...web surfers never even look at ads, unless they are really bored or the ads are cleverly disguised in a form the viewer hasn't seen
I used to believe this myself, until an experience this past week convinced me otherwise.
I manage the web site for a local public transit organization on the side: DART First State. We sponsor Operation Snowflake at a local radio station. Operation Snowflake reports school and business closings when the weather sucks.
As part of that sponsorship, we got banner ads on that operation snowflake page. Nothing big and exciting at all. Doesn't even offer anything.
Well, on Jan 20 (a snow day here with 3-4 inches), traffic to the transit web site doubled and hit a new high which hasn't been seen since we were giving away free bus tickets for visiting the site last July. I greped the logs and found that more than half of the traffic could be tracked back to that banner ad on the radio website. Each visitor, once on the site, on average visited four other pages.
Best I can guess is the following occured a lot:
"Oh flock(), it's snowing out"
"Let's see if my work is closed." Goes to radio web site
"Doh, no such luck. But wait, there's an ad for DART. Maybe I'll take the bus."
Clicks on banner to check out bus schedules
"Doh, nearest bus to my house is five miles away. Hell with it, I'm driving."
So what I want to know is this....WHAT do you want Microsoft to do?
For starters, I'd love for reality to live up their hype. Example:
I needed to deploy dozens of computers running web browsers in a college library. These computers need to be fairly locked down.
I downloaded the IEAK (IE admin Kit) *and* bought their IE admin book too. 75% of the book was marketing hype talking about all these great things you could do with the kit, including being able to change customizations through policies, etc...
Great! So I spent two weeks just trying to get it to work. The docs on how actual policy restrictions work and what they do amounted to TWO PAGES. I was forced to experiment.
But then I learned some harsh lessons. First, to get customizations and restrictions to actually apply to a NT user logon, the RunOnce key must be r/w to the user. Yes, that's correct. Even though numerous Microsoft KBs say to *not* make RunOnce r/w to users due to security problems, to make IE restrictions kick in, it must be because rundll32 for some reason wants it that way.
Then the Custom directory must be r/w and all files in it r/w so customizations can be downloaded from a web server and applied to the machine.
Even with all that, all customizations wouldn't work right. Bottom line, the only way to get the browser customizations to work as advertised was to give the logon account ADMINISTRATOR PRIVS.
Then there were other hassles, like the fact that unless your web server MIME types.ins to be application/x-internet-startup, the customization file won't apply (not documented because that's the default in IIS I guess).
So I use and support Microsoft products constantly. All I want, all I really want from Microsoft, is to live up to the hype because these days whenever I read about nifty new features of their software and OSes, I just can't believe a word of it.:-(
Microsoft's reply keeps talking about the alleged browser market.
Are they even refusing to concede that there is a market for browsers out there? Did they invent the browser or something? If so, why do I keep seeing spyglass.exe get copied to hard disks when I install NT around here? Gee, where did that spyglass.exe come from?!:)
I am a sys mgr at a large college of 13,000 users. I had a simple idea. Let students and faculty be able to encrypt their e-mail to each other. Gee, should be simple, right? Well, I tried explaining PGP to them in docs, but it was too difficult. But their fave GUI mail clients all supported S/MIME as long as they had user certs. Real simple, we could hand out a user cert as we passed out the account ID and password (which requires user to present college ID to get).
Due to the root CA crap, it's not easy. I thought maybe we could become our own internal CA and get one of the root CAs to sign our CA so it chained up and was recognized by browsers, but you wouldn't BELIEVE how much that costs. Even Thawte charged a fortune. $20,000 plus a dollar for each cert we'd sign.
So I set up our own CA. I could embed our own root CA into all browsers we distribute. I also put the root CA on our web server so people could chose to import it into their own browsers, but for whatever reason, IE 4.5 on a Mac does not have this ability. Plus you wouldn't believe how many people bitch about installing the root CA due to the dire messages some browsers put out about it, but these same people think nothing of granting a java applet permissions to "read/write files/settings" from some unknown site.
It's a mess, and sometimes I think it's all a scam to make encryption for the masses to be too much of a pain in the ass to bother.
Yes, verifying a server's identity is important for e-commerce situations, but if given the choice between encrypted traffic between two unverified points or unencrypted traffic between two unverified points (which is what almost all net traffic is anyway), marginal safety is better than no safety (as long as it doesn't lull you into a false sense of security).
One goal of mine was to prevent a boss of mine from saying "get this slackers e-mail from his account or else be fired" in the future. Then I could say "it's all encrypted, sorry." (Thank *GOD* I've never been asked this in my 10 years as a net administrator here...yet)
There's been several messages in this thread about the insanity with DNS names and that having more TLDs won't solve jack because trademark owners will just register in every TLD they can.
What's even more nuts is what is happening in the toll free number area. Large companies with 800 numbers (like 800-FLOWERS) just *had* to duplicate their numbers in 888, then 877 and you can bet when 866, 855, 844, 833, and 822 toll free "area codes" are eventually open, those will be duplicated too.
Quite a lot of discussion on this topic has been going on in comp.dcom.telecom for a few years now.
Microsoft Windows NT 4.0 SP3 was certified in March 1999 at assurance level E3 and functionality class F-C2 under the UK ITSEC scheme - see the UK ITSEC scheme site for details. This is essentially C2 functionality, but with a higher assurance level (ITSEC E2/F-C2 is approximately TCSEC C2).
These security classifications are useless in real world situations. I am an IS manager in charge of a thousand computers in student labs at a college. What I want is a desktop computer that I can deploy that stops students from flock()ing with it which requires expensive tech time to rebuild.
Windows NT Workstation should have been the answer, but it wasn't. Everything is marketing and everything is never as good as Microsoft promises.
Some examples:
Desktop security. Impossible to implement as soon as you load any type of application. They all want write access to various system files and directories. If you ACL %systemroot% down, everything fails. Microsoft Office is the worse offender. It even wants the ROOT of C: to be writable by all. Can you imagine / and/bin in UNIX being 1777 perms? Did the security evaluations evaluate the box doing anything useful? Or just sitting there?
ZAK: Zero Administration Kit. I bought into this hype and it's been hell trying to implement it ever since. Allegedly you're supposed to be able to lock down policies and roll out workstations and applications using unattended installations. It's not easy. Even many of Microsoft's own products don't support Unattended Installations. I've been beating my head against the wall this week trying to get Visual Basic 6 to install unattended. (See my notes on ZAK and efforts to get it all working at www.dtcc.edu/cs/admin/nt/)
IEAK: Internet Explorer Administration Kit. I had a problem. I needed to deploy a hundred browsing stations in public-access libraries around our various campuses. IEAK seemed to be a dream come true and when I first started with it, I was greatly impressed. I could lock down every setting, remove menu entries, even disable right-click context menus. Everything seemed cherry -- until -- I typed C:\ into the browser location bar. Bingo, all restrictions disappear and I'm now browsing C: with context menus on, other menus on, etc. I can still ACL most of the config down, but not it all (See first bitch point above). Absolutely useless. (I had convinced the library staff to let me install Linux desktops in the library and all was about to go well until I was told that they also had to run Ameritech's Horizon library catalog program -- which does not work under Linux...)
Sysprep: Saw some video about deploying Windows 2000 in the enterprise and the video went on and on about imaging hard drives (Ghost basically, which sucks if you have dozens of different hardware configs and software configs). The video made it sound like sysprep was going to make my administrative duties a snap (more promises). We grabbed a copy and it turned out all it did was make a random string to define as your Netbios station name (yack) and requires DHCP to obtain the IP address -- and it sets the SID to be unique. Why am I not surprised.
So please, stop the hype. Real people are trying to implement real world solutions using NT and actually want it to live up to the hype.
I'm tired of Microsoft hype. If I kept lying, exaggerating, and making excuses to my wife, she'd throw my ass out and trade me in for a better model. I guess IT people are just masochists or something...:(
Do search-engine spiders avoid you because your page addresses end in "forbidden" extensions like.cgi,.php3, etc? Do they ignore anything with a ? or & in the URL?
The solution is easy. Don't use them in your URLs.
Do not use GET args in dynamically built links, but hide your args in a longer plain ole URL. For example, a script at http://www/x/y can actually interpret http://www/x/y/z/ just fine and you can then parse off z as an argument.
First, alias a directory that runs your CGIs, PHPs, etc. Like you would cgi-bin but don't call it that!
Then, plant your cgi program(s) in there. The "arguments" further down would be in the PATH_INFO variable (which you'd have to parse out manually).
So, in the case of http://www/aa/xx/yy/zz/ the script is in the aliased/aa directory. The script is named xx and the PATH_INFO passed to it, in the above example, would be/yy/zz/
This works with Apache. Don't have Apache? Upgrade today at www.apache.org:-)
Re:A nation HAS to safeguard its currency
on
IDs in Color Copies
·
· Score: 1
The dollar is the currency of the world, and I'm not just saying that because I am a US citizen. I grew up in the UK and generally hate US-centric attitudes, but this one is the truth.
Please allow me to reply to my own post. Of course I meant the U.S. dollar. Nothing like doing exactly what I hate, that is, being US-centric and forgetting that some other countries call their units of currency "dollars" as well and they have nothing to do with the U.S. dollar.:-(
This is important folks. If a nation's currency is easily copied, then you'll have economic chaos, hyper inflation, and a host of other evils. Then all of a sudden you'll forget about a copier without watermarking. You'll be more worred about what it is you have of value that a person with extra food might want to trade you for.
The Secret Service *has* to be serious about this.
Someone also asked about why the US doesn't invalidate old bills. It's true. Most countries, when they introduce redesigned currency, set a date in the future when the old currency is no longer valid legal tender (except to collectors of course).
The U.S. would never do this because the world views the dollar as "safe" and face it, there are a lot of people in foreign countries with trunks of hundred dollar bills (the old kind) stored. If they get an inkling that their stash will become worthless or greatly devalued, they'll be converting it to something else in short order.
Yup, subversives and criminals are also important to the US economy. When they lose faith in the dollar, they'll sell dollars and buy currency from some other country leading to a weaker dollar.
The dollar is the currency of the world, and I'm not just saying that because I am a US citizen. I grew up in the UK and generally hate US-centric attitudes, but this one is the truth.
While I don't have any idea whether it's technically a trademark violation, I wish the developers had chosen a name that wasn't simply a variation on VMWare.
A little history, to be fair. The idea of a "virtual machine" and the name VM came from IBM a looong time ago, 70s I believe, at least well before 1980.
IBM sold VM that could load and run other of its operating systems on 370-based mainframes, like MVS or even other copies and versions of VM. This was very helpful for system administrators. Back then, you just couldn't go buy a test box for trying out newer versions or for testing risky patches, etc. So you just ran another guest OS under VM!
So, if anyone has a beef about using the VM acronym in a product name describing this feature, it should be IBM.
I'm sitting on a budget of $200,000 to buy new servers at work and I've been wrestling which way to go. The 32-bit Pentium seems to be at the end of its useful life and the Itanium is still years away.
On the other hand, the 64-bit Alpha processor is still young, but old enough to be proven in the field. I'm wondering.
I'd like to grab a big Alpha-based muti-processor box with at least a gig of RAM and an external RAID unit with several hundred gigs of storage, all running Alpha Linux. I'm still a bit nervous about Compaq's future plans for the chip though.
Unfortunately, every single vendor and VAR I talk to actually laughs at me and asks me questions like "Can I ask you why you are not considering an industry standard NT/Intel-based solution?" and "Can you really count on Linux to survive the next few years? Those socialist coders are going to get bored and figure out they can make more money in the real world eventually." (actual conversations):-(
Amazing, $200,000 and no one wants to help me spend it or at least listen to what I need instead of selling me their NT-based turnkey product.:(
It's no wonder Intel and Microsoft are #1 in the world. If you are not very thick-skinned, you get beaten into submission. It reminds me of the old days when getting approval to buy anything but a S/370 based IBM mainframe or S/36 box was near impossible.
What bothers me is that the more companies do this kind of thing, the more and more it will become acceptable. Most people will eventually throw up their hands and stop bitching.
Personally, I hate it. It's a slippery slope. Once we stop bitching about just sending video card info, then next it will be more personal info.
I can see the need for market research. Pine (the e-mail program) collects information over the net, but it ASKS YOU FOR PERMISSION FIRST. I have no problem with this kind of action. It's stuff going on behind my back without my knowledge that spooks me. I should be able to choose to be counted.
I'm sure if, for example, Id wanted to know how many quakers were using each OS, most of us would be damn eager to be counted. Just ask first. Is that so difficult?
Astronomers, Physicists, Theologists, and Al Gore. None of them know jack. The true genius was Dr. Seuss.
The truth about the universe is described in the book Horton Hears a Who.
For those nerds out there that grew up reading the PC BIOS source listing that was once published in the IBM PC Hardware reference manual, I strongly suggest you buy the above book and expand your mind a bit.
Funny, when I pulled up the article, DejaNews asked me to rate an Oster Breadmaker. It must have used "clam" as a keyword and thought this was a cooking discussion!:)
Be sure to check out the www.clariion.com web page for information on their fibre-channel external RAID units. These units can be managed separately through their own console connection and support redundant everything, including I/O controllers. They support Sun and Solaris. The box also supports hot spares, so if one disk fails, another is automatically bound into the RAID group and rebuilt. With just a single hot spare, you'd have to lose two disks before risking data loss.
As for me, I'm considering their lower end SCSI boxes connected to high-end Intel server running Linux, beings I have $52,000 to spend this year! (yippee). The idea is to put all the money where the valuables are (the data) and use commodity hardware and open source software to drive it. The OS would boot from internal HD and all data and local customizations (ie,/usr/local) would be on external RAID box. If a CPU box fails, unplug it from the array, plug in a spare CPU box, reboot. Minimal downtime due to hardware problems. I can then repair or replace the busted CPU box at ease.
For linux jockies, there is efforts to bring fibre-channel drivers to Linux. Be sure to look at the work at Worcester Polytech for info.
Before you start jumping up and down for joy, please remember that movie studios do not have to release movies in DVD format. Not too long ago, many of them were holding off releasing movies in DVD due to these types of fears, and others were hoping DIVX would take off.
They are not stupid. They know that a few years from now, 6 gigs of disk space won't mean jack and the movie they release today on DVD could wind up everywhere in a few years.
Fortunately for us, DVD home players are near critical mass. If deCSS happened two years ago, DVD for playing movies would have died a quick death. It still could. At the minimum, I predict, the studios will delay releases of DVD until well after they bleed the VCR market.
Yeah, it pisses me off that I can't play DVD movies on my DVD-equipped computer with Linux. But imagine if Red Hat or some other distro made a deal to get a license for making a driver to play these disks. We'd all probably crucify them for releasing a proprietary, non-redestributable driver with no source.
Sometimes you can't have your cake and eat it without upchucking the mess at the most inopportune time....
Let's face it, not everyone who buys a motherboard with a Linux CD with it will install it. But still, let's play by Microsoft rules. They count all preloads of Windows 98 as installed base.
For example, as a college in the Select program, we get NT workstation for about $40. We buy a ton of computers, all preloaded with Windows 98 whether we want it or not. We reformat and install NT on it. But Microsoft counts each machine as two, one for 98, one for NT, in their stats.
Determining a true install base stat is impossible, but many will try. Now the Linux camp can fudge numbers with the best of them. If someone has a Linux CD in their possession, assume they actually installed it!
I like MailBank having registered my surname. It means that it's available to everybody with my surname instead of just to the first SOB that gets it and decides to keep it for himself.
Good point. I now have a notice on my web page that I will provide free e-mail and/or web site redirect aliases to anyone with a Weaverling surname -- for free.
Their rates are also cheaper than registering the domain yourself.
Not cheaper than free! It's just one entry in a table and an occasional forwarded mail message. $9.95/mo (what mailbank charges for an alias) is ridiculous. Registering 12,000 names and common words is also insane.
Scumbags like mailbank.com have already registered over 10,000 surnames, just so they can sell mail aliases and web aliases back to people. Imagine, now they'll be able to afford to get every surname in the phone directory, if not already taken.
Just thought of another great scam this open registration system will allow. A site like mailbank.com has a form where you type in your surname to see if it is available for getting a vanity domain name from them based on that surname. They search their database of 12,000 names and tell you if you can do it.
Imagine now, their form can go further. If your name is Nigel Poncewattle and you enter poncewattle into their search box and they don't already have it registered and it's not already registered elsewhere, they can instantly register the domain poncewattle.com, then come back and say "Congratulations" and resell a piece of it to you (and others.)
In my opinion, NSI should have been allowed to keep the three main TLDs and other registrars should have begun other TLDs so turds like me who wanted their surname as a domain name could have registered something more appropriate like weaverling.nom instead of weaverling.org
There's a big downside to cheap registration services. At least at $70 a pop, it kind of tempers most people from going nuts. Now that we can see really cheap domain registrations, anything that makes sense will be gone in no time.
Scumbags like mailbank.com have already registered over 10,000 surnames, just so they can sell mail aliases and web aliases back to people. Imagine, now they'll be able to afford to get every surname in the phone directory, if not already taken.
All I know is, I'm damn glad I grabed *MY* surname already, cause after this is done, the only available domain names left with be crap like.
I work at a two-year Technical and Community College. I am in charge of computer support and regularly am hunting for and hiring qualified candidates.
But before my opinion, some sad humor. I once suggested they introduce a credit course in Perl and even offered to teach it. The response? Perl is not a serious language, just a toy.
OK, first thing, you're screwed. You have to play all angles. To get to an interview, you have to please Personnel, to get hired, you have to please someone like me. We all look for different things.
Personnel departments obviously look for degrees, experience, and buzzwords. I would rather have a gung ho adaptive and smart guru with minimal experience than a deadwood "set in his/her ways" old timer who can't adapt to this rapidly changing world.
(Just as an example Old farts have a lot to offer too -- hey, I'm one myself -- but they HAVE to keep up with the market. Why do you think this old man reads Slashdot?!)
A good degree from a decent accredited institution is a must. While there, do your best to get a job at the place in the tech area. You might have to start working as an assistant in a student lab, but trust me, but that's also an ideal job. You'll have lots of time to study, experiment, and get paid at the same time.
Certifications don't mean jack to me. I've known some real idiots who have MCSEs. All they show me is that they know how to memorize facts and nothing else. If I give many of these MCSE chumps a non-textbook task, they can't function. For example, set me up an NT RAS dialin server using PAP, but authenticating against the IDs and passwords of our main UNIX systems.
Having a complex home network helps. A job candidate showed me recently that he has a complex network at his huge house where four generations of his family live. The entire house is networked, connected full time to the net via ISDN, using Linux as a gateway and all clients are Windows based. We telnet'ed into his home box and he showed me how he could monitor his home network. He prefers Windows boxen for personal use, but Linux was the ideal solution for his gateway/firewall setup.
Needless to say, I was impressed. He showed me an ability to think up solutions to problems, he was able to answer technical questions about it (so I knew *he* was the one who did it). He used the right tool for the job, and wasn't a platform bigot. Unfortuanately, he doesn't have any degree. Too bad, I want him. I have to have him!:-)
Another suggestion. Be smart on the net. Post intelligent posts to usenet and answer tech questions using your real name. More and more managers I know about use the net as a candidate research tool. Unfortunately, our selection process prohibits that since I can't remove info about candidates from the screening rooms, etc, etc... But other managers aren't stuck with limitations like this.
Your on-line activities can help or kill you. Want to act like a jackal on-line? Get a second account somewhere and don't use your real name! (Unfortunately, I don't always follow my own advice:)
My final piece of advice. Don't be a platform bigot. I HATE THEM. The world changes, the world has different solutions, different platforms have different advantages. In my younger days, everyone was an IBM bigot even though in the 60s and 70s other mainframe boxen from people like Burroughs (now Unisys) had far better and more advanced systems. A platform bigot robs me, the manager, of inputs so I can make the best decision for the company/college/whatever. Platform bigots should all die a horrible death.
Internet-accessible bank accounts have always given me pause for thought. What happens if you _need_ the money in the account, and their server is down due to a crash or a DoS attack, or some hardware failure? What happens if security is breeched?
I've had all of my stash at www.sfnb.com for years now. They were the first Internet-only bank and I jumped at the chance to open an account with them.
So, if you did break into my account, what would you do? Write yourself a check and have it mailed to your house? Transfer my money into your account?
I'm not saying it's not without risk. You could, if you wanted to be a dick, transfer $10,000 out of my savings into my checking, then write out a check on-line for $10,000 to your favorite charity.
Or, sell something big you don't own on e-bay, get the cash from the buyer through an escrow service, then buy the product from somewhere else, use my account's funds to pay for it, then have the product shipped to the ebay buyer's house, then escrow service releases money to you when buyer gets the product you never owned. (sound familiar?)
OK, damn, never mind, it can be risky. Great, excuse me while I got change my password again.
But I still don't see net banking as much of a security risk as debit/ATM cards where possession of a tiny 4-digit code and card can get you instant cash from the account.
Hi, I'm a manager of a 20+ technical support staff at a large two-year college. I'm 40, hair down my back, gentle, sensitive, I like taking long walks, staring at the stars, listening to evil music like Rob Zombie and Rammstein, last-minute trips...
Oops, sorry, wrong web page....:-)
Anyway, I have the opposite problem. Some braindead staff that give *ME* shit for suggesting the use of certain OSS packages and OSes. There's one of them who is a real Microsoft flunky let me tell you. He's going to pop a cork when I suggest we start support Star Office soon! We regularly get into arguments over *NIX versus NT.
Anyway, we do (and have since the beginning of IT time) used OSS software heavily. One thing I love about it is often not mentioned, and it's not the saving of cash. As a college, we get some insanely low pricing from Microsoft through their Select 4.0 program, like Office Pro (not upgrade) for less than $50, so license costs aren't as big of a deal with us as if it cost us a few hundred a pop.
But I don't care about the money for desktop software. It's billed to someone else's budget. What keeps me up at night is the difficulty in keeping accurate track of installed software with restrictive commercial licenses which make management of licenses a real hassle, let alone the legal liability issues for ME as the big guy if those ass holes at SPA come knocking at the door. Funny how corporate officers of companies are never criminally liable for actions of their companies but *I* have to be criminally liable if some idiot sneaks an install of some commercial package onto their office PC. But I'm ranting...
So, best of "free" software (not just OSS) is that I can just install it as needed where needed and not worry about keeping strict track of who has it and who paid for it.
But, back on topic, the idea of an OSS user register is great, but is not going to be easy to compile. As we've seen from previous posts, most people post AC and won't name names.
As for *my* employer, you can certainly figure it out with a click or two, else you're a total idiot!
(And no, I am not speaking for my employer in this forum....)
The brightest minds in the world can't stop a determined spammer from spewing unwanted garbage into the net, so how are these folk going to stop someone who has a need to say "FUCK MY LEADERS" to the government, from doing so?
Ever hang out in news.admin.net-abuse.email before? UUnet can take several months to hunt down a spammer and get their account nuked, and somehow they are going to stop me from posting dirty words?
Look at it from another perspective. When was the last time all the world's government's could agree on anything? I can't think of a single thing. Something like this won't work unless there is 100% cooperation from all who are connected to the Internet.
Slashdot Mirror
I used to believe this myself, until an experience this past week convinced me otherwise.
I manage the web site for a local public transit organization on the side: DART First State. We sponsor Operation Snowflake at a local radio station. Operation Snowflake reports school and business closings when the weather sucks.
As part of that sponsorship, we got banner ads on that operation snowflake page. Nothing big and exciting at all. Doesn't even offer anything.
Well, on Jan 20 (a snow day here with 3-4 inches), traffic to the transit web site doubled and hit a new high which hasn't been seen since we were giving away free bus tickets for visiting the site last July. I greped the logs and found that more than half of the traffic could be tracked back to that banner ad on the radio website. Each visitor, once on the site, on average visited four other pages.
Best I can guess is the following occured a lot:
For starters, I'd love for reality to live up their hype. Example:
I needed to deploy dozens of computers running web browsers in a college library. These computers need to be fairly locked down.
I downloaded the IEAK (IE admin Kit) *and* bought their IE admin book too. 75% of the book was marketing hype talking about all these great things you could do with the kit, including being able to change customizations through policies, etc...
Great! So I spent two weeks just trying to get it to work. The docs on how actual policy restrictions work and what they do amounted to TWO PAGES. I was forced to experiment.
But then I learned some harsh lessons. First, to get customizations and restrictions to actually apply to a NT user logon, the RunOnce key must be r/w to the user. Yes, that's correct. Even though numerous Microsoft KBs say to *not* make RunOnce r/w to users due to security problems, to make IE restrictions kick in, it must be because rundll32 for some reason wants it that way.
Then the Custom directory must be r/w and all files in it r/w so customizations can be downloaded from a web server and applied to the machine.
Even with all that, all customizations wouldn't work right. Bottom line, the only way to get the browser customizations to work as advertised was to give the logon account ADMINISTRATOR PRIVS.
Then there were other hassles, like the fact that unless your web server MIME types .ins to be application/x-internet-startup, the customization file won't apply (not documented because that's the default in IIS I guess).
So I use and support Microsoft products constantly. All I want, all I really want from Microsoft, is to live up to the hype because these days whenever I read about nifty new features of their software and OSes, I just can't believe a word of it. :-(
Are they even refusing to concede that there is a market for browsers out there? Did they invent the browser or something? If so, why do I keep seeing spyglass.exe get copied to hard disks when I install NT around here? Gee, where did that spyglass.exe come from?! :)
Due to the root CA crap, it's not easy. I thought maybe we could become our own internal CA and get one of the root CAs to sign our CA so it chained up and was recognized by browsers, but you wouldn't BELIEVE how much that costs. Even Thawte charged a fortune. $20,000 plus a dollar for each cert we'd sign.
So I set up our own CA. I could embed our own root CA into all browsers we distribute. I also put the root CA on our web server so people could chose to import it into their own browsers, but for whatever reason, IE 4.5 on a Mac does not have this ability. Plus you wouldn't believe how many people bitch about installing the root CA due to the dire messages some browsers put out about it, but these same people think nothing of granting a java applet permissions to "read/write files/settings" from some unknown site.
It's a mess, and sometimes I think it's all a scam to make encryption for the masses to be too much of a pain in the ass to bother.
Yes, verifying a server's identity is important for e-commerce situations, but if given the choice between encrypted traffic between two unverified points or unencrypted traffic between two unverified points (which is what almost all net traffic is anyway), marginal safety is better than no safety (as long as it doesn't lull you into a false sense of security).
One goal of mine was to prevent a boss of mine from saying "get this slackers e-mail from his account or else be fired" in the future. Then I could say "it's all encrypted, sorry." (Thank *GOD* I've never been asked this in my 10 years as a net administrator here...yet)
What's even more nuts is what is happening in the toll free number area. Large companies with 800 numbers (like 800-FLOWERS) just *had* to duplicate their numbers in 888, then 877 and you can bet when 866, 855, 844, 833, and 822 toll free "area codes" are eventually open, those will be duplicated too.
Quite a lot of discussion on this topic has been going on in comp.dcom.telecom for a few years now.
These security classifications are useless in real world situations. I am an IS manager in charge of a thousand computers in student labs at a college. What I want is a desktop computer that I can deploy that stops students from flock()ing with it which requires expensive tech time to rebuild.
Windows NT Workstation should have been the answer, but it wasn't. Everything is marketing and everything is never as good as Microsoft promises.
Some examples:
So please, stop the hype. Real people are trying to implement real world solutions using NT and actually want it to live up to the hype.
I'm tired of Microsoft hype. If I kept lying, exaggerating, and making excuses to my wife, she'd throw my ass out and trade me in for a better model. I guess IT people are just masochists or something... :(
The solution is easy. Don't use them in your URLs.
Do not use GET args in dynamically built links, but hide your args in a longer plain ole URL. For example, a script at http://www/x/y can actually interpret http://www/x/y/z/ just fine and you can then parse off z as an argument.
First, alias a directory that runs your CGIs, PHPs, etc. Like you would cgi-bin but don't call it that!
Then, plant your cgi program(s) in there. The "arguments" further down would be in the PATH_INFO variable (which you'd have to parse out manually).
So, in the case of http://www/aa/xx/yy/zz/ the script is in the aliased /aa directory. The script is named xx and the PATH_INFO passed to it, in the above example, would be /yy/zz/
This works with Apache. Don't have Apache? Upgrade today at www.apache.org :-)
Please allow me to reply to my own post. Of course I meant the U.S. dollar. Nothing like doing exactly what I hate, that is, being US-centric and forgetting that some other countries call their units of currency "dollars" as well and they have nothing to do with the U.S. dollar. :-(
The Secret Service *has* to be serious about this.
Someone also asked about why the US doesn't invalidate old bills. It's true. Most countries, when they introduce redesigned currency, set a date in the future when the old currency is no longer valid legal tender (except to collectors of course).
The U.S. would never do this because the world views the dollar as "safe" and face it, there are a lot of people in foreign countries with trunks of hundred dollar bills (the old kind) stored. If they get an inkling that their stash will become worthless or greatly devalued, they'll be converting it to something else in short order.
Yup, subversives and criminals are also important to the US economy. When they lose faith in the dollar, they'll sell dollars and buy currency from some other country leading to a weaker dollar.
The dollar is the currency of the world, and I'm not just saying that because I am a US citizen. I grew up in the UK and generally hate US-centric attitudes, but this one is the truth.
A little history, to be fair. The idea of a "virtual machine" and the name VM came from IBM a looong time ago, 70s I believe, at least well before 1980.
IBM sold VM that could load and run other of its operating systems on 370-based mainframes, like MVS or even other copies and versions of VM. This was very helpful for system administrators. Back then, you just couldn't go buy a test box for trying out newer versions or for testing risky patches, etc. So you just ran another guest OS under VM!
So, if anyone has a beef about using the VM acronym in a product name describing this feature, it should be IBM.
On the other hand, the 64-bit Alpha processor is still young, but old enough to be proven in the field. I'm wondering.
I'd like to grab a big Alpha-based muti-processor box with at least a gig of RAM and an external RAID unit with several hundred gigs of storage, all running Alpha Linux. I'm still a bit nervous about Compaq's future plans for the chip though.
Unfortunately, every single vendor and VAR I talk to actually laughs at me and asks me questions like "Can I ask you why you are not considering an industry standard NT/Intel-based solution?" and "Can you really count on Linux to survive the next few years? Those socialist coders are going to get bored and figure out they can make more money in the real world eventually." (actual conversations) :-(
Amazing, $200,000 and no one wants to help me spend it or at least listen to what I need instead of selling me their NT-based turnkey product. :(
It's no wonder Intel and Microsoft are #1 in the world. If you are not very thick-skinned, you get beaten into submission. It reminds me of the old days when getting approval to buy anything but a S/370 based IBM mainframe or S/36 box was near impossible.
Too late. Think about Tru64 UNIX, formerly Digital UNIX. :-)
Personally, I hate it. It's a slippery slope. Once we stop bitching about just sending video card info, then next it will be more personal info.
I can see the need for market research. Pine (the e-mail program) collects information over the net, but it ASKS YOU FOR PERMISSION FIRST. I have no problem with this kind of action. It's stuff going on behind my back without my knowledge that spooks me. I should be able to choose to be counted.
I'm sure if, for example, Id wanted to know how many quakers were using each OS, most of us would be damn eager to be counted. Just ask first. Is that so difficult?
The truth about the universe is described in the book Horton Hears a Who.
For those nerds out there that grew up reading the PC BIOS source listing that was once published in the IBM PC Hardware reference manual, I strongly suggest you buy the above book and expand your mind a bit.
Funny, when I pulled up the article, DejaNews asked me to rate an Oster Breadmaker. It must have used "clam" as a keyword and thought this was a cooking discussion! :)
As for me, I'm considering their lower end SCSI boxes connected to high-end Intel server running Linux, beings I have $52,000 to spend this year! (yippee). The idea is to put all the money where the valuables are (the data) and use commodity hardware and open source software to drive it. The OS would boot from internal HD and all data and local customizations (ie, /usr/local) would be on external RAID box. If a CPU box fails, unplug it from the array, plug in a spare CPU box, reboot. Minimal downtime due to hardware problems. I can then repair or replace the busted CPU box at ease.
For linux jockies, there is efforts to bring fibre-channel drivers to Linux. Be sure to look at the work at Worcester Polytech for info.
They are not stupid. They know that a few years from now, 6 gigs of disk space won't mean jack and the movie they release today on DVD could wind up everywhere in a few years.
Fortunately for us, DVD home players are near critical mass. If deCSS happened two years ago, DVD for playing movies would have died a quick death. It still could. At the minimum, I predict, the studios will delay releases of DVD until well after they bleed the VCR market.
Yeah, it pisses me off that I can't play DVD movies on my DVD-equipped computer with Linux. But imagine if Red Hat or some other distro made a deal to get a license for making a driver to play these disks. We'd all probably crucify them for releasing a proprietary, non-redestributable driver with no source.
Sometimes you can't have your cake and eat it without upchucking the mess at the most inopportune time....
For example, as a college in the Select program, we get NT workstation for about $40. We buy a ton of computers, all preloaded with Windows 98 whether we want it or not. We reformat and install NT on it. But Microsoft counts each machine as two, one for 98, one for NT, in their stats.
Determining a true install base stat is impossible, but many will try. Now the Linux camp can fudge numbers with the best of them. If someone has a Linux CD in their possession, assume they actually installed it!
Good point. I now have a notice on my web page that I will provide free e-mail and/or web site redirect aliases to anyone with a Weaverling surname -- for free.
Not cheaper than free! It's just one entry in a table and an occasional forwarded mail message. $9.95/mo (what mailbank charges for an alias) is ridiculous. Registering 12,000 names and common words is also insane.
Just thought of another great scam this open registration system will allow. A site like mailbank.com has a form where you type in your surname to see if it is available for getting a vanity domain name from them based on that surname. They search their database of 12,000 names and tell you if you can do it.
Imagine now, their form can go further. If your name is Nigel Poncewattle and you enter poncewattle into their search box and they don't already have it registered and it's not already registered elsewhere, they can instantly register the domain poncewattle.com, then come back and say "Congratulations" and resell a piece of it to you (and others.)
In my opinion, NSI should have been allowed to keep the three main TLDs and other registrars should have begun other TLDs so turds like me who wanted their surname as a domain name could have registered something more appropriate like weaverling.nom instead of weaverling.org
Scumbags like mailbank.com have already registered over 10,000 surnames, just so they can sell mail aliases and web aliases back to people. Imagine, now they'll be able to afford to get every surname in the phone directory, if not already taken.
All I know is, I'm damn glad I grabed *MY* surname already, cause after this is done, the only available domain names left with be crap like.
But before my opinion, some sad humor. I once suggested they introduce a credit course in Perl and even offered to teach it. The response? Perl is not a serious language, just a toy.
OK, first thing, you're screwed. You have to play all angles. To get to an interview, you have to please Personnel, to get hired, you have to please someone like me. We all look for different things.
Personnel departments obviously look for degrees, experience, and buzzwords. I would rather have a gung ho adaptive and smart guru with minimal experience than a deadwood "set in his/her ways" old timer who can't adapt to this rapidly changing world.
(Just as an example Old farts have a lot to offer too -- hey, I'm one myself -- but they HAVE to keep up with the market. Why do you think this old man reads Slashdot?!)
A good degree from a decent accredited institution is a must. While there, do your best to get a job at the place in the tech area. You might have to start working as an assistant in a student lab, but trust me, but that's also an ideal job. You'll have lots of time to study, experiment, and get paid at the same time.
Certifications don't mean jack to me. I've known some real idiots who have MCSEs. All they show me is that they know how to memorize facts and nothing else. If I give many of these MCSE chumps a non-textbook task, they can't function. For example, set me up an NT RAS dialin server using PAP, but authenticating against the IDs and passwords of our main UNIX systems.
Having a complex home network helps. A job candidate showed me recently that he has a complex network at his huge house where four generations of his family live. The entire house is networked, connected full time to the net via ISDN, using Linux as a gateway and all clients are Windows based. We telnet'ed into his home box and he showed me how he could monitor his home network. He prefers Windows boxen for personal use, but Linux was the ideal solution for his gateway/firewall setup.
Needless to say, I was impressed. He showed me an ability to think up solutions to problems, he was able to answer technical questions about it (so I knew *he* was the one who did it). He used the right tool for the job, and wasn't a platform bigot. Unfortuanately, he doesn't have any degree. Too bad, I want him. I have to have him! :-)
Another suggestion. Be smart on the net. Post intelligent posts to usenet and answer tech questions using your real name. More and more managers I know about use the net as a candidate research tool. Unfortunately, our selection process prohibits that since I can't remove info about candidates from the screening rooms, etc, etc... But other managers aren't stuck with limitations like this.
Your on-line activities can help or kill you. Want to act like a jackal on-line? Get a second account somewhere and don't use your real name! (Unfortunately, I don't always follow my own advice :)
My final piece of advice. Don't be a platform bigot. I HATE THEM. The world changes, the world has different solutions, different platforms have different advantages. In my younger days, everyone was an IBM bigot even though in the 60s and 70s other mainframe boxen from people like Burroughs (now Unisys) had far better and more advanced systems. A platform bigot robs me, the manager, of inputs so I can make the best decision for the company/college/whatever. Platform bigots should all die a horrible death.
I've had all of my stash at www.sfnb.com for years now. They were the first Internet-only bank and I jumped at the chance to open an account with them.
So, if you did break into my account, what would you do? Write yourself a check and have it mailed to your house? Transfer my money into your account?
I'm not saying it's not without risk. You could, if you wanted to be a dick, transfer $10,000 out of my savings into my checking, then write out a check on-line for $10,000 to your favorite charity.
Or, sell something big you don't own on e-bay, get the cash from the buyer through an escrow service, then buy the product from somewhere else, use my account's funds to pay for it, then have the product shipped to the ebay buyer's house, then escrow service releases money to you when buyer gets the product you never owned. (sound familiar?)
OK, damn, never mind, it can be risky. Great, excuse me while I got change my password again.
But I still don't see net banking as much of a security risk as debit/ATM cards where possession of a tiny 4-digit code and card can get you instant cash from the account.
Oops, sorry, wrong web page.... :-)
Anyway, I have the opposite problem. Some braindead staff that give *ME* shit for suggesting the use of certain OSS packages and OSes. There's one of them who is a real Microsoft flunky let me tell you. He's going to pop a cork when I suggest we start support Star Office soon! We regularly get into arguments over *NIX versus NT.
Anyway, we do (and have since the beginning of IT time) used OSS software heavily. One thing I love about it is often not mentioned, and it's not the saving of cash. As a college, we get some insanely low pricing from Microsoft through their Select 4.0 program, like Office Pro (not upgrade) for less than $50, so license costs aren't as big of a deal with us as if it cost us a few hundred a pop.
But I don't care about the money for desktop software. It's billed to someone else's budget. What keeps me up at night is the difficulty in keeping accurate track of installed software with restrictive commercial licenses which make management of licenses a real hassle, let alone the legal liability issues for ME as the big guy if those ass holes at SPA come knocking at the door. Funny how corporate officers of companies are never criminally liable for actions of their companies but *I* have to be criminally liable if some idiot sneaks an install of some commercial package onto their office PC. But I'm ranting...
So, best of "free" software (not just OSS) is that I can just install it as needed where needed and not worry about keeping strict track of who has it and who paid for it.
But, back on topic, the idea of an OSS user register is great, but is not going to be easy to compile. As we've seen from previous posts, most people post AC and won't name names.
As for *my* employer, you can certainly figure it out with a click or two, else you're a total idiot!
(And no, I am not speaking for my employer in this forum....)
The brightest minds in the world can't stop a determined spammer from spewing unwanted garbage into the net, so how are these folk going to stop someone who has a need to say "FUCK MY LEADERS" to the government, from doing so?
Ever hang out in news.admin.net-abuse.email before? UUnet can take several months to hunt down a spammer and get their account nuked, and somehow they are going to stop me from posting dirty words?
Look at it from another perspective. When was the last time all the world's government's could agree on anything? I can't think of a single thing. Something like this won't work unless there is 100% cooperation from all who are connected to the Internet.