Linux however, has long been a big contender on the server... The difference however, is that a linux server typically has a completely different set of packages installed, whereas a windows "server" (and i use the term loosely) basically is a desktop with a few extra background processes.
Did they lose money to the flashcarts? I know several people with DS units, all of them have flashcarts and bought the DS specifically because of the convenience offered by a flashcart. In fact, of these people i doubt any of them would have bought a DS if it weren't for the ability to load a large number of games onto a single portable unit, without the hassle of carrying around a big stack of tiny cards that are easy to lose. Considering nintendo make a profit on every DS sold, they have actually benefitted from such people.
I certainly wouldn't have bought a DS if i would have been forced to carry round a load of carts in addition to the unit itself.
Yes, someone badly needs to create a simple replacement for skype...
Something simple for users to install and run, no need to mess with firewall rules etc...
Perhaps a cross between jabber/xmpp and sip... Online communication is performed like email, where anyone can run their own server for a given domain and users have a choice of providers they can sign up to. Bridging to regular phones on the other hand, you can select from any one of many SIP providers to route inbound and outbound calls for you... Choose the one that provides the best and cheapest service, and choose independently of your online address.
Make a simple installer that makes it easy for users to choose their providers, perhaps ask a few simple questions like "what destinations do you want to call" and then choose the provider with the cheapest calls to the destinations the user calls.
If your having trouble managing a large screen, its usually because your using a window manager which isn't designed for that use case...
I find that multiple workspaces work better than multiple monitors for most of the things i do, also keeping track of the workspaces isnt hard once you're used to using them.
Most of that is down to the clunkiness of the alt-tab method of switching applications...
I have multiple workspaces/desktops configured with sets of related applications laid out within then, and a simple keypress of alt+number takes me directly to a given workspace where i know exactly what to find... Similar to having multiple screens in a way, only having 10 physical screens would cause you far more neck strain than 10 virtual ones.
If i had to use something as crude as alt-tab to switch between the 50+ things i have open at any one time, i can see just how unproductive that would make me too.
Same for me, i don't get much benefit from multiple monitors and would much rather have a single high resolution one, and virtual desktops are an absolute necessity i couldn't live without.
Those claims are not lies, they are simply misleading...
Saying they "protect" your files may refer to the undeletion and history feature.
Similarly, they do encrypt your files with AES256, what they neglect to tell you is where the key to that encryption is stored. There are all kinds of security standards out there which require encryption too, but don't make any constraints about how the keys should be handled etc.
Save money on software (use free software, or even resort to piracy)...
Don't scrimp on hardware, unlike software, hardware still generally follows the "you get what you pay for" rule - if you buy cheap hardware, chances are the manufacturer will have cut corners in some way. The only real exception to this, is big name brands like Apple where the brand itself will carry its own markup (although the hardware usually is pretty decent quality too).
But the point is, you shouldn't have to jump through hoops to remove DRM, it simply shouldn't have been there in the first place. The fact you can remove it just proves how utterly useless it is, since if you can remove it then any serious pirate obviously could too... The only people inconvenienced are average customers with little or no technical skill.
3, Sonicwall is not a good example... Take a read of : http://isc.sans.edu/diary.html?storyid=5419 and several more examples can be found via google, basically sonicwall see fit to disable functionality of their products if they believe your firewall to not be correctly licensed, even when that belief is based on buggy code... Any protection provided by a sonicwall device is liable to get disabled next time they have a license server failure, leaving your organisation open to attack. Do you really want to trust a vendor that is willing to screw you on suspicion that your license is invalid? At the very least, if a device believes itself to be unlicensed it should just warn the users... it should never automatically open up the user to attack! that's totally irresponsible.
1/2/4 - most organisations already do this, it doesnt generally help much and these places still get owned...
2, its extremely hard to secure an active directory domain... because of how the system is designed, you typically only need a single weakness to get in.. look at how organisations like rsa or google were hacked, starting from a single unimportant workstation. If you have lots of machines, then you probably don't have budget to ensure that every piece of software on every machine is up to date and appropriately configured, and that every user is appropriately educated and that there are no unprotected network ports etc...
5, run wsus across a few hundred workstations, ensure it believes everything is up to date... Now, run an authenticated scan with nessus across those workstations... You will typically find that some machines are still missing updates, and that in many cases windows thinks an update has been applied but some or all of the files installed by the update are not there. If you find issues like this, you can manually compare the versions of the files on the system with the versions that should be installed by the patch (most ms knowledgebase articles list the file versions).
You make a point on moving away from IE6, but you forget the most important aspect - MAKE SURE A SITUATION LIKE THIS NEVER HAPPENS AGAIN! - and that means ensuring that any new applications you deploy are standards compliant and cross platform, so you won't find yourself tied to any insecure proprietary crap again in the future.
If you're running as a non-admin with UAC and firewall on, win7 is as secure as anything else.
No, you're not...
You still have no trusted repository to install software from, and thus must run unnecessary risk when installing anything... You are still running potentially exploitable services, and just hiding them behind the firewall - if noone needs to access them, why do they need to run at all? You are still using an OS that determines if files can be executed based on filename, increasing the risk of accidental execution. You still have no central mechanism to update non MS software, increasing the risk of such software being exploited. And there are many more examples of poor security choices in windows...
Incidentally, OSX is indeed targeted by trojans... Google for "mac defender" for one such example.
The problem is that any single platform has 85-90% of market share...
Look at browser attacks for a good example...
5 years ago, IE6 had 90% marketshare, and attacks against the browser were extremely common... Now, browser marketshare is split between several browsers, so now there are far less attacks targeting browsers and far more targeting other things such as browser plugins (flash/pdf) which are still on 90% of machines and exploitable in the same way regardless of what browser is being used.
Any software which is present on too high a percentage of machines will become a target for malware, so the solution is to ensure that the market is split between multiple different competitors. Another useful effect of this is that you can switch quickly if your primary vendor has yet to patch a serious vulnerability which people are actively exploiting.
To use a car analogy... Just because "Car manufacturer M" supplies cars which don't have brakes by default, doesn't mean that those who drive cars made by "Car manufacturer L" should remove their brakes.
Most remote exploits against linux target software that a workstation is unlikely to have installed, windows listens on many more services remotely by default - even on a workstation, and those services are extremely complex providing plenty of scope for more exploits to be found.
A Linux distro comes with far more software by default than windows, therefore while there is increased risk of exploits being found in the default install, the reality is that you are either not using (and should have removed) the default software, or are using it and would have manually installed an equivalent on windows anyway.
As for downloading codecs and such, Linux distros typically ship with repositories full of software, and users are encouraged to look here when they want to install something, and as such the risks of malware being installed this way are massively lower.
Which is why the average user is actually much better off inside of a walled garden...
Most car drivers never open the hood, most users of consumer electronics never open them up... You present end users with a simplified system, and leave it to qualified people to deal with anything more complicated. Computers as they are today are simply unsuitable for end users.
It's a shame this tablet seems so half-assed.. Is it possible to wipe it and install Android 3.x on it? Or are they planning to upgrade to android 3 with a future update?
Some of their kids shows actually make you think someone has slipped you some LSD without you realising... Teletubbies, "in the night garden", and waybulloo among others...
Wrestling is not even sci-fi, i don't see whats its doing on such a channel...
A lot of people, especially geeks are downloading shows to watch instead of watching them on tv... And this will obviously be more of a problem for sci-fi, as such programs target geeks...
If the networks would offer drm-free high quality downloads then people would use them, most people would even tollerate the commercials (although the torrent versions do have commercials stripped) so long as the video is high quality, drm free and can be downloaded easily. Similarly, if dvr boxes with such facilities (eg dreambox, mythtv etc) were more widely available where you can download the video off the box in a standard format, instead of the crippled boxes which keep the video in proprietary formats or locked onto their own boxes.
When most of these shows are shown on tv, i'm not at home or need to be doing something else... When i do have free time i'm often on a train or waiting somewhere. I usually watch shows on my laptop, or possibly my phone and often have to download them in advance since i wont have connectivity when i watch them.
I use Zarafa and the Activesync support is pretty good (a couple of nexus ones and iphones connected to it)... Although Zimbra has a much better web interface than Zarafa.
Zarafa uses z-push for activesync support, and i believe there is a plugin letting you use z-push with zimbra, which means you can use the free version of zimbra instead of paying extra for the mobile support. I use the free zarafa, activesync support is provided free but support for outlook clients or blackberry devices costs.
Apple have set up *new* platforms where the app store is the only option... MS have also done exactly the same, windows phone 7 is a new platform and it exclusively uses their app store for loading apps... Blackberry was an existing platform, so it already had other methods to load apps...
Google are the only ones who introduced a new platform that does include the ability to load software from other sources.
And it was Linux distributions that first had the idea, and yet it was never promoted so the general public didn't realise it existed... Instead, you had people complaining that users wouldn't like linux because they can't buy software for it in retail stores...
For the average end user, the walled garden approach is actually better, it ensures the software comes from a trusted source... The hassle of having to manually find software, download it running the risk of malware and then run an installer is not something average users should have to deal with. And let's not forget that the idea of a central repository of software is not a new one, Linux and BSD have been doing it for years.
I have no issues with Apple providing the app store as the default method of installing software, so long as they continue to offer a method for more advanced users to do their own thing (and i can't see why they wouldn't, since where would people develop apps if OSX were as locked down as iOS?).
Linux however, has long been a big contender on the server... The difference however, is that a linux server typically has a completely different set of packages installed, whereas a windows "server" (and i use the term loosely) basically is a desktop with a few extra background processes.
Did they lose money to the flashcarts?
I know several people with DS units, all of them have flashcarts and bought the DS specifically because of the convenience offered by a flashcart. In fact, of these people i doubt any of them would have bought a DS if it weren't for the ability to load a large number of games onto a single portable unit, without the hassle of carrying around a big stack of tiny cards that are easy to lose.
Considering nintendo make a profit on every DS sold, they have actually benefitted from such people.
I certainly wouldn't have bought a DS if i would have been forced to carry round a load of carts in addition to the unit itself.
Yes, someone badly needs to create a simple replacement for skype...
Something simple for users to install and run, no need to mess with firewall rules etc...
Perhaps a cross between jabber/xmpp and sip...
Online communication is performed like email, where anyone can run their own server for a given domain and users have a choice of providers they can sign up to.
Bridging to regular phones on the other hand, you can select from any one of many SIP providers to route inbound and outbound calls for you... Choose the one that provides the best and cheapest service, and choose independently of your online address.
Make a simple installer that makes it easy for users to choose their providers, perhaps ask a few simple questions like "what destinations do you want to call" and then choose the provider with the cheapest calls to the destinations the user calls.
If your having trouble managing a large screen, its usually because your using a window manager which isn't designed for that use case...
I find that multiple workspaces work better than multiple monitors for most of the things i do, also keeping track of the workspaces isnt hard once you're used to using them.
Most of that is down to the clunkiness of the alt-tab method of switching applications...
I have multiple workspaces/desktops configured with sets of related applications laid out within then, and a simple keypress of alt+number takes me directly to a given workspace where i know exactly what to find...
Similar to having multiple screens in a way, only having 10 physical screens would cause you far more neck strain than 10 virtual ones.
If i had to use something as crude as alt-tab to switch between the 50+ things i have open at any one time, i can see just how unproductive that would make me too.
Same for me, i don't get much benefit from multiple monitors and would much rather have a single high resolution one, and virtual desktops are an absolute necessity i couldn't live without.
Those claims are not lies, they are simply misleading...
Saying they "protect" your files may refer to the undeletion and history feature.
Similarly, they do encrypt your files with AES256, what they neglect to tell you is where the key to that encryption is stored.
There are all kinds of security standards out there which require encryption too, but don't make any constraints about how the keys should be handled etc.
Save money on software (use free software, or even resort to piracy)...
Don't scrimp on hardware, unlike software, hardware still generally follows the "you get what you pay for" rule - if you buy cheap hardware, chances are the manufacturer will have cut corners in some way. The only real exception to this, is big name brands like Apple where the brand itself will carry its own markup (although the hardware usually is pretty decent quality too).
But the point is, you shouldn't have to jump through hoops to remove DRM, it simply shouldn't have been there in the first place. The fact you can remove it just proves how utterly useless it is, since if you can remove it then any serious pirate obviously could too... The only people inconvenienced are average customers with little or no technical skill.
3, Sonicwall is not a good example... Take a read of :
http://isc.sans.edu/diary.html?storyid=5419
and several more examples can be found via google, basically sonicwall see fit to disable functionality of their products if they believe your firewall to not be correctly licensed, even when that belief is based on buggy code...
Any protection provided by a sonicwall device is liable to get disabled next time they have a license server failure, leaving your organisation open to attack. Do you really want to trust a vendor that is willing to screw you on suspicion that your license is invalid?
At the very least, if a device believes itself to be unlicensed it should just warn the users... it should never automatically open up the user to attack! that's totally irresponsible.
1/2/4 - most organisations already do this, it doesnt generally help much and these places still get owned...
2, its extremely hard to secure an active directory domain... because of how the system is designed, you typically only need a single weakness to get in.. look at how organisations like rsa or google were hacked, starting from a single unimportant workstation.
If you have lots of machines, then you probably don't have budget to ensure that every piece of software on every machine is up to date and appropriately configured, and that every user is appropriately educated and that there are no unprotected network ports etc...
5, run wsus across a few hundred workstations, ensure it believes everything is up to date...
Now, run an authenticated scan with nessus across those workstations... You will typically find that some machines are still missing updates, and that in many cases windows thinks an update has been applied but some or all of the files installed by the update are not there. If you find issues like this, you can manually compare the versions of the files on the system with the versions that should be installed by the patch (most ms knowledgebase articles list the file versions).
You make a point on moving away from IE6, but you forget the most important aspect - MAKE SURE A SITUATION LIKE THIS NEVER HAPPENS AGAIN! - and that means ensuring that any new applications you deploy are standards compliant and cross platform, so you won't find yourself tied to any insecure proprietary crap again in the future.
If you're running as a non-admin with UAC and firewall on, win7 is as secure as anything else.
No, you're not...
You still have no trusted repository to install software from, and thus must run unnecessary risk when installing anything...
You are still running potentially exploitable services, and just hiding them behind the firewall - if noone needs to access them, why do they need to run at all?
You are still using an OS that determines if files can be executed based on filename, increasing the risk of accidental execution.
You still have no central mechanism to update non MS software, increasing the risk of such software being exploited.
And there are many more examples of poor security choices in windows...
Incidentally, OSX is indeed targeted by trojans... Google for "mac defender" for one such example.
The problem is that any single platform has 85-90% of market share...
Look at browser attacks for a good example...
5 years ago, IE6 had 90% marketshare, and attacks against the browser were extremely common...
Now, browser marketshare is split between several browsers, so now there are far less attacks targeting browsers and far more targeting other things such as browser plugins (flash/pdf) which are still on 90% of machines and exploitable in the same way regardless of what browser is being used.
Any software which is present on too high a percentage of machines will become a target for malware, so the solution is to ensure that the market is split between multiple different competitors.
Another useful effect of this is that you can switch quickly if your primary vendor has yet to patch a serious vulnerability which people are actively exploiting.
To use a car analogy...
Just because "Car manufacturer M" supplies cars which don't have brakes by default, doesn't mean that those who drive cars made by "Car manufacturer L" should remove their brakes.
Most remote exploits against linux target software that a workstation is unlikely to have installed, windows listens on many more services remotely by default - even on a workstation, and those services are extremely complex providing plenty of scope for more exploits to be found.
A Linux distro comes with far more software by default than windows, therefore while there is increased risk of exploits being found in the default install, the reality is that you are either not using (and should have removed) the default software, or are using it and would have manually installed an equivalent on windows anyway.
As for downloading codecs and such, Linux distros typically ship with repositories full of software, and users are encouraged to look here when they want to install something, and as such the risks of malware being installed this way are massively lower.
Which is why the average user is actually much better off inside of a walled garden...
Most car drivers never open the hood, most users of consumer electronics never open them up... You present end users with a simplified system, and leave it to qualified people to deal with anything more complicated. Computers as they are today are simply unsuitable for end users.
But does it use its own sandbox, or does it use existing sandbox technology present in the underlying OS?
It's a shame this tablet seems so half-assed.. Is it possible to wipe it and install Android 3.x on it? Or are they planning to upgrade to android 3 with a future update?
Some of their kids shows actually make you think someone has slipped you some LSD without you realising... Teletubbies, "in the night garden", and waybulloo among others...
Wrestling is not even sci-fi, i don't see whats its doing on such a channel...
A lot of people, especially geeks are downloading shows to watch instead of watching them on tv... And this will obviously be more of a problem for sci-fi, as such programs target geeks...
If the networks would offer drm-free high quality downloads then people would use them, most people would even tollerate the commercials (although the torrent versions do have commercials stripped) so long as the video is high quality, drm free and can be downloaded easily.
Similarly, if dvr boxes with such facilities (eg dreambox, mythtv etc) were more widely available where you can download the video off the box in a standard format, instead of the crippled boxes which keep the video in proprietary formats or locked onto their own boxes.
When most of these shows are shown on tv, i'm not at home or need to be doing something else... When i do have free time i'm often on a train or waiting somewhere. I usually watch shows on my laptop, or possibly my phone and often have to download them in advance since i wont have connectivity when i watch them.
The 75 million users of PSN are almost all gamers...
If Ubuntu has 200 million users, 95% of them won't have any interest in games.
I use Zarafa and the Activesync support is pretty good (a couple of nexus ones and iphones connected to it)... Although Zimbra has a much better web interface than Zarafa.
Zarafa uses z-push for activesync support, and i believe there is a plugin letting you use z-push with zimbra, which means you can use the free version of zimbra instead of paying extra for the mobile support. I use the free zarafa, activesync support is provided free but support for outlook clients or blackberry devices costs.
How much of a cut do traditional retailers (plus the distribution channels) take?
Apple have set up *new* platforms where the app store is the only option...
MS have also done exactly the same, windows phone 7 is a new platform and it exclusively uses their app store for loading apps...
Blackberry was an existing platform, so it already had other methods to load apps...
Google are the only ones who introduced a new platform that does include the ability to load software from other sources.
And it was Linux distributions that first had the idea, and yet it was never promoted so the general public didn't realise it existed... Instead, you had people complaining that users wouldn't like linux because they can't buy software for it in retail stores...
For the average end user, the walled garden approach is actually better, it ensures the software comes from a trusted source... The hassle of having to manually find software, download it running the risk of malware and then run an installer is not something average users should have to deal with. And let's not forget that the idea of a central repository of software is not a new one, Linux and BSD have been doing it for years.
I have no issues with Apple providing the app store as the default method of installing software, so long as they continue to offer a method for more advanced users to do their own thing (and i can't see why they wouldn't, since where would people develop apps if OSX were as locked down as iOS?).