I fully agree with this, if you force kids to take programming classes most of them will HATE the class... The result of this is that the kids who hate the class will disrupt their peers, so that even the kids who might be interested in programming will be put off either via peer pressure or due to the classroom environment being too unruly.
They do need to teach general IT tho, not programming but the general concepts of performing common tasks such as accessing the internet and typing a letter. What they should not do however, is stick to a single platform or set of apps... Kids should be taught the general concepts, and how they can be applied to different applications. If you teach specific software, then by the time they leave school that software will be obsolete.. It will be replaced by a newer version, something else or its function may even be entirely obsoleted.
Something else that needs doing, is to provide the kids free access to computers in school... Not restrictive access where they can't do very much, but unrestricted access to machines set up for that purpose with encouragement. Give them unrestricted root access, but have it reset to a standard image each time you reboot it or on request... Or give them unrestricted access to their own VM. Above all, make sure they know they can do what they want, without fear of causing any permanent damage and without fear of punishment.
Many kids in poorer areas don't have access to computers at home, and having access to a restrictive environment that only permits them to use a word processor is not going to drive any interest. There are plenty of people who would have made good programmers, had they had access to learn. Even those who do have access to a computer at home, may find that it is shared with other family members and therefore are fearful of truly experimenting with it incase they break it and incur anger from the other users.
Kids learn by trying things, but if you punish them for trying then they will not learn anything and just grow resentful.
The countries bordering china are generally not good choices for where you'd route your connectivity... Some of them even use china for connectivity themselves. And the border region with some countries is either very sparsely populated, or filled with mountains that would block your wifi signal.
Why is their policy draconian? Over population is a HUGE problem that needs to be dealt with, can you think of any alternative methods that are less "draconian"?
What you have, is an old but highly profitable business model (selling cameras, and *then* both selling and developing film) becoming obsolete, and replaced with a new business model thats better for consumers - namely just selling digital cameras.
The problem is that these companies became bloated from the huge profits they made selling and developing film, so the profits obtained from selling just the cameras are no longer enough to sustain the business. We're just lucky that they didn't start lobbying to have digital cameras banned, and force people to continue using film in order to protect their profits.
Because many of those with secrets worth protecting tend to be big business themselves (or politicians who started out as businessmen), and therefore are more willing to trust other businessmen who tell them the solution is to buy their expensive black box products...
While most people cannot, or will not read the source code... It only takes one of them to read it and find a backdoor, and then tell the world.
If your really paranoid, you can read the code yourself or find someone you trust to do it for you. Personally i'd much rather trust a friend, or someone who is working explicitly *for me* than a company which has the primary goal of making profit at any expense.
Even if a backdoor is discovered, there's no guarantee that credibility will be lost... A smart backdoor would look like a bug and could easily be explained away as such... Exploitable security holes are commonplace, who's to say some of them weren't originally designed as backdoors?
Nothing has to be understood, you didn't buy the software you are renting it and the license agreement says so... It also says that you have no comeback against the company providing it. If you didn't like those terms, then you shouldn't have accepted them.
Companies exist to make profit, its only logical that they would sell you (a small fry) out to a large government willing to pay a lot more money and open up a potentially huge market to them. This is what companies do, welcome to capitalism.
Speed limits are often higher in europe (70mph in the uk, no limit in some parts of germany etc)... And yet European cars are generally more economical than american ones.
Cars have always been designed to accelerate to speeds higher than the speed limit anyway, if anything some newer cars are so underpowered as to be quite dangerous as they significantly increase the size of gap you require when pulling out.
Better safety equipment and structure is a design goal regardless of the speed limit, a car designed to be safe at 100mph is going to be pretty good at protecting occupants when driving at 30mph.
On the other hand, low speed limits make it much easier to fall asleep at the wheel, 65mph was noisy and uncomfortable 30 years ago, but in todays cars you barely feel it.
It always seems to be the commercial cruft that causes problems... If your not using anything like that, it's much easier but as soon as you add some commercialware to the mix your faced with non standard installers, no central updating, dependency hell etc.
Just like the people who produce advertisements and other kinds of marketing material... How do you think people who produce tv commercials get paid?
This is also perfectly fair, you do some work and get paid. Or do you think that these other people involved in the production of an album should get paid continually for 90+ years without doing any more work?
If your a singer your product is the performance, a recording on CD or played on the radio is marketing material aimed at encouraging people to your performances.
Ridiculous, sure plenty of companies use windows and notice how these are pretty much all non-tech companies, companies where tech is not a core competency is often outsourced and purchasing decisions are typically made by people without a tech background and are often poor choices...
When it comes to applications on a large scale exposed to the hostile internet open source is king, think google, yahoo, facebook, twitter, akamai, amazon, and let not forget the worlds top supercomputers... The fact is when it comes to organisations who understand technology open source is the more common choice... Windows gets used in organisations where the decisions are made by people with little or no technical knowledge, who are much easier to fool with fancy marketing.
You talk about migrations, but don't mention what was migrated FROM... Many of these stories of saving money or time with a particular windows install are based on migrating from earlier versions of windows which were even worse... It's easy to make improvements when you start with the worst technology on the market.
Amusing you mention nasdaq, it's well known their core trading system is linux based.. want a citation? http://www.computerworlduk.com/news/open-source/3268210/nasdaq-in-open-source-tech-battle-with-7bn-nyse-bid/ or try google. Also amusing you mention the london stock exchange, they did have a windows based system and it was often cited in propaganda pieces like yours, infact ms used to advertise it on slashdot. That advertising abruptly stopped about the time the london stock exchange suffered the first of several major outages. Their windows based system was derided by those who used it, it was slow and unreliable and got ripped out.
Have you ever worked at any of these companies? I have first hand experience with several on your list, and i would not hold them up as any kind of positive example... And let's just say that in any security audit, windows is pretty much ALWAYS the weakest link.
Given up on the CIS benchmarks yet? Or have you given up pushing flawed benchmarking tools without ever making any effort to actually understand how they work?
Says: The site has NOT been hacked, and there is a big difference. The alert is likely a result of "Malvertising",, a growing method for attackers to distribute malware via advertising tags"
Hacked CAs? You forgot diginotar, who were compromised due to keeping important servers on an active directory domain making them easy pickings... Also the link you posted has no useful information on it, all the reports i've read have stated the compromised systems at multiple CAs were windows, or compromised as a result of compromised windows boxes (ie keylogged admin workstations).
Sites built on Linux, Apache, MySQL and PHP are the favoured targets of phishing attackers"
Do you even understand what phishing is? Here's a hint, it has nothing to do with the platform the site runs on.
Various linux related sites hacked, but have you bothered reading *how* they got hacked? Most of them appear to be due to admins of those systems being compromised, and the hackers then using their access to compromise the servers... It doesn't matter how secure a system is if you compromise the people who maintain it, now the question is what exactly was compromised initially and how was it done?
Now here's a real example from a security audit i did a few months ago... Client had RedHat, Solaris, various cisco devices (routers, firewalls, switches) and an active directory domain with all the wor
How soon before malware makes use of this image feature to embed itself?
A few years ago MS included a feature to keep backups of certain system files and copy them back if they got damaged, lots of malware makes use of this feature to make it harder to remove.
I can see it now, users get into the habit of hitting reset when they get infected, so malware inserts itself into the reset image and users are still screwed.
Support companies, unless you contract out your entire infrastructure to them, won't have a good overview of your setup... Specific support companies are even worse, because they generally only understand their own product and have very limited understanding of anything else it may interact with, in many cases not even for the underlying os their product runs on.
The "issue" here is one of confidence... You have thousands of 16yr old kids and people who "have used a computer at home to play games" who think they're experts and start offering windows support. It's very rare for such people to have even heard of unix, so you don't get useless offerings of unix support.
When it comes to competent support, this is generally available for both platforms, there are usually similar numbers of people available and they generally cost about the same.
In short, useless windows "support" is widely available and cheap while cheap useless unix support is rare... While competent support is available for both, it generally isn't cheap.
If you join an externally facing webserver to a domain you're just asking to get owned... If someone manages to compromise that box, then it becomes very easy for them to use that to take over the whole domain and then you are in serious trouble.
On the other hand, the update facilities on almost any linux distro are far more comprehensive and reliable than what windows provides, plus its easier to remove stuff you dont need (and therefore no longer need to update it).
Apache and nginx are both used for plenty of high traffic websites...
Not so long ago MS were also paying large domain registrars to host their parked sites (ie empty sites, but lots of them) on IIS to artificially inflate the netcraft stats.
The "cost" of production is also artificially inflated by the bloated companies that do so using obsolete models...
The idea of producing CDs centrally and shipping them around in gas guzzling trucks, letting them sit on store shelves for months unsold is ridiculous these days, most people would be satisfied with a digital download and those who want a physical CD could be catered to by stores which keep a catalog of digital files and burn them to CD on demand. Stores could keep far greater varieties of stock in a much smaller space, and you could get a CD with only the songs you wanted on it. You could also provide terminals allowing users to search, select and listen to any song in stock, rather than just the small selection that can be put in the cd changer booths. The costs are not only inflated by this inefficient distribution model, but also by the extortionate profit margins and huge lobbying budgets of the publishers.
Artists would be better served by considering CDs and digital downloads to be promotional material, and then to make their money from live performances. Not only is it not possible to pirate a live performance, but unrestricted distribution of their music in digital form would entice more people to attend the live performances. It would also be far more fair to all involved, the artist would be rewarded for work they were actually doing rather than being able to sit back and collect payments for work they did years ago.
You can get cut down and/or evaluation versions cheaply or for free... You will find that features are missing, or that the license terms only allow for testing/development use etc... This is generally called bait and switch, since you can develop your application cheaply but when you come to actually run it in production you are faced with high costs, and little choice but to pay them since it will almost certainly take significant work to port your application to a different platform.
The full featured products are very expensive, and will have some differences from the free versions that could hinder deployment and ongoing support.
Much better to use a stack which is free from the top down, so you can run the exact same stack from development all the way through to production...
There's also the issue of scaling, software which incurs a per server cost (or worse, per cpu/core) is not going to scale well financially... Software can often cost more than hardware, and if your application becomes popular enough that it needs hundreds of servers to support it then the cost could easily be double what it would have cost just for the hardware.
Surely it would make sense to simply install a linux distro that comes with packages for all the PHP components you want to use? Then it should be as simple as an apt-get or equivalent command, without the hassle of having to compile and resolve dependencies etc...
The contract already locks you in for the duration of its terms, and the carrier is protected here by contract law. There is no reason to add the additional lock-in of a locked handset, and no reason that carriers could not offer unlocked handsets with subsidies.
You don't need locked handsets to do this, existing contract law requires that the consumer uphold their end of the contract, which usually involves paying for mobile service for a minimum period of 12 or 24 months at an inflated cost to cover the subsidy on the handset, or to pay an "early termination fee" which basically amounts to paying for the cost of the handset up in one go anyway.
There are many reasons someone may want unlocked phones, for instance: To use a local simcard when travelling To buy a phone for someone else, eg i know someone in particular who wanted to get a subsidised iphone on contract, give it to her grandson and continue using her old handset with the service for the duration of the contract (she has no use for any advanced features of a phone and cannot afford to purchase an iphone in one go but can easily afford the monthly cost for 2 years)... To sell/pawn (locked phones aren't worth as much)
Legislation which actually benefits consumers instead of large corporations, very good...
Locked cellphones are abusive and totally unnecessary, you already have existing contract laws to ensure that someone continues paying their bill for the duration of the contract term so there's really no reason to try and lock handsets too.
I fully agree with this, if you force kids to take programming classes most of them will HATE the class...
The result of this is that the kids who hate the class will disrupt their peers, so that even the kids who might be interested in programming will be put off either via peer pressure or due to the classroom environment being too unruly.
They do need to teach general IT tho, not programming but the general concepts of performing common tasks such as accessing the internet and typing a letter. What they should not do however, is stick to a single platform or set of apps... Kids should be taught the general concepts, and how they can be applied to different applications.
If you teach specific software, then by the time they leave school that software will be obsolete.. It will be replaced by a newer version, something else or its function may even be entirely obsoleted.
Something else that needs doing, is to provide the kids free access to computers in school... Not restrictive access where they can't do very much, but unrestricted access to machines set up for that purpose with encouragement. Give them unrestricted root access, but have it reset to a standard image each time you reboot it or on request... Or give them unrestricted access to their own VM. Above all, make sure they know they can do what they want, without fear of causing any permanent damage and without fear of punishment.
Many kids in poorer areas don't have access to computers at home, and having access to a restrictive environment that only permits them to use a word processor is not going to drive any interest. There are plenty of people who would have made good programmers, had they had access to learn.
Even those who do have access to a computer at home, may find that it is shared with other family members and therefore are fearful of truly experimenting with it incase they break it and incur anger from the other users.
Kids learn by trying things, but if you punish them for trying then they will not learn anything and just grow resentful.
The countries bordering china are generally not good choices for where you'd route your connectivity... Some of them even use china for connectivity themselves. And the border region with some countries is either very sparsely populated, or filled with mountains that would block your wifi signal.
Why is their policy draconian? Over population is a HUGE problem that needs to be dealt with, can you think of any alternative methods that are less "draconian"?
What you have, is an old but highly profitable business model (selling cameras, and *then* both selling and developing film) becoming obsolete, and replaced with a new business model thats better for consumers - namely just selling digital cameras.
The problem is that these companies became bloated from the huge profits they made selling and developing film, so the profits obtained from selling just the cameras are no longer enough to sustain the business. We're just lucky that they didn't start lobbying to have digital cameras banned, and force people to continue using film in order to protect their profits.
Because many of those with secrets worth protecting tend to be big business themselves (or politicians who started out as businessmen), and therefore are more willing to trust other businessmen who tell them the solution is to buy their expensive black box products...
While most people cannot, or will not read the source code... It only takes one of them to read it and find a backdoor, and then tell the world.
If your really paranoid, you can read the code yourself or find someone you trust to do it for you. Personally i'd much rather trust a friend, or someone who is working explicitly *for me* than a company which has the primary goal of making profit at any expense.
Even if a backdoor is discovered, there's no guarantee that credibility will be lost... A smart backdoor would look like a bug and could easily be explained away as such... Exploitable security holes are commonplace, who's to say some of them weren't originally designed as backdoors?
Nothing has to be understood, you didn't buy the software you are renting it and the license agreement says so... It also says that you have no comeback against the company providing it. If you didn't like those terms, then you shouldn't have accepted them.
Companies exist to make profit, its only logical that they would sell you (a small fry) out to a large government willing to pay a lot more money and open up a potentially huge market to them. This is what companies do, welcome to capitalism.
Speed limits are often higher in europe (70mph in the uk, no limit in some parts of germany etc)... And yet European cars are generally more economical than american ones.
Cars have always been designed to accelerate to speeds higher than the speed limit anyway, if anything some newer cars are so underpowered as to be quite dangerous as they significantly increase the size of gap you require when pulling out.
Better safety equipment and structure is a design goal regardless of the speed limit, a car designed to be safe at 100mph is going to be pretty good at protecting occupants when driving at 30mph.
On the other hand, low speed limits make it much easier to fall asleep at the wheel, 65mph was noisy and uncomfortable 30 years ago, but in todays cars you barely feel it.
If IIS is so great, then why do all the large CDNs use linux then?
It always seems to be the commercial cruft that causes problems... If your not using anything like that, it's much easier but as soon as you add some commercialware to the mix your faced with non standard installers, no central updating, dependency hell etc.
Just like the people who produce advertisements and other kinds of marketing material... How do you think people who produce tv commercials get paid?
This is also perfectly fair, you do some work and get paid. Or do you think that these other people involved in the production of an album should get paid continually for 90+ years without doing any more work?
If your a singer your product is the performance, a recording on CD or played on the radio is marketing material aimed at encouraging people to your performances.
Ridiculous, sure plenty of companies use windows and notice how these are pretty much all non-tech companies, companies where tech is not a core competency is often outsourced and purchasing decisions are typically made by people without a tech background and are often poor choices...
When it comes to applications on a large scale exposed to the hostile internet open source is king, think google, yahoo, facebook, twitter, akamai, amazon, and let not forget the worlds top supercomputers...
The fact is when it comes to organisations who understand technology open source is the more common choice...
Windows gets used in organisations where the decisions are made by people with little or no technical knowledge, who are much easier to fool with fancy marketing.
You talk about migrations, but don't mention what was migrated FROM... Many of these stories of saving money or time with a particular windows install are based on migrating from earlier versions of windows which were even worse... It's easy to make improvements when you start with the worst technology on the market.
Amusing you mention nasdaq, it's well known their core trading system is linux based.. want a citation? http://www.computerworlduk.com/news/open-source/3268210/nasdaq-in-open-source-tech-battle-with-7bn-nyse-bid/ or try google.
Also amusing you mention the london stock exchange, they did have a windows based system and it was often cited in propaganda pieces like yours, infact ms used to advertise it on slashdot. That advertising abruptly stopped about the time the london stock exchange suffered the first of several major outages. Their windows based system was derided by those who used it, it was slow and unreliable and got ripped out.
Have you ever worked at any of these companies? I have first hand experience with several on your list, and i would not hold them up as any kind of positive example... And let's just say that in any security audit, windows is pretty much ALWAYS the weakest link.
Given up on the CIS benchmarks yet? Or have you given up pushing flawed benchmarking tools without ever making any effort to actually understand how they work?
Do you even read the links you post?
London Stock Exchange serving malware:
http://slashdot.org/submission/1484548/London-Stock-Exchange-Web-Site-Serving-Malware [slashdot.org]
Says: The site has NOT been hacked, and there is a big difference. The alert is likely a result of "Malvertising",, a growing method for attackers to distribute malware via advertising tags"
Hacked CAs? You forgot diginotar, who were compromised due to keeping important servers on an active directory domain making them easy pickings... Also the link you posted has no useful information on it, all the reports i've read have stated the compromised systems at multiple CAs were windows, or compromised as a result of compromised windows boxes (ie keylogged admin workstations).
Sites built on Linux, Apache, MySQL and PHP are the favoured targets of phishing attackers"
Do you even understand what phishing is? Here's a hint, it has nothing to do with the platform the site runs on.
Various linux related sites hacked, but have you bothered reading *how* they got hacked? Most of them appear to be due to admins of those systems being compromised, and the hackers then using their access to compromise the servers... It doesn't matter how secure a system is if you compromise the people who maintain it, now the question is what exactly was compromised initially and how was it done?
Now here's a real example from a security audit i did a few months ago...
Client had RedHat, Solaris, various cisco devices (routers, firewalls, switches) and an active directory domain with all the wor
How soon before malware makes use of this image feature to embed itself?
A few years ago MS included a feature to keep backups of certain system files and copy them back if they got damaged, lots of malware makes use of this feature to make it harder to remove.
I can see it now, users get into the habit of hitting reset when they get infected, so malware inserts itself into the reset image and users are still screwed.
Support companies, unless you contract out your entire infrastructure to them, won't have a good overview of your setup...
Specific support companies are even worse, because they generally only understand their own product and have very limited understanding of anything else it may interact with, in many cases not even for the underlying os their product runs on.
The "issue" here is one of confidence...
You have thousands of 16yr old kids and people who "have used a computer at home to play games" who think they're experts and start offering windows support.
It's very rare for such people to have even heard of unix, so you don't get useless offerings of unix support.
When it comes to competent support, this is generally available for both platforms, there are usually similar numbers of people available and they generally cost about the same.
In short, useless windows "support" is widely available and cheap while cheap useless unix support is rare... While competent support is available for both, it generally isn't cheap.
If you join an externally facing webserver to a domain you're just asking to get owned... If someone manages to compromise that box, then it becomes very easy for them to use that to take over the whole domain and then you are in serious trouble.
Also WSUS is known to be flawed, take a network with several hundred boxes, ensure every machine is fully patched according to WSUS, now do a patch audit with something like nessus. http://blog.tenablesecurity.com/2009/07/when-patch-auditing-tools-collide.html#more
On the other hand, the update facilities on almost any linux distro are far more comprehensive and reliable than what windows provides, plus its easier to remove stuff you dont need (and therefore no longer need to update it).
Apache and nginx are both used for plenty of high traffic websites...
Not so long ago MS were also paying large domain registrars to host their parked sites (ie empty sites, but lots of them) on IIS to artificially inflate the netcraft stats.
The "cost" of production is also artificially inflated by the bloated companies that do so using obsolete models...
The idea of producing CDs centrally and shipping them around in gas guzzling trucks, letting them sit on store shelves for months unsold is ridiculous these days, most people would be satisfied with a digital download and those who want a physical CD could be catered to by stores which keep a catalog of digital files and burn them to CD on demand. Stores could keep far greater varieties of stock in a much smaller space, and you could get a CD with only the songs you wanted on it. You could also provide terminals allowing users to search, select and listen to any song in stock, rather than just the small selection that can be put in the cd changer booths.
The costs are not only inflated by this inefficient distribution model, but also by the extortionate profit margins and huge lobbying budgets of the publishers.
Artists would be better served by considering CDs and digital downloads to be promotional material, and then to make their money from live performances.
Not only is it not possible to pirate a live performance, but unrestricted distribution of their music in digital form would entice more people to attend the live performances.
It would also be far more fair to all involved, the artist would be rewarded for work they were actually doing rather than being able to sit back and collect payments for work they did years ago.
You can get cut down and/or evaluation versions cheaply or for free... You will find that features are missing, or that the license terms only allow for testing/development use etc... This is generally called bait and switch, since you can develop your application cheaply but when you come to actually run it in production you are faced with high costs, and little choice but to pay them since it will almost certainly take significant work to port your application to a different platform.
The full featured products are very expensive, and will have some differences from the free versions that could hinder deployment and ongoing support.
Much better to use a stack which is free from the top down, so you can run the exact same stack from development all the way through to production...
There's also the issue of scaling, software which incurs a per server cost (or worse, per cpu/core) is not going to scale well financially... Software can often cost more than hardware, and if your application becomes popular enough that it needs hundreds of servers to support it then the cost could easily be double what it would have cost just for the hardware.
Surely it would make sense to simply install a linux distro that comes with packages for all the PHP components you want to use? Then it should be as simple as an apt-get or equivalent command, without the hassle of having to compile and resolve dependencies etc...
The contract already locks you in for the duration of its terms, and the carrier is protected here by contract law.
There is no reason to add the additional lock-in of a locked handset, and no reason that carriers could not offer unlocked handsets with subsidies.
You don't need locked handsets to do this, existing contract law requires that the consumer uphold their end of the contract, which usually involves paying for mobile service for a minimum period of 12 or 24 months at an inflated cost to cover the subsidy on the handset, or to pay an "early termination fee" which basically amounts to paying for the cost of the handset up in one go anyway.
There are many reasons someone may want unlocked phones, for instance:
To use a local simcard when travelling
To buy a phone for someone else, eg i know someone in particular who wanted to get a subsidised iphone on contract, give it to her grandson and continue using her old handset with the service for the duration of the contract (she has no use for any advanced features of a phone and cannot afford to purchase an iphone in one go but can easily afford the monthly cost for 2 years)...
To sell/pawn (locked phones aren't worth as much)
Legislation which actually benefits consumers instead of large corporations, very good...
Locked cellphones are abusive and totally unnecessary, you already have existing contract laws to ensure that someone continues paying their bill for the duration of the contract term so there's really no reason to try and lock handsets too.
What's more surprising...
The fact MS had so little confidence in their product to only provide 10,000 tokens...
Or that they actually managed to sell 10,000 tokens at all.