Was it really that big of a risk for Microsoft? When reading anything about MS, I try to keep in mind that we are *not* talking about your average run of the mill business here. This is a monopoly, right? So the usual rules don't apply.
Yes, they've been convicted for using their monopoly power to crush competition in the web-browser market, but I can't really see how this applies here, since the console market is wastly different and they don't really have any applicable powers other than money to use to wipe out the competition, as if wiping out Sony of the console market would be possible anyway...
Agreed, but even now you can use command line tools to do much of the work, even remote. The sad thing is that a lot of the sys admins (mcse:s et al) doesn't have a clue about this... I think that's one of the big differences between unix and windows sys admins.
I think Sun is in a pretty tight spot being hit from all sides. IBM hits Sun from above with the AS390/400 machines priced to move (and running linux for lower cost), MS and.Net is a serious threat and people like Fujitsu-Siemens aims at taking market shares in the Solaris-server market dominated by Sun.
On top of that, of course Linux and other free unixes like *bsd is taking market share from Solaris.
I don't know if Java is all that important to Sun, I can't see Java solving Suns problems anyway...
It's going to be really interesting to see what happens to Sun in the next couple of years, I don't think a take-over or merger with IBM is that far fetched.
IBM is the only company that would make a microprocessor (the PowerPC) and then build desktops using the rival's processors (Intel).
Don't think so, Sun does it (SPARC & Intel), Compaq (DEC)(Alpha & Intel) & HP has done it (PA-RISC & Intel), SGI does it (MIPS & Intel), as well as Fujitsu-Siemens (SPARC & Intel).
I'm aware of the security flaws in IE and WMP, but please tell me how to exploit security holes in applications I don't use.
The point I was trying to make is that the security holes in software isn't a big problem as long as you don't use the software. Of course it would have been better if software like IE and WMP wasn't there at all, but it is.
As for your second comment I totally agree, consumer power is an important tool which we should use more often.
>>crudeboy writes: (in regards to IE and Media Player) but... a more correct question might be: Why bother to remove it?
>End user applications have no business existing on a dedicated server machine. As for why, see below:
I agree, but as long as the application isn't active it's really not a security problem. I wouldn't endorse the use of IE while logged on as an administrator.
>Well, if "limit your exposure" isn't supposed to be #1 on a security checklist, then it is #2 or #3.
>Since you don't seem to understand the basics, then I suggest you read up on the subject before you start calling things "nonsense".
Read what I wrote again, "limit the exposure" is in my list, but not at the top. I believe security work needs to start a long time before the system is installed. BTW, I have read up on it...
Re:But linux is killing unix..for better or for wo
on
Unix Isn't Dead
·
· Score: 1
But it's not psuedosecurity since the evaluation doesn't aim at claiming that the evaluated system is secure (except for the higher levels) but rather that it contains features that can be used to ensure high security. Or that the development process was undertaken a certain way.
In the end the good sysadmin is vital, but it's also good to know if your system implements certain features in good way.
>And why do I need IE and Media Player on a server that's only running a database?
The natural answer would be: You don't
but... a more correct question might be: Why bother to remove it?
>Step #1 of security, remove and/or disable everything to don't need to get the job done
If you really think that you probably shouldn't work with security at all... To say that things you do when implementing a software solution should be carried out first is just plain nonsense...
>MSFT has been ignoring that for years, but maybe they are finally starting to learn
They haven't really been ignoring it, rather had a different approach all together.
The problem with MS, just as many others, would be that they've choosen to implement features that customers request in order to increase sales rather than focusing resources on things customers don't request directly, such as security.
Re:But linux is killing unix..for better or for wo
on
Unix Isn't Dead
·
· Score: 1
While linux will be doing great, it won't in secure environments...
From the NSA:s faq on "NATIONAL POLICY REGARDING THE EVALUATION OF COMMERCIAL IA PRODUCTS":
"Effective 1 July 2002, U.S. Government Departments and Agencies will be required
to acquire, for use on national security systems, only those IA and IA-enabled products
that have been evaluated or validated in accordance with the requirements of NSTISSP
No. 11, and its associated programs and processes."
So what does this mean?
It means that linux can't enter into high security environments without having been evaluated, and since the evaluation process takes several years and cost lots of money, this is unlikely to happen.
Which in turn makes unix live on, as there already exists evaluated "trusted" versions of many unixes.
I don't concur, Unix will die eventually, just as will Windows and a lot of other things we use now. As science moves forward technologies get obsolete. Sure, Unix has been around a long time and probably will stick around long time, but eventually sometime in the future it will be replaced.
Some people thought the Roman empire would last forever, but it only lasted a thousand years (counting high) which of course is a very long time, but hardly forever...
My personal experience & opinions
on
Managing Einsteins
·
· Score: 2, Insightful
Let me share my personal experience of moving from a tech position into middle-management.
I was hired for a development dotcom as team-leader for the internal IT-group, but since we had no IT-manager my role more or less shifted into that of a IT-manager.
One of the things I came to realize is that being a manager, whether for smart och not-so-smart people, is a rather difficult thing which should be viewed as any other discipline which requires high skills and strong people skills.
This didn't exactly come as a shock to me, but I hadn't really thought that much about how much it would tear me down personally.
I think my problem was that I lacked good management skills and insight into what motivated my staff. While I realized this quite fast I really tried to do a good job and keep everyone happy.
I got pretty mentally exhausted after this period and I'd probably think twice about taking up any job which involves managing peolpe again, but I'll probably do it at some point in the future since I got the feeling that it can be a highly rewarding job, and not just in terms of economic compensation (I could probably earn more as a database developer than manager anyway).
Coming from a tech background my personal belief now is that tech jobs, while often demanding strong intellectual skills, usually deal with logical problems with tend to have logical solutions, but management (at least of human resources) deal with highly illogical humans and therefore is a much tougher discipline to master.
Another thing that adds to the difficulty of management is that managerial positions often demands you to be proficient in multiple disciplines (much like developers...)
For all you people who're dissing managers and sales people (and all other non-cool positions) I only have one thing to say: Treat them with the same level of respect as you want to earn yourself and by all means, if you think you can do the job better give it a try!
As far as I recall it was Digital, not Tandem, who developed the original Wolfpack under the name Digital Cluster for Windows NT and later gave the technology to MS.
Exactly, go after the telco or hit the powergrid and you start to create some real problems. Even if the noc is on diesels I bet you some link in the chain isn't...
Thanks for pointing out the errors in fact, but still the cancer research appeals more to me personally even though I share the general concerns about the use of the results.
I think the use of spare cpu cycles is an excellent way to support science, but...
For some time the only one around was seti@home which analyzes noise from space, I think, in search for alien lifeforms, then there's distributed.net doing crypto and math stuff, (correct me if I'm wrong). And then there's people like Intel running medical research in areas like cancer and alzheimer.
I don't know about you, but to me medical research feels a somewhat more beneficial to humanity than search for aliens. Don't get me wrong, I'm not saying that the work done by seti and distributed isn't important or shouldn't be done, just that there's other research that might be more worthwhile supporting.
That's just my opinion, but if you feel the same way, checkout this site.
I've experienced the same situation where management got split from the rest of the company. Actually when the company I worked for started it was run out of an apartment, then all shared an open office and later people were split up and the whole R&D section was moved to another floor. I think the company lost a whole lot when we couldn't share office anymore, and I think that organizing people after department isn't the best thing you can do. My personal belief is that it's better to mix people from different departments around products or projects, because you ease communication between people who really need to communicate, like marketing and r&d.
As for privacy, all you really need is some secluded areas where people can have private phonecalls etctera and of course a open-minded policy that trusts employees to do what they're supposed to and not care too much about when people takes breaks.
In our office you could see people sitting reading magazines, drinking coffee going off to the healthclub anytime they wanted to. In the end they were happy and pulled their weight, with good margins too.
Well why wouldn't they keep running the ads? John Doe buying databases probably doesn't know, or care, that they're lying...
It's not really a lie if they don't actually guarantee that it's unbreakable, which they don't, they merely state how they view their breakable product based on old evaluations
I think it's more or less necessary to learn and understand the concepts of database design, including modelling, normalization etcetera before picking up a specific dbms-product.
After having read and understood that book I would start looking at a commercial dbms like Oracle, DB2 or MS SQL Server as they are they most frequently used.
In my opinion MySQL and Postgres are fine products, but if you're looking to get an overpaid job, go with Oracle...
Slashdot Mirror
Yes, they've been convicted for using their monopoly power to crush competition in the web-browser market, but I can't really see how this applies here, since the console market is wastly different and they don't really have any applicable powers other than money to use to wipe out the competition, as if wiping out Sony of the console market would be possible anyway...
Wouldn't want to see /. haunted by evil lawyers...
I think that's one of the big differences between unix and windows sys admins.
Cheers
My point was more to the fact that it's not an uncommon practice to use your competitors product in your own.
On top of that, of course Linux and other free unixes like *bsd is taking market share from Solaris.
I don't know if Java is all that important to Sun, I can't see Java solving Suns problems anyway...
It's going to be really interesting to see what happens to Sun in the next couple of years, I don't think a take-over or merger with IBM is that far fetched.
SUN developed the architechture but doesn't own the SPARC trademarks etcetera anymore. Check out SPARC International for details.
Don't think so, Sun does it (SPARC & Intel), Compaq (DEC)(Alpha & Intel) & HP has done it (PA-RISC & Intel), SGI does it (MIPS & Intel), as well as Fujitsu-Siemens (SPARC & Intel).
Just to name a few...
I hate to say it, but... no it's not. My computer doesn't load code until I execute applications, I don't know how your works though.
Cheers
But they should in my opinion, that's a couple of things that makes a manager good.
>Please don't tell me this is hard to do. If it was difficult, managers wouldn't be managers.
What you described doesn't sound too hard, but it doesn't really describe a good manager too me, but rather a mediocre one.
Cheers!
The point I was trying to make is that the security holes in software isn't a big problem as long as you don't use the software. Of course it would have been better if software like IE and WMP wasn't there at all, but it is.
As for your second comment I totally agree, consumer power is an important tool which we should use more often.
>>crudeboy writes: (in regards to IE and Media Player) but... a more correct question might be: Why bother to remove it?
>End user applications have no business existing on a dedicated server machine. As for why, see below:
I agree, but as long as the application isn't active it's really not a security problem. I wouldn't endorse the use of IE while logged on as an administrator.
>Well, if "limit your exposure" isn't supposed to be #1 on a security checklist, then it is #2 or #3.
>Since you don't seem to understand the basics, then I suggest you read up on the subject before you start calling things "nonsense".
Read what I wrote again, "limit the exposure" is in my list, but not at the top. I believe security work needs to start a long time before the system is installed. BTW, I have read up on it...
In the end the good sysadmin is vital, but it's also good to know if your system implements certain features in good way.
The natural answer would be: You don't
but... a more correct question might be: Why bother to remove it?
>Step #1 of security, remove and/or disable everything to don't need to get the job done
If you really think that you probably shouldn't work with security at all...
To say that things you do when implementing a software solution should be carried out first is just plain nonsense...
>MSFT has been ignoring that for years, but maybe they are finally starting to learn
They haven't really been ignoring it, rather had a different approach all together.
The problem with MS, just as many others, would be that they've choosen to implement features that customers request in order to increase sales rather than focusing resources on things customers don't request directly, such as security.
From the NSA:s faq on "NATIONAL POLICY REGARDING THE EVALUATION OF COMMERCIAL IA PRODUCTS":
"Effective 1 July 2002, U.S. Government Departments and Agencies will be required to acquire, for use on national security systems, only those IA and IA-enabled products that have been evaluated or validated in accordance with the requirements of NSTISSP No. 11, and its associated programs and processes."
So what does this mean?
It means that linux can't enter into high security environments without having been evaluated, and since the evaluation process takes several years and cost lots of money, this is unlikely to happen.
Which in turn makes unix live on, as there already exists evaluated "trusted" versions of many unixes.
That's just my .2
Some people thought the Roman empire would last forever, but it only lasted a thousand years (counting high) which of course is a very long time, but hardly forever...
I was hired for a development dotcom as team-leader for the internal IT-group, but since we had no IT-manager my role more or less shifted into that of a IT-manager.
One of the things I came to realize is that being a manager, whether for smart och not-so-smart people, is a rather difficult thing which should be viewed as any other discipline which requires high skills and strong people skills.
This didn't exactly come as a shock to me, but I hadn't really thought that much about how much it would tear me down personally.
I think my problem was that I lacked good management skills and insight into what motivated my staff. While I realized this quite fast I really tried to do a good job and keep everyone happy.
I got pretty mentally exhausted after this period and I'd probably think twice about taking up any job which involves managing peolpe again, but I'll probably do it at some point in the future since I got the feeling that it can be a highly rewarding job, and not just in terms of economic compensation (I could probably earn more as a database developer than manager anyway).
Coming from a tech background my personal belief now is that tech jobs, while often demanding strong intellectual skills, usually deal with logical problems with tend to have logical solutions, but management (at least of human resources) deal with highly illogical humans and therefore is a much tougher discipline to master. Another thing that adds to the difficulty of management is that managerial positions often demands you to be proficient in multiple disciplines (much like developers...)
For all you people who're dissing managers and sales people (and all other non-cool positions) I only have one thing to say:
Treat them with the same level of respect as you want to earn yourself and by all means, if you think you can do the job better give it a try!
Modular design is nice but monolithic design has it's uses too. It all depends on what you ultimate goal is.
As far as I recall it was Digital, not Tandem, who developed the original Wolfpack under the name Digital Cluster for Windows NT and later gave the technology to MS.
Exactly, go after the telco or hit the powergrid and you start to create some real problems. Even if the noc is on diesels I bet you some link in the chain isn't...
Thanks.
Thanks for pointing out the errors in fact, but still the cancer research appeals more to me personally even though I share the general concerns about the use of the results.
For some time the only one around was seti@home which analyzes noise from space, I think, in search for alien lifeforms, then there's distributed.net doing crypto and math stuff, (correct me if I'm wrong). And then there's people like Intel running medical research in areas like cancer and alzheimer.
I don't know about you, but to me medical research feels a somewhat more beneficial to humanity than search for aliens. Don't get me wrong, I'm not saying that the work done by seti and distributed isn't important or shouldn't be done, just that there's other research that might be more worthwhile supporting.
That's just my opinion, but if you feel the same way, checkout this site.
I think the company lost a whole lot when we couldn't share office anymore, and I think that organizing people after department isn't the best thing you can do. My personal belief is that it's better to mix people from different departments around products or projects, because you ease communication between people who really need to communicate, like marketing and r&d.
As for privacy, all you really need is some secluded areas where people can have private phonecalls etctera and of course a open-minded policy that trusts employees to do what they're supposed to and not care too much about when people takes breaks.
In our office you could see people sitting reading magazines, drinking coffee going off to the healthclub anytime they wanted to. In the end they were happy and pulled their weight, with good margins too.
That's just my 2 cents.
It's not really a lie if they don't actually guarantee that it's unbreakable, which they don't, they merely state how they view their breakable product based on old evaluations
Cheers!
I would recommend Database Processing by David M. Kroenke, ISBN 0130648396.
After having read and understood that book I would start looking at a commercial dbms like Oracle, DB2 or MS SQL Server as they are they most frequently used.
In my opinion MySQL and Postgres are fine products, but if you're looking to get an overpaid job, go with Oracle...