The difference is that iphone/ipad are proprietary client devices, which access data in an open standard...
I'm sure your television is a proprietary device too, you can't install software on it, you don't know how it's put together, but it takes standardised inputs and displays them to you. There is nothing stopping you from building your own device to interpret and display the various types of TV signals. And you are still free to buy any type of TV you want.
You don't have to buy an iphone, you can use a multitude of other devices which support HTML... If you do buy one, you know up front what artificial limitations the device has. Apple do not have enough market share in the mobile space to have undue influence over other suppliers so there are still plenty of other phones you can buy which don't have such limitations.
Flash is a proprietary data format that only has a single client available, if adobe choose not to produce a client for your device of choice then you are locked out of the content. If the client they provide sucks then you have no way to improve it or replace it with a better one...The biggest selling point of the first iphone was that it had a far superior browser to any other comparable device, apple would not have been free to do this with something proprietary like flash.
Adobe should open up their flash player, relax the licensing terms on the format spec and open source their client, make the spec an open standard and release compliance tests for implementations. Let Apple write their own flash player which addresses their concerns, let browser makers implement it directly into the browser... Ensure flash is available on *everything*, just like HTML is... Otherwise i just see flash gradually being forced out by html5 and silverlight.
I've encountered plenty of corporates which keep a box of floppies around, primarily to bootstrap windows (prior to 2008/vista you had to load storage drivers from floppy if they werent in the default install) and to perform bios updates...
Also at least one place includes floppies in their monthly stationary orders, even tho noone has used them in years. Someone who works there was telling me how he has to throw out all the unused floppies to stop them filling up the stores.
At some point, the cost of maintaining IE6 will start to outweigh the cost of replacing it... Hopefully when replacing it they will have wised up and follow standards when building the replacements so they don't just experience the same problem again in a few years time.
Spec up the job properly so that they must be able to demonstrate that the app complies with appropriate standards, and demonstrate compatibility with browsers from multiple vendors on multiple platforms. Developing properly now will save you a LOT of problems/costs in the future and give you far more flexibility - eg to use smartphones, tablets etc should you want to.
What needs to happen, is for the clients of such places to wake up and treat IT like they would any other aspect of their business... Anywhere else, things like second sources are demanded and considered to be essential requirements...
So why is it that it's considered acceptable to use software that depends on a proprietary client available only from one supplier that only runs on one platform which is also only available from a single supplier? Doing the same for anything else would be considered gross negligence.
MS screwed them by giving them a product which was intentionally designed to be incompatible with anything else and hard to clone...
But the users of it screwed themselves by buying into that and designing apps in such a way that they locked themselves in. If you get yourself tied to a proprietary product from a single supplier with no compatible alternatives or exit strategy then you have been irresponsible and negligent with your business. No business users should ever buy into something that doesn't have at least a second source and compatible drop in replacements.
Why are you browsing from a VM like that anyway? If those machines exist so you can test your products in antiquated browsers, don't use them for anything else...
* The battery life is poor as you state, made worse by the non removable battery which means i have to walk around with a charger and an external (bulky) battery pack... One day of life is enough for most people tho, they just plug it in when they go to bed. * Fully agreed about the compatibility with ipod connectors, i had to replace my in-car charger which worked with the first gen iphone because it no longer charges the 3GS. * you only lose the ability to reboot on later 3GS models, i have an earlier 3GS and it can reboot just fine. * can't say my 3GS has crashed at all that i can recollect, it is also jailbroken which in theory will make it more likely to crash. * you can sync the address book and calendar over the network using activesync (proprietary microsoft protocol but open implementations such as z-push do exist) or caldav/ldap (standard protocols) - this option was only introduced with the 3.x software i think. this is far more open than a blackberry which requires their proprietary server to sync with - i have no experience of other phone types. * the app store is full of garbage, there is plenty of garbage software available for virtually every platform that lets you install additional software. * i haven't broken the screen on my phone, and i've dropped it plenty of times and don't exactly treat it with care... it seems tougher than the plastic screens on most other phones i've used. * i have voip apps on my iphone, and they work fine over both 3g and wifi...
Depends on the packet size, some of these cards will handle wire rate when transferring large packets, but if you flood them with small packets they fall over pretty quickly. Some nics are better than others and obviously a faster bus helps somewhat too.
Incidentally, i used to do 100mbit natting on a 233mhz p2 a few years ago, the fact you see 40% cpu usage on a p4 is down to your horrendous choice of nics. My p233 could handle 100mbit of normal traffic, but would keel over at about 19mbit of small packets if i remember.
What's the point of keeping services running and listening on the network, but firewalled so nothing can reach them? Does that not strike anyone else as stupid? Surely it makes more sense to simply not have those services running at all... Firewalls are for when you need to keep a service running, but you want to limit where you can connect to it from.
It is generally accepted practice that windows systems _require_ av, wether it does much good or not is highly debatable (i do a lot of incident response work - ie identifying the source of a breakin, and every system that i get to investigate has some kind of av installed slowing it down)... Infact, i have often had people complain about linux or mac systems without av installed. It's very hard to fight against "standard practices" even when those practices are blatantly flawed.
Ideally such devices wouldn't be running windows at al.
If not automatic discovery, perhaps a log parser so that you can see what was denied and selectively open it up... Or run it in allow all but log mode and build a profile of the legit traffic before you enable filtering to block anything else.
The Cisco GUI should run anywhere that has java (which is most platforms these days), whereas the checkpoint gui used to run only on solaris/sparc and now runs only on windows/x86. I try to avoid anything that has a proprietary client, doubly so if that client is required and there is no standardised fallback. I want to be able to admin every device using platform agnostic tools - ssh, serial, http(s), maybe vnc at a push, and there should always be a cli available so you can script and automate things (eg backups of configs with tools such as rancid).
And what if you tunnel traffic over SSL over port 443? Wouldn't such traffic be indistinguishable from HTTPS traffic, or do they go based on typical use - ie https traffic is usually small request followed by big reply and traffic not like that is likely to be something else.
On a home environment it does a lot - it blocks the default windows ports which are not easy for the user to disable... On a unix environment you're right, it's easier to simply turn the unnecessary services off and a firewall simply adds an additional attack vector, latency or failure point.
Some VPN setups are horrendous, especially these "ssl vpn" things, which require you to run a browser as a privileged user and allow it to arbitrary privileged code on your machine - modifying kernel settings or loading modules in some cases.
Unfortunately, 90% of corporate networks seem to treat the external firewalls as the *only* line of defence... Once you get behind it, however you do that, the inside is pretty trivial to compromise very thoroughly.
Quite often you see content filters on email/web traffic (another perimeter only defence), but these systems typically work on a blacklisting approach so there are always ways around...
I work as a security tester and incident response (ie identifying what happened after something got compromised), and every network i test is based on the egg model - hard outside, squishy inside... And every machine i encounter which has been compromised has some kind of av installed, and usually gets infected *through* some kind of content filtering device. The most amusing part is that every single piece of malware i've found on client machines was detectable by some av products, just not by the specific one in use - and companies typically use the same av on both their content filters and the individual workstations.
The difference is that iphone/ipad are proprietary client devices, which access data in an open standard...
I'm sure your television is a proprietary device too, you can't install software on it, you don't know how it's put together, but it takes standardised inputs and displays them to you. There is nothing stopping you from building your own device to interpret and display the various types of TV signals. And you are still free to buy any type of TV you want.
You don't have to buy an iphone, you can use a multitude of other devices which support HTML... If you do buy one, you know up front what artificial limitations the device has. Apple do not have enough market share in the mobile space to have undue influence over other suppliers so there are still plenty of other phones you can buy which don't have such limitations.
Flash is a proprietary data format that only has a single client available, if adobe choose not to produce a client for your device of choice then you are locked out of the content. If the client they provide sucks then you have no way to improve it or replace it with a better one...The biggest selling point of the first iphone was that it had a far superior browser to any other comparable device, apple would not have been free to do this with something proprietary like flash.
Adobe should open up their flash player, relax the licensing terms on the format spec and open source their client, make the spec an open standard and release compliance tests for implementations. Let Apple write their own flash player which addresses their concerns, let browser makers implement it directly into the browser... Ensure flash is available on *everything*, just like HTML is... Otherwise i just see flash gradually being forced out by html5 and silverlight.
Do you get extra credit for working out that piracy provides the best price?
Have you checked recently to see if those floppies are even still readable?
You might be able to run 40 usb tape drives at once, but how would you keep them loaded with fresh disks quickly enough?
I've encountered plenty of corporates which keep a box of floppies around, primarily to bootstrap windows (prior to 2008/vista you had to load storage drivers from floppy if they werent in the default install) and to perform bios updates...
Also at least one place includes floppies in their monthly stationary orders, even tho noone has used them in years. Someone who works there was telling me how he has to throw out all the unused floppies to stop them filling up the stores.
Or you could go the unofficial route and play these games online using xlink kai (http://www.teamxlink.co.uk/)...
Pity they clamped down on this with the 360, so once support for the 360 is turned off users will be screwed.
At some point, the cost of maintaining IE6 will start to outweigh the cost of replacing it... Hopefully when replacing it they will have wised up and follow standards when building the replacements so they don't just experience the same problem again in a few years time.
Spec up the job properly so that they must be able to demonstrate that the app complies with appropriate standards, and demonstrate compatibility with browsers from multiple vendors on multiple platforms. Developing properly now will save you a LOT of problems/costs in the future and give you far more flexibility - eg to use smartphones, tablets etc should you want to.
What needs to happen, is for the clients of such places to wake up and treat IT like they would any other aspect of their business...
Anywhere else, things like second sources are demanded and considered to be essential requirements...
So why is it that it's considered acceptable to use software that depends on a proprietary client available only from one supplier that only runs on one platform which is also only available from a single supplier? Doing the same for anything else would be considered gross negligence.
MS screwed them by giving them a product which was intentionally designed to be incompatible with anything else and hard to clone...
But the users of it screwed themselves by buying into that and designing apps in such a way that they locked themselves in.
If you get yourself tied to a proprietary product from a single supplier with no compatible alternatives or exit strategy then you have been irresponsible and negligent with your business. No business users should ever buy into something that doesn't have at least a second source and compatible drop in replacements.
Why are you browsing from a VM like that anyway?
If those machines exist so you can test your products in antiquated browsers, don't use them for anything else...
If you got your iphone from o2 in the uk, then unlocking is a simple matter of going to http://shop.o2.co.uk/update/unlockmyiphone.html and entering your details...
* The battery life is poor as you state, made worse by the non removable battery which means i have to walk around with a charger and an external (bulky) battery pack... One day of life is enough for most people tho, they just plug it in when they go to bed.
* Fully agreed about the compatibility with ipod connectors, i had to replace my in-car charger which worked with the first gen iphone because it no longer charges the 3GS.
* you only lose the ability to reboot on later 3GS models, i have an earlier 3GS and it can reboot just fine.
* can't say my 3GS has crashed at all that i can recollect, it is also jailbroken which in theory will make it more likely to crash.
* you can sync the address book and calendar over the network using activesync (proprietary microsoft protocol but open implementations such as z-push do exist) or caldav/ldap (standard protocols) - this option was only introduced with the 3.x software i think. this is far more open than a blackberry which requires their proprietary server to sync with - i have no experience of other phone types.
* the app store is full of garbage, there is plenty of garbage software available for virtually every platform that lets you install additional software.
* i haven't broken the screen on my phone, and i've dropped it plenty of times and don't exactly treat it with care... it seems tougher than the plastic screens on most other phones i've used.
* i have voip apps on my iphone, and they work fine over both 3g and wifi...
Depends on the packet size, some of these cards will handle wire rate when transferring large packets, but if you flood them with small packets they fall over pretty quickly. Some nics are better than others and obviously a faster bus helps somewhat too.
Incidentally, i used to do 100mbit natting on a 233mhz p2 a few years ago, the fact you see 40% cpu usage on a p4 is down to your horrendous choice of nics. My p233 could handle 100mbit of normal traffic, but would keel over at about 19mbit of small packets if i remember.
What's most disturbing, is that slashdot doesn't even support ipv6
Most consumer routers do not support ipv6, i had major trouble finding an adsl router which supported ipv6 and eventually had to pay for a cisco.
What's the point of keeping services running and listening on the network, but firewalled so nothing can reach them? Does that not strike anyone else as stupid?
Surely it makes more sense to simply not have those services running at all...
Firewalls are for when you need to keep a service running, but you want to limit where you can connect to it from.
It is generally accepted practice that windows systems _require_ av, wether it does much good or not is highly debatable (i do a lot of incident response work - ie identifying the source of a breakin, and every system that i get to investigate has some kind of av installed slowing it down)... Infact, i have often had people complain about linux or mac systems without av installed. It's very hard to fight against "standard practices" even when those practices are blatantly flawed.
Ideally such devices wouldn't be running windows at al.
You celebrate the 20th of April? Isn't it a bit weird to celebrate the birthday of Adolf Hitler?
http://en.wikipedia.org/wiki/Adolf_hitler
If not automatic discovery, perhaps a log parser so that you can see what was denied and selectively open it up...
Or run it in allow all but log mode and build a profile of the legit traffic before you enable filtering to block anything else.
The Cisco GUI should run anywhere that has java (which is most platforms these days), whereas the checkpoint gui used to run only on solaris/sparc and now runs only on windows/x86.
I try to avoid anything that has a proprietary client, doubly so if that client is required and there is no standardised fallback. I want to be able to admin every device using platform agnostic tools - ssh, serial, http(s), maybe vnc at a push, and there should always be a cli available so you can script and automate things (eg backups of configs with tools such as rancid).
And what if you tunnel traffic over SSL over port 443? Wouldn't such traffic be indistinguishable from HTTPS traffic, or do they go based on typical use - ie https traffic is usually small request followed by big reply and traffic not like that is likely to be something else.
On a home environment it does a lot - it blocks the default windows ports which are not easy for the user to disable...
On a unix environment you're right, it's easier to simply turn the unnecessary services off and a firewall simply adds an additional attack vector, latency or failure point.
Some VPN setups are horrendous, especially these "ssl vpn" things, which require you to run a browser as a privileged user and allow it to arbitrary privileged code on your machine - modifying kernel settings or loading modules in some cases.
Which is why such people either pay someone else to do it for them, or run the risk of an unreliable vehicle.
Unfortunately, 90% of corporate networks seem to treat the external firewalls as the *only* line of defence... Once you get behind it, however you do that, the inside is pretty trivial to compromise very thoroughly.
Quite often you see content filters on email/web traffic (another perimeter only defence), but these systems typically work on a blacklisting approach so there are always ways around...
I work as a security tester and incident response (ie identifying what happened after something got compromised), and every network i test is based on the egg model - hard outside, squishy inside... And every machine i encounter which has been compromised has some kind of av installed, and usually gets infected *through* some kind of content filtering device. The most amusing part is that every single piece of malware i've found on client machines was detectable by some av products, just not by the specific one in use - and companies typically use the same av on both their content filters and the individual workstations.