There have been cases of long term valet parking services using the cars as rentals, taxis or joyrides too... People have received speeding or parking tickets when they were out of the country.
You can show an auditor that every box *thinks* its patched... But try scanning the boxes using nessus with admin creds, which will actually log in to all the boxes and check the individual files installed by patches rather than looking at the list of "installed" patches... You will OFTEN have systems where a patch is registered as installed, but actually isn't.
It's common for malware or other http tools (eg vulnerability scanners) to pick a user agent that looks like a normal browser, and traditionally most of those used IE... You might also get an IE useragent string by default if using some of the built in microsoft functions for making http requests (which it would make sense for bots to do, reuse functionality already present on the host).
This was true for me too a few years ago, many applications used to insist on IE6 although often it was just an arbitrary check which if overridden (eg by changing user agent) they would work fine.
Now some insist on chrome, while others will work with anything other than IE. I used to keep a VM for IE6 and a copy installed through wine but i've not used it in years now.
Use a third party build of Firefox or Chromium... A few people produce such builds which have all the telemetry stuff either removed or disabled by default. If you're concerned about the binaries these projects provide, grab the source and build it yourself.
No, a company in russian jurisdiction makes and sells that software. Being located within russia means they are beholden to the demands of the russian government. If the russian government demands backdoor access to their software then the company has no choice but to comply unless the company owners want to go to a russian jail.
The US government is rightfully wary of any software or hardware coming from a non trusted source, and should not use it without thorough auditing first. Although this should apply to a *LOT* more than just kaspersky, all manner of hardware and software comes from China, and most commercial software companies even inside the US employ staff who have not been vetted by the US government too.
Of course it also goes the other way, no foreign government should accept anything from the US without being able to thoroughly audit it first either. Various US agencies have been talking about encryption backdoors for a while, and there have been a number of high profile leaks lately.
The US actually exports a lot more software than Russia does, so this will hurt them far more than it will hurt Russia.
That's exactly the point, smaller companies often blindly copy larger ones when they:
1, Have no need for the features used by the larger company. 2, By copying the slow processes of a larger company, lose the agility that comes from being a small one. 3, Don't have the financial or technical resources to use the complex software.
It happens a lot and the post i was replying to was trying to make the same argument, $BIGCORP uses $WHATEVER so it must be good.
In reality $BIGCORP uses $WHATEVER for varying reasons (works for them, locked in etc) and they have the budget and scale to make it work, those reasons may not be relevant to you.
Depends how the bonus scheme is structured and managed... A poorly designed bonus scheme provides no motivation at all, and can even have a negative effect.
Doesn't mean they use it for their day to day corporate use... As i said in the original post, they can have windows machines if there are business requirements for doing so - testing, dev, supporting customers etc would qualify. Anyone else without such requirements has to use something else.
But it's not, because the individual employees you have to deal with won't see any of that money - if the company makes millions they'l get at most a pat on the back. The individuals will be paid the same irrespective of wether they work hard or simply make the minimum possible level of effort.
And for larger companies, the amount you're offering them may simply not be worth it. They would rather deal with larger customers paying them a lot more than you are.
Also in the same vein, many customers are already locked in so they know you'll be giving them the money anyway - why should they expend any extra effort to achieve the same reward? You are already locked in so they will only do the minimum required. Any extra effort is better spent trying to acquire new customers/marks.
There was a story a few years ago about how google banned the use of windows desktops on security grounds. If you needed a windows desktop as a specific requirement of your job (testing, dev etc) you had to be able to justify it.
But it does make quite a statement, the more technically oriented a company is the less likely they are to be using windows.
Many of those users also get by with a given application because it's all they know or all they have access to, but if they got used to something else they may soon get used to and benefit from additional features offered by that software.
Many users actually complain about bugs or deficiencies in software they use on a daily basis, bugs or deficiencies which are not present in other software. People put up with what they're given and get used to the bugs and workarounds required, then will complain if you give them something else because it now has a different set of bugs and workarounds even if its superior on balance.
Software changes... Applications come in and out of fashion, even new versions of the same software change radically between versions.
When we were in school, we were taught wordperfect for dos because "thats what businesses use", by the time we left school there were very few (if any) businesses left using wordperfect or dos. They were using msoffice 95 on windows 95 or nt4, which is still radically different to the versions in use today.
The differences between 2 versions of msoffice or 2 versions of windows can actually be more significant than moving to linux or libreoffice, and the prevalence of people accessing the internet using smartphones and tablets has shown that people don't actually need (specific versions of) windows to do so.
As soon as you become familiar with something, that software will become obsolete and people will be using something else. Teaching specific software is stupid, you need to teach users how to accomplish their goals with a variety of different programs, and how to identify the functionality they require in any software capable of doing it.
People are not incapable of adapting to changes, they just complain about it because they don't like change. Usually they aren't given any choice, and just end up getting on with it.
Being widespread doesn't make something good, people copy each other even when doing something stupid... Also all the examples you give are large companies which is a very important thing to consider...
SAP is a large, expensive system with many hidden costs in addition to the purchase price. You will likely have to buy lots of dependencies, lots of highend hardware, hire many expensive and highly trained staff to manage it and develop custom additions to handle your own business needs. If you have the budget to do this, then it can work well... But many smaller companies go in blindly because they want to copy what these larger companies are doing... They get unrealistic quotes from greedy third party consultancies, or only see the ticket price and don't consider the true cost. They buy the software, but don't buy enough hardware to run it adequately, or don't hire sufficiently competent staff to manage it. Many sales people will blatantly lie to you in order to sign you up for a large purchase, and then completely fail to deliver leaving you locked in with a huge bill and a big mess to clean up. The end result is colossal failure and a big mess, or a system that limps along and still ends up costing a fortune.
A lot of people have a stupid mindset that "company X is huge and successful, if we copy them we will be successful too". Copying a company 100x your size is not a good business plan, if you're a small company you should act like one and play to your strengths. You don't have the economies of scale or huge budget enjoyed by large companies, but you have agility that large companies lack.
Here is your problem, if you want a system to be secure then keep it simple...
And as for the kernel being big and buggy, the vast majority of kernel features are optional - you can compile a minimal kernel to suit your needs and get a more stable, more secure and better performing system.
Yes extra complexity for no real benefit... Debugging becomes more difficult, other things become impractical (in emergencies i've mounted a complete system drive on another host, gone into it with chroot and started services to recover data or run as a temporary measure etc).
Boot time isn't important on a server, servers are typically stable and with reliable power sources so they don't reboot except at scheduled maintenance times, and there are even ways to live patch servers to avoid reboots while keeping them updated.
Also any benefit from a faster boot time is lost if the boot fails and you have to spend a long time trying to debug and fix it.
Well part of what makes these first world countries is the higher standards of living and various employment laws to prevent unscrupulous employers from abusing their employees.
If you paid them for waiting, then you'd need to cap the number of drivers active in any given area, restrict the areas drivers are allowed to wait and force drivers to take jobs on a rota, otherwise you could have drivers just "waiting" and getting paid in the middle of nowhere so they won't get any passengers. Conversely, sparsely populated areas would never get any service because it would be unprofitable to pay someone to wait there.
When i lived in a small village there was a part time taxi driver who usually worked on vehicle maintenance/restorations... Because of the low population he might drive one or two jobs a week and make a few extra pennies, and when doing so he'd temporarily down tools on his other job and return to it when he got back. Sometimes if the passenger went to the nearest town he'd use the opportunity to go shopping. Calling a driver from the nearest town could mean waiting more than an hour for them to arrive, and paying a fare just for them to arrive, plus wherever you wanted to go.
Britain also has fairly low unemployment, lower infact (according to google US is 4.3% and uk is at 4.2%), and the uk has a much more generous welfare system for those who don't want to work.
America is becoming more and more owned by the corporations, but this isn't anything new started by Trump... It's been going on for a long time, and trump is just continuing the process, just like hillary would have done.
It's like any other investment or gambling, some people win and some people lose. If you'd bought yesterday and sold today you'd have made a decent profit, who knows where the price will go tomorrow. It's fun to watch.
I hold a small number of bitcoins, had them for a long time and didn't pay anything for them so i'm waiting to see where the price goes, but even if it crashes i won't make an overall loss.
Slashdot Mirror
There have been cases of long term valet parking services using the cars as rentals, taxis or joyrides too... People have received speeding or parking tickets when they were out of the country.
You can show an auditor that every box *thinks* its patched...
But try scanning the boxes using nessus with admin creds, which will actually log in to all the boxes and check the individual files installed by patches rather than looking at the list of "installed" patches...
You will OFTEN have systems where a patch is registered as installed, but actually isn't.
It's common for malware or other http tools (eg vulnerability scanners) to pick a user agent that looks like a normal browser, and traditionally most of those used IE...
You might also get an IE useragent string by default if using some of the built in microsoft functions for making http requests (which it would make sense for bots to do, reuse functionality already present on the host).
This was true for me too a few years ago, many applications used to insist on IE6 although often it was just an arbitrary check which if overridden (eg by changing user agent) they would work fine.
Now some insist on chrome, while others will work with anything other than IE. I used to keep a VM for IE6 and a copy installed through wine but i've not used it in years now.
Use a third party build of Firefox or Chromium... A few people produce such builds which have all the telemetry stuff either removed or disabled by default. If you're concerned about the binaries these projects provide, grab the source and build it yourself.
You'd think...
Usually when they notice the profits dropping, they blame the wrong thing and implement changes that only make things worse.
No, a company in russian jurisdiction makes and sells that software.
Being located within russia means they are beholden to the demands of the russian government. If the russian government demands backdoor access to their software then the company has no choice but to comply unless the company owners want to go to a russian jail.
The US government is rightfully wary of any software or hardware coming from a non trusted source, and should not use it without thorough auditing first. Although this should apply to a *LOT* more than just kaspersky, all manner of hardware and software comes from China, and most commercial software companies even inside the US employ staff who have not been vetted by the US government too.
Of course it also goes the other way, no foreign government should accept anything from the US without being able to thoroughly audit it first either. Various US agencies have been talking about encryption backdoors for a while, and there have been a number of high profile leaks lately.
The US actually exports a lot more software than Russia does, so this will hurt them far more than it will hurt Russia.
That's exactly the point, smaller companies often blindly copy larger ones when they:
1, Have no need for the features used by the larger company.
2, By copying the slow processes of a larger company, lose the agility that comes from being a small one.
3, Don't have the financial or technical resources to use the complex software.
It happens a lot and the post i was replying to was trying to make the same argument, $BIGCORP uses $WHATEVER so it must be good.
In reality $BIGCORP uses $WHATEVER for varying reasons (works for them, locked in etc) and they have the budget and scale to make it work, those reasons may not be relevant to you.
Depends how the bonus scheme is structured and managed... A poorly designed bonus scheme provides no motivation at all, and can even have a negative effect.
Doesn't mean they use it for their day to day corporate use...
As i said in the original post, they can have windows machines if there are business requirements for doing so - testing, dev, supporting customers etc would qualify. Anyone else without such requirements has to use something else.
Home grown solutions can often be better than established software, but only if properly planned...
But it's not, because the individual employees you have to deal with won't see any of that money - if the company makes millions they'l get at most a pat on the back. The individuals will be paid the same irrespective of wether they work hard or simply make the minimum possible level of effort.
And for larger companies, the amount you're offering them may simply not be worth it. They would rather deal with larger customers paying them a lot more than you are.
Also in the same vein, many customers are already locked in so they know you'll be giving them the money anyway - why should they expend any extra effort to achieve the same reward? You are already locked in so they will only do the minimum required. Any extra effort is better spent trying to acquire new customers/marks.
There was a story a few years ago about how google banned the use of windows desktops on security grounds. If you needed a windows desktop as a specific requirement of your job (testing, dev etc) you had to be able to justify it.
But it does make quite a statement, the more technically oriented a company is the less likely they are to be using windows.
Many of those users also get by with a given application because it's all they know or all they have access to, but if they got used to something else they may soon get used to and benefit from additional features offered by that software.
Many users actually complain about bugs or deficiencies in software they use on a daily basis, bugs or deficiencies which are not present in other software. People put up with what they're given and get used to the bugs and workarounds required, then will complain if you give them something else because it now has a different set of bugs and workarounds even if its superior on balance.
Software changes... Applications come in and out of fashion, even new versions of the same software change radically between versions.
When we were in school, we were taught wordperfect for dos because "thats what businesses use", by the time we left school there were very few (if any) businesses left using wordperfect or dos. They were using msoffice 95 on windows 95 or nt4, which is still radically different to the versions in use today.
The differences between 2 versions of msoffice or 2 versions of windows can actually be more significant than moving to linux or libreoffice, and the prevalence of people accessing the internet using smartphones and tablets has shown that people don't actually need (specific versions of) windows to do so.
As soon as you become familiar with something, that software will become obsolete and people will be using something else. Teaching specific software is stupid, you need to teach users how to accomplish their goals with a variety of different programs, and how to identify the functionality they require in any software capable of doing it.
People are not incapable of adapting to changes, they just complain about it because they don't like change. Usually they aren't given any choice, and just end up getting on with it.
Being widespread doesn't make something good, people copy each other even when doing something stupid... Also all the examples you give are large companies which is a very important thing to consider...
SAP is a large, expensive system with many hidden costs in addition to the purchase price. You will likely have to buy lots of dependencies, lots of highend hardware, hire many expensive and highly trained staff to manage it and develop custom additions to handle your own business needs.
If you have the budget to do this, then it can work well... But many smaller companies go in blindly because they want to copy what these larger companies are doing... They get unrealistic quotes from greedy third party consultancies, or only see the ticket price and don't consider the true cost. They buy the software, but don't buy enough hardware to run it adequately, or don't hire sufficiently competent staff to manage it.
Many sales people will blatantly lie to you in order to sign you up for a large purchase, and then completely fail to deliver leaving you locked in with a huge bill and a big mess to clean up.
The end result is colossal failure and a big mess, or a system that limps along and still ends up costing a fortune.
A lot of people have a stupid mindset that "company X is huge and successful, if we copy them we will be successful too".
Copying a company 100x your size is not a good business plan, if you're a small company you should act like one and play to your strengths. You don't have the economies of scale or huge budget enjoyed by large companies, but you have agility that large companies lack.
"A complex system"
Here is your problem, if you want a system to be secure then keep it simple...
And as for the kernel being big and buggy, the vast majority of kernel features are optional - you can compile a minimal kernel to suit your needs and get a more stable, more secure and better performing system.
Yes extra complexity for no real benefit... Debugging becomes more difficult, other things become impractical (in emergencies i've mounted a complete system drive on another host, gone into it with chroot and started services to recover data or run as a temporary measure etc).
Boot time isn't important on a server, servers are typically stable and with reliable power sources so they don't reboot except at scheduled maintenance times, and there are even ways to live patch servers to avoid reboots while keeping them updated.
Also any benefit from a faster boot time is lost if the boot fails and you have to spend a long time trying to debug and fix it.
Well part of what makes these first world countries is the higher standards of living and various employment laws to prevent unscrupulous employers from abusing their employees.
If you paid them for waiting, then you'd need to cap the number of drivers active in any given area, restrict the areas drivers are allowed to wait and force drivers to take jobs on a rota, otherwise you could have drivers just "waiting" and getting paid in the middle of nowhere so they won't get any passengers.
Conversely, sparsely populated areas would never get any service because it would be unprofitable to pay someone to wait there.
When i lived in a small village there was a part time taxi driver who usually worked on vehicle maintenance/restorations... Because of the low population he might drive one or two jobs a week and make a few extra pennies, and when doing so he'd temporarily down tools on his other job and return to it when he got back. Sometimes if the passenger went to the nearest town he'd use the opportunity to go shopping.
Calling a driver from the nearest town could mean waiting more than an hour for them to arrive, and paying a fare just for them to arrive, plus wherever you wanted to go.
Britain also has fairly low unemployment, lower infact (according to google US is 4.3% and uk is at 4.2%), and the uk has a much more generous welfare system for those who don't want to work.
America is becoming more and more owned by the corporations, but this isn't anything new started by Trump... It's been going on for a long time, and trump is just continuing the process, just like hillary would have done.
It's too onerous to explain the fees, but not too onerous to charge them? How ridiculous is that?
If it crashes before then, buy in at the crash price... Being traded on NASDAQ will add legitimacy to bitcoin and likely cause another bubble.
It's like any other investment or gambling, some people win and some people lose.
If you'd bought yesterday and sold today you'd have made a decent profit, who knows where the price will go tomorrow. It's fun to watch.
I hold a small number of bitcoins, had them for a long time and didn't pay anything for them so i'm waiting to see where the price goes, but even if it crashes i won't make an overall loss.