PC involvement than indicated above:
"Brian Fargo's inXile entertainment has today announced that it's currently working on a new Bard's Tale role-playing game for PC and current generation consoles."
I always find it interesting finding out little tidbits about what inspired designers in your favourite games. Ultima Online was a good one, with each of its game servers named after something local to where it is located - they even wrote a wee summary of the story behind the name.
"Congratulations - you have successfully voted for your republican candidate. Now, it is our pleasure to tell you about the lastet range of Road-Hawg eight-wheel drive utility vehicles. Feel the supreme power granted by a 20 litre engine. Thrill, as you consume a gallon of fuel a second! Laugh as wildlife and pedestrians bounce off your bumper without leaving a mark!"
Not a dumb question at all - this is one of our major worries about RedHat at the moment too. However, looking at their site (and FAQ), it seems like this (Fedora) is going to be very similar to the RedHat we know at the moment (not the enterprise bit) - ie, major releases every six months or so. It's quite reasonable to expect support for the old releases to fall off very rapidly (it's really not economical to continue to support more than two distributions at a time), and there is certainly no indication they would do otherwise.
RedHat are, IMHO, likely to continue the push for this rapid development so that they can entice more customers into their relatively slow moving Enterprise product.
1. Only machines we want to have on our network are there. This usually means that we give out IP addresses in exchange for the basics - a MAC address and the location of the machine. Higher levels of management of clients has its costs, so that'll be down to the individual manager to decide (for instance - only machines running OS xyz, or only machines we have root/admin access to, only machines built with our spec/OS and connected to our auto patching architecture, etc). This means that we can, in extreme cases, remove someone from the DHCP lists, and flag their MAC up in arpwatch. In the case of "students arriving at the start of term", there is quite a flood of applications at the start of term - combined with teaching them how to find their mac address (solved with a flier in their matriculation pack). After that, it slows to a trickle of applications.
2.With managed switches (and really, who DOESN'T use managed switches in large networks?) troublemakers can be sought and disconnected in times of strife. You have their IP address AND know which switch/port they're on (through the MAC/location registration process). It really is up to the user to come to the IT staff in the event that their connection drops. We have disabled specific ports on network switches in some cases, which is a far more useful solution than removing DHCP entries, but for public areas the DHCP block is what is needed (laptops in libraries for instance). Smart users will get around this, but it's not the smart users you're worried about. They know how to patch.
When it comes down to it, make one simple rule - network access is a priveledge, not a right. Our entire university wide IT infrastructure is built on this philosophy, and as a result the onus is on your users to behave in a responsible way.
There are adapters that allow conversion of fan sizes, so you can run an 80mm fan on your 60mm heatsink.
Have a look at:
www.overclockers.co.uk
"Akasa 60mm to 80mm Fan adaptor (FG-000-AK)
If you need more performance from your CPU cooler and you can't afford to upgrade to an amazing 80mm cooler such as the Alpha PAL8045 then here is a way to boost performance on your existing heatsink without deafening yourself with a high speed delta fan.
The Alaska 60mm to 80mm fan adaptor allows you to use high output 80mm fans on your 60mm cooler, supplied with an 80mm fan grill to protect delicate fingers and wires.
Note: Picture shows a metal adaptor, the version currently shipping is constructed from plastic.
Price: £4.00 (£4.70 Including VAT at 17.5%) "
Dell are still offering RH linux on workstations to UK buyers - maybe desktops too, I don't look that low down the £££ end;)
However, we do always of course rebuild it ourselves with a sensible partitioning scheme and our deparment's specced build.
I think we have a discount with them if we buy our machines with linux instead of windows - £25 or something. Oh, and another £5 for going for a logitech 3-button mouse instead of the microsoft wheely one.
One of the main benefits of having linux offered is that you can be pretty certain that all the hardware works under the latest RH release kernel. Which is reassuring, especially with some of Dell's wierd hardware.
Slashdot Mirror
By the time you get into your fifties you have more answers, less problems, some entrenched bad habits that are nearly impossible to break, a whole lot of dreams that you know you'll never achieve, someone who looks like your parent looking back at you in the mirror, and the search for sex is no longer an overarching need - but inside you'll still feel young.
At thirty you probably feel as old as you'll ever feel. You always feel young inside but at thirty the world stops looking new. That soon passes though once you realise that you haven't been paying close enough attention. The world will always be new and that you'll always feel young even if you live to be a hundred.
Damn, that was beautiful.
Installed it, was happily browsing the web for about 5 minutes. Thought I'd give it a bit of java to test it, browsed through java.com for a few minutes - then my entire computer froze. Went to make a cup of coffee, came back and the screen was in 640x480 in 16 colours! Error box up saying "The nv4_disp driver has stopped working normally." All my other windows had vanished (couple of explorer, couple of the new IE). A reboot seemed to restore me to full res, full colour glory though. Methinks I'll disable java in it now though...
IT security is not about restricting what users can and cannot do - it is about enabling users to do what they need to do in a secure and stable fashion. As an IT professional, all too often I hear through the company grapevine about someone who has been grumbling that the IT security policy was too restrictive, but when you go and talk to the person it turns out that whatever it is they wanted to do can be done, they just didn't know how to do it properly with the systems you have in place. Naturally, they blame the systems, not themselves. Why would you want to send outbound emails from your box, when you can relay through the corporate mail server? Why do you need to run an FTP server to upload your files from home, when SSH is running on your computer already? Why do you need IT to open up ports 1024-65535 in the firewall to allow your new piece of code to work when you could just write it properly in the first place?
IT security policy should not be inflexible, but neither should users assume that it is there just to block them from doing things. If it is, then that is because company management have decreed that behaviour X is not allowed - and that's not an IT security problem.
Not too fancy - even Netfilter has H323 connection tracking modules now, although they've been in Alpha status for some time now:
h tml#pom-extra-h323-conntrack-nat
http://www.netfilter.org/patch-o-matic/pom-extra.
Of course, there are those who will (quite rightly) argue that Netfilter is just about as fancy a packet filter as you can get!
From the United Nations "Universal Declaration of Human Rights": http://www.unhchr.ch/udhr/lang/eng.htm
"Article 23
1. Everyone has the right to work, to free choice of employment, to just and favourable conditions of work and to protection against unemployment."
While your admin may have issues with the default configuration for Firefox, there are genuine reasons for not deploying firefox to your network. Most security concious organisations have a very rigourous patching system for the authorised applications and operating systems. Any app which doesn't fit into that patching system (whether it be up2date, apt-get, SUS/WUS/SMS, yum or another flavour) presents a massive overhead to the IT team. Every time there is an update to Firefox, it needs to be repackaged and redeployed to every desktop in your organisation. And it's not just Firefox, but by setting a precedent of deploying MyRequestedAppX, they face pressure from all sides for AppY, AppZ, etc. Then the questions come - "you support Mr X's AppX with updates and patches - why not mine?".
Unless your organisation has the infrastructure to deal with non-baseline application patching, those apps WILL present a security risk while the IT team tries to find the resource to patch/update and deploy the latest version.
I think you'll find that 3/31/07 is slightly more than eight months from now - no matter whether you're using US or European date formats!
Take a tripod too - to give you the stability you need for those long exposures - which give that spooky, misty effect to the flowing water. You can get very lightweight ones nowadays - or even a combined monopod/walking stick. Of course, that means that whatever camera you end up with, it will need to be tripod-mountable in its waterproof form.
Unfortunately, UCARP has not (yet?) implemented one of the most desirable features (to me) of OpenBSD's CARP - Arpbalance. I guess this would require kernel level changes though.
Liver, cauliflower, soybeans, spinach, lettuce, nuts, and wheat germ are decent natural sources of the stuff, and eggs contain rich veins of choline.
We use IRC when we are forced to have an online meeting. The time-logging is done for you by your favourite IRC client, as is the logging. Our solution to voting/etc was to use private messages to the secretary, or a simple "show of hands" where appropriate.
Cheap and cheerful!
Anarchy Online and Neocron spring to mind as non-tolkienesque games - they're sci-fi. Some will argue that sci-fi and fantasy are almost the same thing.
"Real world", there's obviously the sims online - get up, go to the toilet, eat breakfast, go to work, come home, go to the toilet, eat dinner, watch telly, rinse and repeat.
There are also non-massivly multiplayer real world scenarios that are infinitely more exciting than the sims crap-a-thonline - things like CounterStrike, Rainbow Six, etc. CS is more just FPS online, but Rainbow 6 pushes into RPG territory.
It also made the news on GameSpot. Not anywhere near as much detail here though.
They suggest somewhat more PC involvement than indicated above:
"Brian Fargo's inXile entertainment has today announced that it's currently working on a new Bard's Tale role-playing game for PC and current generation consoles."
is one of the towns in Ultima.
I always find it interesting finding out little tidbits about what inspired designers in your favourite games. Ultima Online was a good one, with each of its game servers named after something local to where it is located - they even wrote a wee summary of the story behind the name.
Or:
"Congratulations - you have successfully voted for your republican candidate. Now, it is our pleasure to tell you about the lastet range of Road-Hawg eight-wheel drive utility vehicles. Feel the supreme power granted by a 20 litre engine. Thrill, as you consume a gallon of fuel a second! Laugh as wildlife and pedestrians bounce off your bumper without leaving a mark!"
Ad nauseum...
Not a dumb question at all - this is one of our major worries about RedHat at the moment too. However, looking at their site (and FAQ), it seems like this (Fedora) is going to be very similar to the RedHat we know at the moment (not the enterprise bit) - ie, major releases every six months or so. It's quite reasonable to expect support for the old releases to fall off very rapidly (it's really not economical to continue to support more than two distributions at a time), and there is certainly no indication they would do otherwise.
RedHat are, IMHO, likely to continue the push for this rapid development so that they can entice more customers into their relatively slow moving Enterprise product.
This gives us the following benefits:
1. Only machines we want to have on our network are there. This usually means that we give out IP addresses in exchange for the basics - a MAC address and the location of the machine. Higher levels of management of clients has its costs, so that'll be down to the individual manager to decide (for instance - only machines running OS xyz, or only machines we have root/admin access to, only machines built with our spec/OS and connected to our auto patching architecture, etc).
This means that we can, in extreme cases, remove someone from the DHCP lists, and flag their MAC up in arpwatch. In the case of "students arriving at the start of term", there is quite a flood of applications at the start of term - combined with teaching them how to find their mac address (solved with a flier in their matriculation pack). After that, it slows to a trickle of applications.
2.With managed switches (and really, who DOESN'T use managed switches in large networks?) troublemakers can be sought and disconnected in times of strife. You have their IP address AND know which switch/port they're on (through the MAC/location registration process). It really is up to the user to come to the IT staff in the event that their connection drops. We have disabled specific ports on network switches in some cases, which is a far more useful solution than removing DHCP entries, but for public areas the DHCP block is what is needed (laptops in libraries for instance). Smart users will get around this, but it's not the smart users you're worried about. They know how to patch.
When it comes down to it, make one simple rule - network access is a priveledge, not a right. Our entire university wide IT infrastructure is built on this philosophy, and as a result the onus is on your users to behave in a responsible way.
--
Have a look at:
www.overclockers.co.uk
"Akasa 60mm to 80mm Fan adaptor (FG-000-AK) If you need more performance from your CPU cooler and you can't afford to upgrade to an amazing 80mm cooler such as the Alpha PAL8045 then here is a way to boost performance on your existing heatsink without deafening yourself with a high speed delta fan. The Alaska 60mm to 80mm fan adaptor allows you to use high output 80mm fans on your 60mm cooler, supplied with an 80mm fan grill to protect delicate fingers and wires. Note: Picture shows a metal adaptor, the version currently shipping is constructed from plastic. Price: £4.00 (£4.70 Including VAT at 17.5%) "
-----
Dell are still offering RH linux on workstations to UK buyers - maybe desktops too, I don't look that low down the £££ end ;)
However, we do always of course rebuild it ourselves with a sensible partitioning scheme and our deparment's specced build.
I think we have a discount with them if we buy our machines with linux instead of windows - £25 or something. Oh, and another £5 for going for a logitech 3-button mouse instead of the microsoft wheely one.
One of the main benefits of having linux offered is that you can be pretty certain that all the hardware works under the latest RH release kernel. Which is reassuring, especially with some of Dell's wierd hardware.