Somewhat concerning, considering the number of CentOS servers I have in the wild.
I'd suggest disabling yum updates on your CentOS boxes until this gets sorted out. Might want to do updates by rebuilding src rpms directly from Redhat.
Just the fact they even have to address an issue like this makes me nervous.
A surge protector doesn't help you if the EM field collapses on the wireless antenna.
At that point the charge created by the collapse goes directly *through* your electronics to the nearest ground. Which equals *poof* to your electronics.
A surge protector will protect you through a clamp circuit if the surge comes through the outlet.
But I think the main point has to do with networking fundamentals. Wireless is a virtual shared media. All clients on a node share the same amount of bandwidth. 54Mb can start looking pretty slow with ten busy clients.
Modern switched wired networks segregate traffic between nodes, rather than working as a broadcast type network (wireless/thinnet). So you have a massive performance advantage by using wired networks. A quality 24 port 100Mb switch has an theoretical aggregate capacity of 4800Mb assuming all ports are used to capacity in full-duplex mode (And the backplane can handle it), 2400Mb in half duplex mode, where as a 54Mb wireless network only has 54Mb which is split up between every node on the network. The math is a no brainer. Even with real world non theoretical numbers, the performance difference is staggering.
Wired is the only way to go in a production environment with *supplemental* wireless access for roaming and mobile users.
One of the other advantages of cat5/e is it's use of inductive reactance to mitigate EM interference. The gauged twist in the pairs increases signal quality, but also mitigates the collapse of EM fields (mostly from local lightning strikes) and the unbridled voltage they create (which is directed right into your network electronics and connected nodes). Proper grounding aside- it doesn't help if the voltage is already in the circuitry.
Go 100% wireless in your office, and enjoy damage from all those wireless antennas picking up current from a collapsing EM field.
Every spring, we lose a couple of laptops, one or two wireless nodes, and a wireless camera or two. It's always after a storm and it's never the wired equipment.
Stardock is one of the best companies I've ever done business with. I love their mainline games. No one who is a serious multi account MMO gamer plays without Multiplicity or Synergy (GPL Equivalent).
They just have all these little pieces of things you need, in all the right niches. Sins of a Solar Empire is a Grade "A" title and their licensing scheme/download at any time policy is simply marvelous.
I know this isn't really the aim of the article.... but...
From a purely tech standpoint, the guys over at CCP (Eve Online) should be noted for the massive achievement of their database cluster. 45000 people playing in the same game universe, backed by Microsoft SQL Server (?!?!?), massive RAMSAN capacity, and all that custom Python code seems a very notable achievement. Yes I said Python! Stackless to be precise.
From where I stand, it's that kind of cluster which will run the MMO's of tomorrow.
I sometimes wonder about the wisdom of giving free publicity to organizations like these. From my standpoint they represent an institutionalized mental illness- that of denying reality. Denying reality is certainly akin to "doing the same thing over and over expecting a different result".
I do understand the religious issues that fuel these kinds of organizations. But it has always seemed to me that since "truth" is central to any religious belief, that an attempt to derail truth through ignorance or outright deception was a horrible "sin".
With the way organizations like this adhere to biblical writing, one might be able to accuse them of having a book as "god" rather than the apparently supernatural "God of the Gaps" most people seem to engage in their spirituality.
The inerrancy of God seems plausible to me. The in inerrancy of a book seems like sheer insanity.
"I suppose we should all be thankful that radio engineers are better educated than the average Slashdot poster..."
Rather, I'd hope "radio engineers" would take notes from the Slashdot posters. This way Slashdot posters, who have to trouble shoot wireless systems going down for no apparent reason, don't have to argue with "radio engineers" over a problem that is reproducible.
Also, you might want to ask why this "IT Director" (me) appears to know more about this problem than you do?
At any rate I've seen the sign wave off a couple of these wireless transmitters and it doesn't look clean to me.
But you know... I'm no "radio engineer". My license only reads "Technician".
I don't know what other IT guys thought when we found out the Xbox was using 2.4 Ghz for it's controllers, but I laughed out loud!
2.4 Ghz is one of the most badly managed spectrum for consumers. You have phone systems that take out access points, access points that take out phone systems, and no idea at all which of those systems will interact badly with another.
And you can't fix it either! Access points use a static channelization for their transmission, and controllers/phones use spread spectrum. Why is that bad??
It's bad because 2.4 Ghz is radio, carrying digital info, which due to the nature of the produced sign wave results in a signal distortion more commonly known as "bleed over". Without the ability to separate the signals by a large frequency, digital over analog bleeds all over the place. Additionally, spread spectrum ensures the signal will at some point transmit across the whole spectrum.
Add to that the fact that these antenna aren't tuned all that well....
Oh well 2.4 Ghz is a mess. No one likes to talk about it... and companies are still making equipment for 2.4 Ghz.
I used to work for CompUSA in the 1992 time frame, in Skokie IL.
Back then they were paying a living wage to their hardware salespeople (Or fairly close to it), had a decent tech department, and had a great Mac section.
I left in 1993 and ended up working for Apple Computer.
The funny thing was, I left just as Best buy was coming into the market, and CompUSA management was all freaked out about it. I didn't understand why Best Buy scared them (and still don't). CompUSA at the time was a "computer store" and a big one. Best Buy was what? Appliances, with some computers?
Back then CompUSA resembled Fry's more closely than Best buy, and they made the decision to go "retail". They could have gone the other way and been a little more "geeky".
Fry's, which currently looks like a big success story from my standpoint, flew a banner outside of their store at grand opening in Naperville IL which read: "Welcome IT Professionals".
I'm no fanboi for any retail chain. But there's some things I observed that first day shopping at the Naperville Fry's:
1. I ran into three of my contemporaries, all accomplished IT professionals.
2. When I talked to a guy in the computer components department about a logic board, he knew what chipsets were, which one I was using, why I chose it, and which boards used it.
3. It was amazing to me that I had the option of buying a 19" relay rack, an oscilloscope, coffee (Love their french roast!!), computer components, and a vacuum cleaner. (And have over the years bought some very strange permutations of geeky products, and rejoiced at the opportunity)
Strangest purchase combination: A DVD player, laser pointer, exercise DVD, tea, 19" relay rack, and a radio controlled car.
4. I noticed that under certain circumstances I'll forgo internet shopping for the brick and mortar shopping experience- even if I pay more.
Sadly, CompUSA never tried to touch the above market. As disjointed and strange as that product mix seems it *works*. CompUSA could have gotten a lot more techie in response to Best Buy. They didn't- and they lost.
You and I are probably both competent technical people. For my part, I'm an IT director and have done this type of work for 22 years.
Let us assume the two of us, you and I, know more about the Windows registry, bash shell, or using gcc that 98% of the geeks out there. Just for argument's sake.
However, there's a 95% chance that any EVE online player will have the following qualities:
1. Own only one computer.
2. Not be technical.
3. Not read the forums where the information is posted.
4. Be unable to digest and properly utilize the fix information.
So let us re-asses:
It took us, you and I, about 15 seconds to re-write that boot.ini file and *poof* no problem.
That's 5% of the EVE userbase. Add another 20% of the userbase that figures out how to solve the problem. 25% of the people have the fix.
The rest of those poor schlubs are driving to Best Buy to have some incompetent charge them $100 (or whatever)- and that is NOT FUD!!
That my friend is a screwup of massive scope, with huge consequences, because for people who are not geeks- that computer is a "brick".
The box comes offline at the buffer overflow attack- NOT the privileged compromise!
Apparently my reading of this is that it's ok with you for a remote attacker to get unprivileged shell access- and secure it from there. Sorry. Whatever happened to detecting/correcting the buffer overflow in the service?
Do you seriously leave a box online with a buffer overflow issue? Besides- if they are going to get shell access (unpriv) the box is toast anyway? Right?
Not to be an ass here, but I'll assume for the moment that we both, you and I, have perfect security records (which thus far is true for me), and differing views on security. In that context I'd not find my comments either naive nor silly.
It's only silly if you have no idea what your code is *doing*.
If your mail daemon is the only exposed service, fixing a kernel bug having to do with wget isn't going to solve anything. A successful buffer overflow against sendmail is going to allow arbitrary remote code execution anyway. Fixing a kernel problem related to "X" when sendmail uses "Y" doesn't = justification for a kernel update.
If uptime is the premium, and you cannot afford to make code changes because of an impending kernel update, you leave the kernel update until it *does* something effective for you.
But of course your knowledge base has to extend past "yum update". Perhaps if I only had *one* server to maintain I might dump every software update on the planet onto it (regardless of whether I need them or not). But with over 50 servers, some running exotic code? No way. Kernel replacements are stressful to administrators. You do them when you have to. In fact in the "old days" most update tools left the kernel out of the upgrade tools for exactly that reason.
Thus, you have to understand what your code is doing. Of course this relates to kernel updates only (as I've mentioned). Updates on other binaries are mandatory.
Besides- I can promise you this... if the hacker gets to the point where thy can remotely execute code via a sendmail buffer overflow- the box is toast anyway... right?
Are ya really gonna leave a half hacked box in service?
2. I have gone a year where the *nix KERNEL didn't need an upgrade against the machine's application. Assuming the KERNEL update wasn't needed- no reboot. There's no reason to patch for local security issues on a mail server that only allows hardware terminal access (Aside from SMTP). Especially where uptime issues are considered. Additionally, I actually READ the patch notes and patch where appropriate- you apparently just download stuff and put it on "you're" (just for fun!) machine.
And....
3. If you've never seen Windows Server 2003 bluescreen- you haven't been running it. Seriously? What kind of fanboi are you? I never claimed to never have a kernel panic on a UNIX box. In "your" (fun fun) whole life you've never seen a bluescreen?
And you are right- millions of companies do use Microsoft technologies. Millions of ISP's and infrastructure providers DO NOT. The idea that an MS server is up to snuff for multi-domain (in the hundreds) mail service, core routing, or security/security appliance use is just inane. Additionally, the idea that the MS technologies are close enough to RFC is just as ignorant.
But going back to the original point. You compared MS Server 2003 to Qmail. Both are crap (for various and sometimes different reasons), the MS server doesn't scale well, Exchange is an (sometimes) undocumented mess, and the registry when messed up takes down whole *machines* since all that config info is in the same place.
So my dear, British, photo retouching friend what was your point?
There are many reasons a company might choose a Windows server for their e-mail. But they are not ISVs/ISPs.
Apparently- your not on the big iron either... So you are forgiven.
I knew there would be a day when a Windows MTA would be compared to Qmail. I didn't think I'd live to see it- but I knew it would happen.
Let's forget for a moment that Qmail (or sendmail/postfix) takes a long time to setup.
And let's remember that in the big-dog multi domain server world, a Windows server fails.
It takes me a about a day (with testing and hardware verification) to get a traditional MTA up and running for multi domain use- complete with on the fly virus scanning and spam filtering (at zero software cost). Draw your own conclusion Vs. "Uptime".
But in reality, I often question the sanity of admins who use Qmail since I can't rationalize wanting to live that "close to the code". It's not 1997 anymore, and there are huge swaths of FOSS which have sufficient Q&A to get the job done. Working from source, which is an excellent skill, certainly doesn't garner the advantages it once did.
So in essence your comparing "Current Crap (Windows)" to "Oldish Crap (Qmail)" and declaring a winner. Fine.
But the time payoff comes from the machine being up for a year without incident- not the install time.
If you are worried about install time, I've got a copy of ASIP Server V5 around here somewhere- it will install in about 5 minutes. Just don't plug it into *anything*.
If you want to see the IT profession go down the crapper, just start handing out overtime.... and start a union.
IT is one of the only fields left where a person can advance based on how good they are. This whole "overtime for the junior SE who can't tie their shoelaces" is just crap. A junior engineer is just that, junior, and those extra hours struggling with DNS topology are simply the internship for a future.
Attempts to turn a professional skill into a commodity, eventually result in unionization, and we become like the US manufacturing sector.
Give me my professional latitude- or nothing at all.
Forking the kernel brings more diversity into the intellectual marketplace. Were the kernel forked now, when Linus gets tired of playing with his toy there will be the ability for the kernel to go on.
Sounds like a win for me considering the loss of Linus from the kernel team might make the project fall apart.
I'd say fork it twice, and let the best developers win.
But adopting a code like this as departmental "law" does two important things:
1. It puts employees we serve at ease because they have a measuring stick for our conduct. (A copy of the LOPSA code is included in the new employee materials)
2. It gives the IT director leverage to cleanly and efficiently fire workers when ethical mis-steps occur.
You're right: "I" don't need the "code"- but it has good uses.
It has been posited by my legal department that IT workers are "mandatory reporters" in cases of cyber crime, child abuse, and terrorism.
This opinion, which I have not seen tested in court, seems exceptionally relevant considering that like teachers (who are often the first to see child abuse), nurses/doctors (the first to treat physical abuse), and police (the first to intervene in domestic abuse) IT people are a first detector for a myriad of crimes.
Thus, based on legal advice, my employees are instructed to notify law enforcement *before* notifying management. (In some states this may actually be law now)
So yes, this code of ethics, as well as the LOPSA Code I linked below- do apply. Assuming of course the IT director isn't one of those management monkeys who likes to bury things "for the good of the company".
While my IT department does not require membership in this organization, these rules of ethics are *posted* and violations of those rules are a fireable offense!
This one is simply devastating. I've made copies of all the articles and documentation- including the spin statement where they spin "It was still within the rules" for the Microsoft partners to join the ratifying body.
Now what I will do with those documents is send them to my board of directors. They will read them.
The result: I have the power when needed to say to Microsoft "Sorry, we like your products, but we can't support your business methods"
I've been reducing the Microsoft presence in my datacenter for a year or so and deploying Microsoft products only where they make sense. That's about 50% of the time, and usually on the desktop.
I don't have a lot of power to be the catalyst for change, and Microsoft isn't going anywhere (Thankfully, they make some good products). However, if I send the Microsoft rep packing enough times with negative comments about ethics... perhaps in a small way I can make things better.
Slashdot Mirror
Somewhat concerning, considering the number of CentOS servers I have in the wild.
I'd suggest disabling yum updates on your CentOS boxes until this gets sorted out. Might want to do updates by rebuilding src rpms directly from Redhat.
Just the fact they even have to address an issue like this makes me nervous.
Um?
A surge protector doesn't help you if the EM field collapses on the wireless antenna.
At that point the charge created by the collapse goes directly *through* your electronics to the nearest ground. Which equals *poof* to your electronics.
A surge protector will protect you through a clamp circuit if the surge comes through the outlet.
That's a nice sentiment... And I agree.
But I think the main point has to do with networking fundamentals. Wireless is a virtual shared media. All clients on a node share the same amount of bandwidth. 54Mb can start looking pretty slow with ten busy clients.
Modern switched wired networks segregate traffic between nodes, rather than working as a broadcast type network (wireless/thinnet). So you have a massive performance advantage by using wired networks. A quality 24 port 100Mb switch has an theoretical aggregate capacity of 4800Mb assuming all ports are used to capacity in full-duplex mode (And the backplane can handle it), 2400Mb in half duplex mode, where as a 54Mb wireless network only has 54Mb which is split up between every node on the network. The math is a no brainer. Even with real world non theoretical numbers, the performance difference is staggering.
Wired is the only way to go in a production environment with *supplemental* wireless access for roaming and mobile users.
One of the other advantages of cat5/e is it's use of inductive reactance to mitigate EM interference. The gauged twist in the pairs increases signal quality, but also mitigates the collapse of EM fields (mostly from local lightning strikes) and the unbridled voltage they create (which is directed right into your network electronics and connected nodes). Proper grounding aside- it doesn't help if the voltage is already in the circuitry.
Go 100% wireless in your office, and enjoy damage from all those wireless antennas picking up current from a collapsing EM field.
Every spring, we lose a couple of laptops, one or two wireless nodes, and a wireless camera or two. It's always after a storm and it's never the wired equipment.
Ahem- this is a kernel architecture *choice*- not a deficiency. It is the age old argument between a monolithic kernel and a micro kernel.
You can religiously pick a side and proclaim expertise- but in reality you'll deal with both philosophies in the data center.
Maybe it's just a bad day for me.
How is this news that matters? I mean I'm a gamer (as well as an IT Director). But who cares?
I'm in total agreement with you.
Stardock is one of the best companies I've ever done business with. I love their mainline games. No one who is a serious multi account MMO gamer plays without Multiplicity or Synergy (GPL Equivalent).
They just have all these little pieces of things you need, in all the right niches. Sins of a Solar Empire is a Grade "A" title and their licensing scheme/download at any time policy is simply marvelous.
I know this isn't really the aim of the article.... but...
From a purely tech standpoint, the guys over at CCP (Eve Online) should be noted for the massive achievement of their database cluster. 45000 people playing in the same game universe, backed by Microsoft SQL Server (?!?!?), massive RAMSAN capacity, and all that custom Python code seems a very notable achievement. Yes I said Python! Stackless to be precise.
From where I stand, it's that kind of cluster which will run the MMO's of tomorrow.
Not everything is graphics and market share.
I sometimes wonder about the wisdom of giving free publicity to organizations like these. From my standpoint they represent an institutionalized mental illness- that of denying reality. Denying reality is certainly akin to "doing the same thing over and over expecting a different result".
I do understand the religious issues that fuel these kinds of organizations. But it has always seemed to me that since "truth" is central to any religious belief, that an attempt to derail truth through ignorance or outright deception was a horrible "sin".
With the way organizations like this adhere to biblical writing, one might be able to accuse them of having a book as "god" rather than the apparently supernatural "God of the Gaps" most people seem to engage in their spirituality.
The inerrancy of God seems plausible to me. The in inerrancy of a book seems like sheer insanity.
If all you can point to is my typo- my comments must be on the mark.
Thank you- Sine Wave.....
I'll fix that next time.
"I suppose we should all be thankful that radio engineers are better educated than the average Slashdot poster..."
Rather, I'd hope "radio engineers" would take notes from the Slashdot posters. This way Slashdot posters, who have to trouble shoot wireless systems going down for no apparent reason, don't have to argue with "radio engineers" over a problem that is reproducible.
Also, you might want to ask why this "IT Director" (me) appears to know more about this problem than you do?
At any rate I've seen the sign wave off a couple of these wireless transmitters and it doesn't look clean to me.
But you know... I'm no "radio engineer". My license only reads "Technician".
Oh like we didn't know this was going to happen.
I don't know what other IT guys thought when we found out the Xbox was using 2.4 Ghz for it's controllers, but I laughed out loud!
2.4 Ghz is one of the most badly managed spectrum for consumers. You have phone systems that take out access points, access points that take out phone systems, and no idea at all which of those systems will interact badly with another.
And you can't fix it either! Access points use a static channelization for their transmission, and controllers/phones use spread spectrum. Why is that bad??
It's bad because 2.4 Ghz is radio, carrying digital info, which due to the nature of the produced sign wave results in a signal distortion more commonly known as "bleed over". Without the ability to separate the signals by a large frequency, digital over analog bleeds all over the place. Additionally, spread spectrum ensures the signal will at some point transmit across the whole spectrum.
Add to that the fact that these antenna aren't tuned all that well....
Oh well 2.4 Ghz is a mess. No one likes to talk about it... and companies are still making equipment for 2.4 Ghz.
Caveat Emptor.
I used to work for CompUSA in the 1992 time frame, in Skokie IL.
Back then they were paying a living wage to their hardware salespeople (Or fairly close to it), had a decent tech department, and had a great Mac section.
I left in 1993 and ended up working for Apple Computer.
The funny thing was, I left just as Best buy was coming into the market, and CompUSA management was all freaked out about it. I didn't understand why Best Buy scared them (and still don't). CompUSA at the time was a "computer store" and a big one. Best Buy was what? Appliances, with some computers?
Back then CompUSA resembled Fry's more closely than Best buy, and they made the decision to go "retail". They could have gone the other way and been a little more "geeky".
Fry's, which currently looks like a big success story from my standpoint, flew a banner outside of their store at grand opening in Naperville IL which read: "Welcome IT Professionals".
I'm no fanboi for any retail chain. But there's some things I observed that first day shopping at the Naperville Fry's:
1. I ran into three of my contemporaries, all accomplished IT professionals.
2. When I talked to a guy in the computer components department about a logic board, he knew what chipsets were, which one I was using, why I chose it, and which boards used it.
3. It was amazing to me that I had the option of buying a 19" relay rack, an oscilloscope, coffee (Love their french roast!!), computer components, and a vacuum cleaner. (And have over the years bought some very strange permutations of geeky products, and rejoiced at the opportunity)
Strangest purchase combination: A DVD player, laser pointer, exercise DVD, tea, 19" relay rack, and a radio controlled car.
4. I noticed that under certain circumstances I'll forgo internet shopping for the brick and mortar shopping experience- even if I pay more.
Sadly, CompUSA never tried to touch the above market. As disjointed and strange as that product mix seems it *works*. CompUSA could have gotten a lot more techie in response to Best Buy. They didn't- and they lost.
You and I are probably both competent technical people. For my part, I'm an IT director and have done this type of work for 22 years.
Let us assume the two of us, you and I, know more about the Windows registry, bash shell, or using gcc that 98% of the geeks out there. Just for argument's sake.
However, there's a 95% chance that any EVE online player will have the following qualities:
1. Own only one computer.
2. Not be technical.
3. Not read the forums where the information is posted.
4. Be unable to digest and properly utilize the fix information.
So let us re-asses:
It took us, you and I, about 15 seconds to re-write that boot.ini file and *poof* no problem.
That's 5% of the EVE userbase. Add another 20% of the userbase that figures out how to solve the problem. 25% of the people have the fix.
The rest of those poor schlubs are driving to Best Buy to have some incompetent charge them $100 (or whatever)- and that is NOT FUD!!
That my friend is a screwup of massive scope, with huge consequences, because for people who are not geeks- that computer is a "brick".
You're missing the point.
The box comes offline at the buffer overflow attack- NOT the privileged compromise!
Apparently my reading of this is that it's ok with you for a remote attacker to get unprivileged shell access- and secure it from there. Sorry. Whatever happened to detecting/correcting the buffer overflow in the service?
Do you seriously leave a box online with a buffer overflow issue? Besides- if they are going to get shell access (unpriv) the box is toast anyway? Right?
Not to be an ass here, but I'll assume for the moment that we both, you and I, have perfect security records (which thus far is true for me), and differing views on security. In that context I'd not find my comments either naive nor silly.
Personally I'm glad his whole life, and his Windows servers are his.
I don't want either of them.
Yea ok...
It's only silly if you have no idea what your code is *doing*.
If your mail daemon is the only exposed service, fixing a kernel bug having to do with wget isn't going to solve anything. A successful buffer overflow against sendmail is going to allow arbitrary remote code execution anyway. Fixing a kernel problem related to "X" when sendmail uses "Y" doesn't = justification for a kernel update.
If uptime is the premium, and you cannot afford to make code changes because of an impending kernel update, you leave the kernel update until it *does* something effective for you.
But of course your knowledge base has to extend past "yum update". Perhaps if I only had *one* server to maintain I might dump every software update on the planet onto it (regardless of whether I need them or not). But with over 50 servers, some running exotic code? No way. Kernel replacements are stressful to administrators. You do them when you have to. In fact in the "old days" most update tools left the kernel out of the upgrade tools for exactly that reason.
Thus, you have to understand what your code is doing. Of course this relates to kernel updates only (as I've mentioned). Updates on other binaries are mandatory.
Besides- I can promise you this... if the hacker gets to the point where thy can remotely execute code via a sendmail buffer overflow- the box is toast anyway... right?
Are ya really gonna leave a half hacked box in service?
See what I mean?
Well not to enter into a personal discourse...
And your nit picky spelling issues aside.
1. I happen to admin 6 Windows Server 2003 boxes.
And....
2. I have gone a year where the *nix KERNEL didn't need an upgrade against the machine's application. Assuming the KERNEL update wasn't needed- no reboot. There's no reason to patch for local security issues on a mail server that only allows hardware terminal access (Aside from SMTP). Especially where uptime issues are considered. Additionally, I actually READ the patch notes and patch where appropriate- you apparently just download stuff and put it on "you're" (just for fun!) machine.
And....
3. If you've never seen Windows Server 2003 bluescreen- you haven't been running it. Seriously? What kind of fanboi are you? I never claimed to never have a kernel panic on a UNIX box. In "your" (fun fun) whole life you've never seen a bluescreen?
And you are right- millions of companies do use Microsoft technologies. Millions of ISP's and infrastructure providers DO NOT. The idea that an MS server is up to snuff for multi-domain (in the hundreds) mail service, core routing, or security/security appliance use is just inane. Additionally, the idea that the MS technologies are close enough to RFC is just as ignorant.
But going back to the original point. You compared MS Server 2003 to Qmail. Both are crap (for various and sometimes different reasons), the MS server doesn't scale well, Exchange is an (sometimes) undocumented mess, and the registry when messed up takes down whole *machines* since all that config info is in the same place.
So my dear, British, photo retouching friend what was your point?
There are many reasons a company might choose a Windows server for their e-mail. But they are not ISVs/ISPs.
Apparently- your not on the big iron either... So you are forgiven.
I knew there would be a day when a Windows MTA would be compared to Qmail. I didn't think I'd live to see it- but I knew it would happen.
Let's forget for a moment that Qmail (or sendmail/postfix) takes a long time to setup.
And let's remember that in the big-dog multi domain server world, a Windows server fails.
It takes me a about a day (with testing and hardware verification) to get a traditional MTA up and running for multi domain use- complete with on the fly virus scanning and spam filtering (at zero software cost). Draw your own conclusion Vs. "Uptime".
But in reality, I often question the sanity of admins who use Qmail since I can't rationalize wanting to live that "close to the code". It's not 1997 anymore, and there are huge swaths of FOSS which have sufficient Q&A to get the job done. Working from source, which is an excellent skill, certainly doesn't garner the advantages it once did.
So in essence your comparing "Current Crap (Windows)" to "Oldish Crap (Qmail)" and declaring a winner. Fine.
But the time payoff comes from the machine being up for a year without incident- not the install time.
If you are worried about install time, I've got a copy of ASIP Server V5 around here somewhere- it will install in about 5 minutes. Just don't plug it into *anything*.
I agree with the original poster. Completely.
If you want to see the IT profession go down the crapper, just start handing out overtime.... and start a union.
IT is one of the only fields left where a person can advance based on how good they are. This whole "overtime for the junior SE who can't tie their shoelaces" is just crap. A junior engineer is just that, junior, and those extra hours struggling with DNS topology are simply the internship for a future.
Attempts to turn a professional skill into a commodity, eventually result in unionization, and we become like the US manufacturing sector.
Give me my professional latitude- or nothing at all.
Well I think a fork would be a good idea.
Forking the kernel brings more diversity into the intellectual marketplace. Were the kernel forked now, when Linus gets tired of playing with his toy there will be the ability for the kernel to go on.
Sounds like a win for me considering the loss of Linus from the kernel team might make the project fall apart.
I'd say fork it twice, and let the best developers win.
I think the biggest worry I have now... which may actually be moot- is who ends up with SCO's assets and IP?
Once they hit chapter 7, as the money runs out, the court will dismember them. Hopefully, the assets they do have end up with IBM.
I'm not so sure about Novell's alignment in the open source world yet.
But even better is this:
If one of their accounting people was a CPA- they could be in deep do do if
there are problems found.
I know this, I'm watching a corporation pull the bond out from under a CPA right
now. The liabilities are incredible and the end game is scary.
Maybe an accountant will have damaging information heh?
Agreed.
But adopting a code like this as departmental "law" does two important things:
1. It puts employees we serve at ease because they have a measuring stick for our conduct. (A copy of the LOPSA code is included in the new employee materials)
2. It gives the IT director leverage to cleanly and efficiently fire workers when ethical mis-steps occur.
You're right: "I" don't need the "code"- but it has good uses.
Nice try.
It has been posited by my legal department that IT workers are "mandatory reporters" in cases of cyber crime, child abuse, and terrorism.
This opinion, which I have not seen tested in court, seems exceptionally relevant considering that like teachers (who are often the first to see child abuse), nurses/doctors (the first to treat physical abuse), and police (the first to intervene in domestic abuse) IT people are a first detector for a myriad of crimes.
Thus, based on legal advice, my employees are instructed to notify law enforcement *before* notifying management. (In some states this may actually be law now)
So yes, this code of ethics, as well as the LOPSA Code I linked below- do apply. Assuming of course the IT director isn't one of those management monkeys who likes to bury things "for the good of the company".
There is a professional organization, of which I happen to be a member, Called "LOPSA"- "League of Professional System Administrators".
The code of ethics is found here:
http://lopsa.org/CodeOfEthics
While my IT department does not require membership in this organization, these rules of ethics are *posted* and violations of those rules are a fireable offense!
Phyrric victory indeed.
This one is simply devastating. I've made copies of all the articles and documentation- including the spin statement where they spin "It was still within the rules" for the Microsoft partners to join the ratifying body.
Now what I will do with those documents is send them to my board of directors. They will read them.
The result: I have the power when needed to say to Microsoft "Sorry, we like your products, but we can't support your business methods"
I've been reducing the Microsoft presence in my datacenter for a year or so and deploying Microsoft products only where they make sense. That's about 50% of the time, and usually on the desktop.
I don't have a lot of power to be the catalyst for change, and Microsoft isn't going anywhere (Thankfully, they make some good products). However, if I send the Microsoft rep packing enough times with negative comments about ethics... perhaps in a small way I can make things better.