Those of us that have worked in medium or large networks know how difficult life can be with NAT. It is one thing to have the NAT between your internal network and internet, but something quite different when you have overlapping RFC1918 ranges within your network.
During the past 10 years company I work for has gone through 4 huge mergers and a lot of smaller ones and in every case there have been problem with overlapping address spaces. In those cases you first and foremost goal will be renumbering the conflicting address spaces and quite obviously this wouldn't be necessary if everybody will be using public addresses. During the last merger we renumbered 100k+ workstations, servers and phones.
Google run their public DNS on 8.8.8.8 and 8.8.4.4 so they are being used, this is probably because level 3 provide google with multicast on these addresses.
Everything that wants to SDXC will have to use exFAT. It's part of that standard.
Correct me if I'm wrong, but isn't SDXC defined by SD Association, not by Microsoft. Microsoft is one member of the association, I give you that, but there are several others as well. Unless Microsoft somehow coerced the association to select exFAT, I consider this to be a bad move by the association rather than Microsoft.
The point is that the last implicit rule of the rule set should be DROP ANY. This is the case with PIX, Checkpoint and most of the other firewalls I have seen.
To match the functionality of the current NAT devices, default rule set should
Allow all outbound traffic from Trusted interface to Internet
Allow inbound traffic if it is return packet for connection initiated from Trusted network.
If user then decides to remove all rules, failure mode will be exactly the same (all inbound/outbound packets will be dropped).
Currently most of the users don't set up their NAT (which is usually PAT anyway) and just like others pointed out, REJECT rule could be default like the NAT rule is.
Only difference would be that if these inane users want to allow some remote applications (e.g. Torrent) to establish connection to their computer, they need to be tinkering around with port forwarding and need to dedicate different port for each computer and so on.
Without NAT and using the REJECT by default would allow users to use very similar point-and-click interface for enabling the connections to those computers they desire, much like they do with the port forwarding at the moment, but without a need to be tinkering around with the port settings on the application side.
Hell, NASA should consider offering one-way trips. They'd have enough volunteers to crash their Web server.
Yeah, but how many of those volunteers would be capable of doing the job? You don't want random nut to fly to Mars just to go bat shit insane and wreck perfectly good experiment.
You might have computers at the receiving end, but the way I read it is they try to come up with a system that doesn't require power (i.e. computers) to encode the data.
I was thinking exactly the same. If it is going to be anything like Zenobia outside of Larnaca, Cyprus, it'll offer quite wide variety of possible dives. Shallow dives at Zenobia are very easy but still give you very good view of the huge wreck. Deep dives around the wreck give you access to the entrances to the wreck and main deck where you can still see cars and trucks suspended in their chains.
As they actually plan to use it as a dive site, I'd assume that they also make sure that it'd be available for those who aren't into technical diving.
Think of that Canadian pilot whom invented a way to put a jetliner in a slip to lose altitude to land at an abandoned military field when the plane ran out of gas because of metric/imperial issues.
I take that as an reference to Gimli Glider, a story that anybody interested about aviation should read. Another good example of having a human in the loop was 2003 shootdown in Baghdad.
A big part should be disallowing judges or anyone having to do with law enforcement from affiliating with political parties. [...] A political party does a lot in the way of telling people who operate under their banner to behave.
Membership card isn't really a magical mind control device that allows you to manipulate the actions of the party member.
Do you also think that racism will disappear as soon as you outlaw KKK?
If I get a new battery I'd want to know how far it'll take me.
If I know what I need to drive 100 miles during the day I don't want to go to battery swap station just to find out that the battery I just got will get me 20 miles. It'd be even worse if you can't reliably tell in advance for how long the battery will last. Would you like to head out to the country side with battery like that?
Sure, would have gas as a backup, but you'd couldn't really count on the battery to boost your mileage at all.
Case in point, a game I just bought online, 3 bucks to ship it, its 4 gigs in size on a DVD, why should it cost me more to download it, than to have someone pack it, carry it 750 miles, transfer it by hand onto 3 different trucks and walk it to my doorstep?
How long did it take for you to receive the said 4 gigs by mail? What was the throughput in kbps? Would you be happy with internet connection that had similar download times?
Simple changes require simple training. It doesn't always have to be 5 days workshop and in many cases it doesn't need to be done in person for every users.
Most simple form of training is informing the users about the changes. Way too often we think that users should be able to pick the changes on the fly and there is no reason to "train" the users; they should be smart enough.
I consider myself to be fairly competent when it comes to IT and am absolutely sure that I could figure out any changes thrown at me, but quite often I don't want to. I mean, why should I figure all the changes as I use the system and spend hours and hours of cumulative time trying to understand what has changed and how? More often than not, that would be waste of time. Quick 30min or 1 hour training could easily save hours for the people who would otherwise figure out the changes on their own. I find that pretty counter productive.
I'd suggest that everybody makes training as part of the change management process. One of the key things to remember is to keep it simple so that it doesn't waste everybody's time. Smart users need less training. If the guy in warehouse uses computer once a week, then the training needs to be completely different level. If you perform a simple change then training doesn't need to be all that complex, either.
OP was working in management, not as techie. One of the key tasks of IT management is to be on the same page with rest of the management team. It's their job to make sure that everybody understands the ideas proposed by the IT department. Way too often techies come up with excellent ideas which they can't pitch to the business side.
In the same way as marketing staff doesn't really "get" IT, IT staff doesn't understand what's going on in marketing. Both sides probably see each other as completely irrational and defying logic.
IT management needs to be able to argue their point clearly so that the intended audience can understand it and escalate the problems, if needed.
Slashdot Mirror
Those of us that have worked in medium or large networks know how difficult life can be with NAT. It is one thing to have the NAT between your internal network and internet, but something quite different when you have overlapping RFC1918 ranges within your network.
During the past 10 years company I work for has gone through 4 huge mergers and a lot of smaller ones and in every case there have been problem with overlapping address spaces. In those cases you first and foremost goal will be renumbering the conflicting address spaces and quite obviously this wouldn't be necessary if everybody will be using public addresses. During the last merger we renumbered 100k+ workstations, servers and phones.
Google run their public DNS on 8.8.8.8 and 8.8.4.4 so they are being used, this is probably because level 3 provide google with multicast on these addresses.
Anycast, not multicast.
Even though you meant this as a joke, the sad thing is I see that there are lots of people in /. that seriously think that way.
Everything that wants to SDXC will have to use exFAT. It's part of that standard.
Correct me if I'm wrong, but isn't SDXC defined by SD Association, not by Microsoft. Microsoft is one member of the association, I give you that, but there are several others as well. Unless Microsoft somehow coerced the association to select exFAT, I consider this to be a bad move by the association rather than Microsoft.
So true. Here is a site that I always find relevant when discussion veers into this specific incident.
Exactly. There isn't anything inherently evil about GOTO, you just need to make sure you don't misuse it.
I just hate when some people (no, I don't necessarily mean you) think that GOTO is somehow evil by definition and must be avoided at all cost.
GOTOs don't produce bad code, bad programmers do.
There’s CALL
But CALL is equivalent of PUSH/JMP ;)
Does anyone know the altitude that SRB separation occurs?
Around 150000ft (source)
Are we still at the point where we can't get hold of Cell processors for machines specifically designed for this sort of task?
I haven't checked the details yet, but I was told that IBM QS21 is Cell based blade system
- Richard Feynman
Diffie-Hellman key exchange is considered to be secure against eavesdropping but vulnerable to MitM.
To match the functionality of the current NAT devices, default rule set should
If user then decides to remove all rules, failure mode will be exactly the same (all inbound/outbound packets will be dropped).
I think you got this wrong.
Currently most of the users don't set up their NAT (which is usually PAT anyway) and just like others pointed out, REJECT rule could be default like the NAT rule is.
Only difference would be that if these inane users want to allow some remote applications (e.g. Torrent) to establish connection to their computer, they need to be tinkering around with port forwarding and need to dedicate different port for each computer and so on.
Without NAT and using the REJECT by default would allow users to use very similar point-and-click interface for enabling the connections to those computers they desire, much like they do with the port forwarding at the moment, but without a need to be tinkering around with the port settings on the application side.
Hell, NASA should consider offering one-way trips. They'd have enough volunteers to crash their Web server.
Yeah, but how many of those volunteers would be capable of doing the job? You don't want random nut to fly to Mars just to go bat shit insane and wreck perfectly good experiment.
You might have computers at the receiving end, but the way I read it is they try to come up with a system that doesn't require power (i.e. computers) to encode the data.
I was thinking exactly the same. If it is going to be anything like Zenobia outside of Larnaca, Cyprus, it'll offer quite wide variety of possible dives. Shallow dives at Zenobia are very easy but still give you very good view of the huge wreck. Deep dives around the wreck give you access to the entrances to the wreck and main deck where you can still see cars and trucks suspended in their chains.
As they actually plan to use it as a dive site, I'd assume that they also make sure that it'd be available for those who aren't into technical diving.
Descent was truly 3D, you had control over all axis. It also supported motion tracking VR goggles.
Think of that Canadian pilot whom invented a way to put a jetliner in a slip to lose altitude to land at an abandoned military field when the plane ran out of gas because of metric/imperial issues.
I take that as an reference to Gimli Glider, a story that anybody interested about aviation should read. Another good example of having a human in the loop was 2003 shootdown in Baghdad.
A big part should be disallowing judges or anyone having to do with law enforcement from affiliating with political parties.
[...]
A political party does a lot in the way of telling people who operate under their banner to behave.
Membership card isn't really a magical mind control device that allows you to manipulate the actions of the party member.
Do you also think that racism will disappear as soon as you outlaw KKK?
Lol @ whoever modded parent insightful. Linux is free.
What!?! Are you saying that I have been paying SCO for nothing?
If I get a new battery I'd want to know how far it'll take me.
If I know what I need to drive 100 miles during the day I don't want to go to battery swap station just to find out that the battery I just got will get me 20 miles. It'd be even worse if you can't reliably tell in advance for how long the battery will last. Would you like to head out to the country side with battery like that?
Sure, would have gas as a backup, but you'd couldn't really count on the battery to boost your mileage at all.
Case in point, a game I just bought online, 3 bucks to ship it, its 4 gigs in size on a DVD, why should it cost me more to download it, than to have someone pack it, carry it 750 miles, transfer it by hand onto 3 different trucks and walk it to my doorstep?
How long did it take for you to receive the said 4 gigs by mail? What was the throughput in kbps? Would you be happy with internet connection that had similar download times?
Simple changes require simple training. It doesn't always have to be 5 days workshop and in many cases it doesn't need to be done in person for every users.
Most simple form of training is informing the users about the changes. Way too often we think that users should be able to pick the changes on the fly and there is no reason to "train" the users; they should be smart enough.
I consider myself to be fairly competent when it comes to IT and am absolutely sure that I could figure out any changes thrown at me, but quite often I don't want to. I mean, why should I figure all the changes as I use the system and spend hours and hours of cumulative time trying to understand what has changed and how? More often than not, that would be waste of time. Quick 30min or 1 hour training could easily save hours for the people who would otherwise figure out the changes on their own. I find that pretty counter productive.
I'd suggest that everybody makes training as part of the change management process. One of the key things to remember is to keep it simple so that it doesn't waste everybody's time. Smart users need less training. If the guy in warehouse uses computer once a week, then the training needs to be completely different level. If you perform a simple change then training doesn't need to be all that complex, either.
you should be ashamed you are not among them.
How is it GP's fault that lawyers don't want jurors that want to be impartial and would consider all the evidence?
I'm sure that's a mutual feeling.
OP was working in management, not as techie. One of the key tasks of IT management is to be on the same page with rest of the management team. It's their job to make sure that everybody understands the ideas proposed by the IT department. Way too often techies come up with excellent ideas which they can't pitch to the business side.
In the same way as marketing staff doesn't really "get" IT, IT staff doesn't understand what's going on in marketing. Both sides probably see each other as completely irrational and defying logic.
IT management needs to be able to argue their point clearly so that the intended audience can understand it and escalate the problems, if needed.