Lock down the laptop. Remove him from the local administrators group, harden the FS so that he has write access to his personal folders only. Install AV and a personal firewall on the machine. If he can't uninstall or reconfigure the AV or firewall, then you know it's for the most part protected. Setup an internal Windows Update site (it's not that hard) and setup the laptop to automatically perform its updates when it connects to the corporate network.
Now, you're thinking: "That's great in an ideal world, but if I tell this guy I have to lock down his laptop, not only from the world but from HIM, it's never going to happen!" Right? Then, you have a bigger problem, you work for a company that doesn't see the value or risks in technology. You need to start documenting the blood loss from this kind of rogue user. Keep track of every virus you have to clean. Trace it back to the origin, in most cases it should be possible to do so. Once you've documented the thousands, if not millions, of dollars being wasted tracking them down and fixing them, it becomes much easier to go to senior managers and say, "We need a policy change". Don't forget to include the costs associated with taking a user off their machine for an hour to clean it.
If you can't get this, then setup your DHCP to lock him, and all rogues, into a certain subnet. You can do this with any DHCP server by assigning certain IPs to certain MAC addresses. Filter all non-essential traffic from that subnet, and restrict where you can go and what you can do from that subnet.
I can hear it now: "I wouldn't have to do that, if he wasn't running Windows!" My response: "Bullshit!" You've given a user admin access on the machine and he has no responsibility for anything he or that machine does that damages internal systems. I guarantee that were he running Linux or OSX or anything else, he'd have the same level of priviledge. In this instance, the problem isn't with the OS, but your corporate culture.
I have one client that no matter how many times we tell their receptionist not to open files from people she doesn't know
I'll let you in on a secret: she's either an idiot, or a non-technical person who won't stop doing that until she understands the impact. Chances are that in neither case will she ever stop doing it. Just like most users. That's why the blame cannot be placed on them, it's not their job to understand viruses and "all that techie stuff". Her job is receptionist, and that means opening e-mail.
Let me ask it this way: would you allow her to be in charge of the firewall? Would you allow her to set rules and policies to protect the network from hackers? If not, then why would you put her in charge of virus security? The viruses should never get to her inbox, that's the best way to keep her from opening them. If she's incapable of making the distinction between valid and invalid attachments, why would you continue to allow her to make that distinction?
In most states a third burglary conviction at any level results in a three strikes life without parol sentence.
Which illustrates my point exactly. If someone cannot make the simple distinction that "burglary is wrong, not doing burglary is right", then you take away their ability to execute decisions based on that distinction.
How many ISPs have had their email systems compromised by viruses or worms?
Sorry, that wasn't properly worded. My intent was to say a mail system that allows them to go through. ISPs are now starting to put spam filters on their mail systems, why not AV filters as well?
Unless they happen to be using Exchange as a mail server
I administered Exchange servers for 6 years, never once had a virus on my networks, never once had it used to relay spam, and never once had it compromised. Any Exchange admin who says Exchange can't be secured is too lazt to RTFM and should be fired.
how long until we start expecting Internet routers to filter out worms?
About 7-8 years ago when it first started becoming a HUGE issue.
(which will fundamentally break the Internet even more, btw -- the middle of the Internet is supposed to be a bunch of dumb routers, not smart filters
That's nice, and the highways are supposed to be havens of safe drivers who never cut anyone off, never drive while talking on the phone and no one needs a license to drive. However, once more and more people hit the highways the government stepped in and started requiring everyone to at least show a basic level of competence before getting behind the wheel. Times change, even moreso with computers and the Internet, and so definitions and paradigms need to change. The idea of a completely free and open Internet is a nice nostalgic memory, but it's over. If we're going to let any person connect to it, we need to put systems in place to protect those people from the predators that exist there.
Now watch me get flamed for suggesting that poor, "innocent" Grandma on her cable connection should be held responsible for the attacks
This discussion thread revolves firmly around the idea that Grandma is using Windows, let's change it and assume she's using Linux, setup by her loving grandson to protect her from these kinds of problems. Let's say there's more and more grandmothers out there using Linux in this fashion. How long until a spammer figures out an easy way to get a preconfigured Sendmail on her machine?
You've received an animated greeting card from your grandson, in order to view it, you'll need the Bebopper plugin! Follow these easy instructions to install it!
Click this link: www.imaspammer.com/bebopper.rpm
Click the terminal button.
Cut and paste this line into the terminal window and provide your root password when asked. That's it, you're done!
su rpm -Uvh bebopper.rpm
Tada! Grandma's now got Bebopper installed. Whose fault is it now? Grandma? The spammer? The ISP? The grandson for giving her the root password?
You mean that it's Joe user's fault that his DSL connected PC got infected? What do you suggest we do about that?
If Joe User is connecting to the Internet, he's connecting through an ISP. An ISP with people on staff whose job it is to know better than Joe User how to combat these threats. A staff who knows that you put virus filters on e-mail. As one poster commented, simply putting a block on all double-extentioned attachments (or all executable attachments) would eliminate most virus vectors. Locking down ports so that viruses can't spread is another simple to implement but highly effective protective measure. Of course, ISPs aren't likely to do this for fear of driving away customers, but if they ALL did it, there be no place for those customers to go.
Me, I would have placed the blame squarely on all of the admins out there who allowed their systems to be compromised by the worms in the first place. That includes the admins of the e-mail systems of ISPs. It's time to start placing blame where it belongs. Security is a job function, not a function of the system. An {OS/mail system/website/whatever} is only as secure as its admin.
There are a lot of people who don't believe that talking on a cell phone while driving is dangerous.
Actually, I was just watching a report on the news earlier this week where New York State is looking at the results of the "hang up and drive" law passed a couple years back. It's looking like driving while using a hands-free set is as dangerous, if not more so, than using one without. Main reason being the amount of work it takes to get one "setup" when trying to answer a call. Not to mention the fact that you still have to take your eyes off the road to dial the phone, or even answer it.
Yet it has been shown that people using non-hands-free cell phones while driving have an accident rate roughly equivalent to drunk drivers.
The question I have is: how is that gauged? When I drive down the street, I'd say an EASY 25-40% of the cars I see nowadays is being driven by a person talking on a cell phone (and that's in NYS where said act is illegal). If the number of people who drive and talk has gone up by X%, then the amount of accidents on the road would have to go up by some corresponding amount. If the number of talk and drivers has gone up by 40%, I'd expect to see more than a single-digit increase in the number of accidents. Is that the case? Are there more accidents in general?
Okay, I'm not sure I'm making much sense, let's try a related issue: driver age. The most recent stat I heard is that a male between the ages of 18 and 25 is 4X as likely to get into an accident as a female between the ages of 50 and 65. The question I have is, do they account for miles driven in that equation? When I was between those ages, I easily put between 25,000 and 30,000 miles per year on my cars. I drove EVERYWHERE. Conversely, my grandmother in that age range almost never puts 10K miles on her car in a year. If I drove 3X as much, wouldn't that account for a significant portion of the "4X as likely"? (In those years, I had one accident that wasn't my fault, my grandmother in her "range" had one that was her fault.)Similarly, if a person using a cell phone while driving is more likely to have an accident, isn't it because it's more likely that someone will be driving while using a cell phone?
Leave the firewall turned ON, perhaps? Norton's stuff sucks, better to not install it at all if you want your machine to run well. Their stuff is bloated...VERY bloated. Use AVG for antivirus if you want one that small and free. Leave the XP firewall on and have fun! It's really not that difficult.
It could be that Microsoft is run as poorly as every other company on the planet...where the development team tells marketing, "No, there's no way it'll be out this year" and marketing hears, "Blah blah blah blah this year". I have never worked with, nor heard of, a company that works so efficiently together, for evil or otherwise, to believe that Microsoft has found that golden goose of efficiency and productivity that has managed to elude every other company on the planet run by management-seminar dropouts.
I believe, when dealing with Microsoft or any other company, that the sig "Don't attribute to evil that which can easily be explained as stupidity" applies always.
What is it with people who publish open source software who think the most important thing to put on the front page is "what's new with the software" rather than "what the software IS"? I had to dig around to finally find the Introduction page, I shouldn't have to.
I get the feeling you either have bad hardware, or don't know what you are doing.
Most likely it's that they don't know what they're doing..the people who frequent this site are mostly IT guys who'd rather complain that it's "all Microsoft's fault" rather than find a solution to the problem. I've got three wireless machines, with three different wireless cards and not a one of them has these kinds of problems.
Windows compatibility was only a small fraction of the reason OS/2 died. The fact that IBM SOLD their SDK for $600-1000 when MS was giving theirs away for free was a huge nail in the coffin.
Well, that, and OS/2 sucked.
The previous sentence was only to provoke hordes of flames. If you agree with me, I don't wanna hear it.;-)
Okay, to clarify what the parent said so that Mr. Picky here can be mollified (from the linked article): The non-fatal error message appeared only in two widely-distributed beta builds of Windows. But since the retail version of Windows 3.1 doesn't produce it, this is just dead history, right?
Yes, the message still existed in win.com, but it was not shown on retail releases of Win 3.1 running on DRDOS. Thank you for clarifying because I've been saying for years that I thought I remembered running Win 3.1 on DRDOS, but have been told time and time again that it was impossible (I jumped on the NT bandwagon pretty much as soon as it came out, so didn't run Win3.1x very long). Now I know I'm not crazy.
The only question I have, though, is why would you post as "proof" an article that proves the other person's stance?
which is a punishment for having done something wrong
No, it's not. It's a method of avoiding a lengthy trial. It's not an admission of guilt by any stretch of the imagination. Many companies settle because it's cheaper to do so than go to trial. My old employer would pretty much settle automatically on any lawsuit that was for under $20,000 because it would cost that much to just get their lawyers geared up. It's a relatively prudent business decision...do we pay $100,000 in order to avoid spending $20,000? MS made the same decsion..."It's impossible to prove we DIDN'T do something (the basis of all conspiracy theories), so do we spend millions and millions in court costs and negative advertising on a trial, or do we just give them $12M to go away?"
thank you anyway, U.S. Justice System, for ensuring that my rights as a consumer, and my ability to weild choice are protected in the browser marketplace
You really need to get a clue on how the justice system works before you start praising it. This is the biggest FLAW in the justice system. In order to stop these frivlous lawsuits, the law needs to change to protect corporations and individuals from them. Something along the lines of "If you bring suit, and lose, you're responsible for all the defendant's court and legal fees as well as punitive damages equal to thrice that amount" should do the trick. Then, companies like Opera will stop bringing suits against larger companies like Microsoft in the hopes of getting a settlement. They know MS will settle, they don't have to be right, or prove it in court. It's an easy $12M influx.
In this instance, Opera is the evil corporation manipulating the system for its own gain.
This isn't possible! Are we sure it isn't April 1st? I mean, we've been told time and time again that this kind of thing isn't possible because of so many people reviewing the code! This affects all versions of CVS released before May 19th? How is that possible? Hasn't anyone LOOKED at the code?
I'm not sure I would have been so nasty, but I mostly agree with what you said.
You are correct, it was a bit over the top, but some things really get my blood boiling.:)
Though I must say, I am also a drunken Software Engineer and I take a fence to some of that.;)
Well, then I apologize. While I stand by my statements, they were too broad. I've met more than enough developers I wouldn't give USER access to let alone Admin, but there is a significant percentage that are good at both developing AND fixin' stuff.
Ok, you know, this type of stupid bullshit should NOT be posted to/. MS bashing is one thing, but when you publish a "news article" that is full of out and out lies, then it's just plain yellow journalism.
As expected, pretty quickly the registry started accumulating all sorts of rubbish, and the system started exhibiting strange bugs.
What the fuck are you installing??? My current HTPC was built on Windows 2000 server in February of 2000. It's been running 24/7 since then, and has hundreds of pieces installed, removed, updated, moved, etc since then. It's my test development box for ASP (which in my case means it's had 3 different versions of MS Office installed for twiddling with the various exposed COM components to be used in web pages.) It's connected to my TV and acts as DVR/multimedia machine and I've installed dozens of various multimedia apps over the years to test and play with (zoom player, two-three different versions of the ATI multimedia system, Winamp, etc). The hardware has been upgraded numerous times, and is about to go through another cycle. I don't experience ANY "strange bugs".
Then I made the mistake of installing VMWare 30 day demo on my system. As soon as I booted Linux under it as a guest OS, the the sound card went bonkers, and started producing high pitched screeching sounds.
Did you ever think it MIGHT be that guest OS? Linux support for sound cards is sketchy at best (yeah, I said sketchy at best). Regardless, I've got VMware installed on my desktop and have installed dozens of Linux distros on it. I've also used Basilisk II to run Mac OS 8 sessions. I've NEVER had a problem like that.
The Messenger Service spam was only a minor inconvenience as I knew how to turn it off;
Really? They why the fuck didn't you do it before you went online? For that matter, why didn't turn on the firewall before going online? I'll tell you why: while you try to come off as a person who knows what they're doing, all you end up doing is coming off as a user. A user who, granted, knows what the registry is or Windows update, but a user nonetheless. Your opinion, therefore, on anything "I.T." is worthless and void.
Ah, no, I see. I decided to look around your site. You're a programmer. The worst kind of user. That's right, programmers are users. They usually end up fucking up their systems beyond repair, then call the people who really know how a computer works to come fix it...or, they reinstall over and over again. Your opinion is, therefore, even less worthwhile than a user's.
I'm going to have to agree with the majority of/.ers and say this is bullshit. Free software isn't the cause of problems in IT...it's the morons who work there. The fucknut deskside guys who think that defragging a friggin' hard drive actually FIXES something. The wastes of sperm who think that because they have a certification, they have any clue how a thing works and should be an administrator. Or, the self-propelled vacuums who rather than figure out how to fix a problem just throw up their arms at the first sign of trouble and say, "Well, that's Windows! Servers reboot every day! Microsoft designs it that way!"
But, even worse than that, it's the managers who don't have the skill to get the business to buy into what's best, rather than what the fad of the day is.
As the saying goes, "It's a poor musician who blames his instrument".
MY math was wrong. It's friday and I'm leaving early, I put in your costs for the servers.:)
TCO sans SUS over 5 years = (65 * 4000) + (5 * (2 * 70000)) = $960,000
TCO with SUS over 5 years = (65 * 4000) + (5 * 20000) = $360,000
And, I DO see your point, most people calculate TCO based on soft dollars which are never recouped to the organization unless you get rid of people. If it takes 100 less man-hours to do a job a month, you don't save (100 * $average hourly) unless you get rid of the people doing the job. The above example, however, does that. That being said, though, freeing up admins to work on projects, rather than "regular maintenance" will help the organization become more efficient, thus lowering the TCO in other ways besides payroll.
Again, your math is wrong. Let's look at some real numbers, based on just our Citrix farm:
We have 60 server which cost $4000 each (those are Dell PE1550s from a couple years ago). Prior to SUS, we had 2 people, paid approximately $70,000/year, dedicated to maintaining the farm and administering it. We installed an SUS server, for ALL Windows servers at a cost of $2500 (it doesn't need to be a high-end machine, it doles out patches in the middle of the night when they're available). Now, the roles of administration have been rolled into our larger server group, and those two admins now fill different roles. The remaining admin tasks are minimal and handled by the whole team. Warranty is included on the machine for 3 years, and we purchased 5 extra 1550s to use as parts for this farm when the warranty runs out. Let's put the real numbers in...
TCO sans SUS over 5 years = (65 * 1000) + (5 * (2 * 70000)) = $765,000
TCO with SUS over 5 years = (65 * 1000) + (5 * 20000) = $165,000
I put in $20,000 as the annual administrative costs remaining on the farm. As administration of the Citrix farm is now limited to when new applications have to be published, this is a lot higher than it should be, but I figured I'd lean on the overly-high side before I'm accused of leaning on the overly-low side.
Slashdot Mirror
How much can you do with weak materials?
I find it interesting that you'd attempt to make the argument that it was the straw's fault the house was blown down.
What's your solution?
Lock down the laptop. Remove him from the local administrators group, harden the FS so that he has write access to his personal folders only. Install AV and a personal firewall on the machine. If he can't uninstall or reconfigure the AV or firewall, then you know it's for the most part protected. Setup an internal Windows Update site (it's not that hard) and setup the laptop to automatically perform its updates when it connects to the corporate network.
Now, you're thinking: "That's great in an ideal world, but if I tell this guy I have to lock down his laptop, not only from the world but from HIM, it's never going to happen!" Right? Then, you have a bigger problem, you work for a company that doesn't see the value or risks in technology. You need to start documenting the blood loss from this kind of rogue user. Keep track of every virus you have to clean. Trace it back to the origin, in most cases it should be possible to do so. Once you've documented the thousands, if not millions, of dollars being wasted tracking them down and fixing them, it becomes much easier to go to senior managers and say, "We need a policy change". Don't forget to include the costs associated with taking a user off their machine for an hour to clean it.
If you can't get this, then setup your DHCP to lock him, and all rogues, into a certain subnet. You can do this with any DHCP server by assigning certain IPs to certain MAC addresses. Filter all non-essential traffic from that subnet, and restrict where you can go and what you can do from that subnet.
I can hear it now: "I wouldn't have to do that, if he wasn't running Windows!" My response: "Bullshit!" You've given a user admin access on the machine and he has no responsibility for anything he or that machine does that damages internal systems. I guarantee that were he running Linux or OSX or anything else, he'd have the same level of priviledge. In this instance, the problem isn't with the OS, but your corporate culture.
I have one client that no matter how many times we tell their receptionist not to open files from people she doesn't know
I'll let you in on a secret: she's either an idiot, or a non-technical person who won't stop doing that until she understands the impact. Chances are that in neither case will she ever stop doing it. Just like most users. That's why the blame cannot be placed on them, it's not their job to understand viruses and "all that techie stuff". Her job is receptionist, and that means opening e-mail.
Let me ask it this way: would you allow her to be in charge of the firewall? Would you allow her to set rules and policies to protect the network from hackers? If not, then why would you put her in charge of virus security? The viruses should never get to her inbox, that's the best way to keep her from opening them. If she's incapable of making the distinction between valid and invalid attachments, why would you continue to allow her to make that distinction?
In most states a third burglary conviction at any level results in a three strikes life without parol sentence.
Which illustrates my point exactly. If someone cannot make the simple distinction that "burglary is wrong, not doing burglary is right", then you take away their ability to execute decisions based on that distinction.
How many ISPs have had their email systems compromised by viruses or worms?
Sorry, that wasn't properly worded. My intent was to say a mail system that allows them to go through. ISPs are now starting to put spam filters on their mail systems, why not AV filters as well?
Unless they happen to be using Exchange as a mail server
I administered Exchange servers for 6 years, never once had a virus on my networks, never once had it used to relay spam, and never once had it compromised. Any Exchange admin who says Exchange can't be secured is too lazt to RTFM and should be fired.
how long until we start expecting Internet routers to filter out worms?
About 7-8 years ago when it first started becoming a HUGE issue.
(which will fundamentally break the Internet even more, btw -- the middle of the Internet is supposed to be a bunch of dumb routers, not smart filters
That's nice, and the highways are supposed to be havens of safe drivers who never cut anyone off, never drive while talking on the phone and no one needs a license to drive. However, once more and more people hit the highways the government stepped in and started requiring everyone to at least show a basic level of competence before getting behind the wheel. Times change, even moreso with computers and the Internet, and so definitions and paradigms need to change. The idea of a completely free and open Internet is a nice nostalgic memory, but it's over. If we're going to let any person connect to it, we need to put systems in place to protect those people from the predators that exist there.
Now watch me get flamed for suggesting that poor, "innocent" Grandma on her cable connection should be held responsible for the attacks
This discussion thread revolves firmly around the idea that Grandma is using Windows, let's change it and assume she's using Linux, setup by her loving grandson to protect her from these kinds of problems. Let's say there's more and more grandmothers out there using Linux in this fashion. How long until a spammer figures out an easy way to get a preconfigured Sendmail on her machine?
You've received an animated greeting card from your grandson, in order to view it, you'll need the Bebopper plugin! Follow these easy instructions to install it!
Click this link: www.imaspammer.com/bebopper.rpm
Click the terminal button.
Cut and paste this line into the terminal window and provide your root password when asked. That's it, you're done! su rpm -Uvh bebopper.rpm
Tada! Grandma's now got Bebopper installed. Whose fault is it now? Grandma? The spammer? The ISP? The grandson for giving her the root password?
Does this also include enterprises where the DHCP server becomes compromised by laptops that are monkeyed around with by engineers?
I really have no idea what you're asking here. Could you provide an example?
You mean that it's Joe user's fault that his DSL connected PC got infected? What do you suggest we do about that?
If Joe User is connecting to the Internet, he's connecting through an ISP. An ISP with people on staff whose job it is to know better than Joe User how to combat these threats. A staff who knows that you put virus filters on e-mail. As one poster commented, simply putting a block on all double-extentioned attachments (or all executable attachments) would eliminate most virus vectors. Locking down ports so that viruses can't spread is another simple to implement but highly effective protective measure. Of course, ISPs aren't likely to do this for fear of driving away customers, but if they ALL did it, there be no place for those customers to go.
Me, I would have placed the blame squarely on all of the admins out there who allowed their systems to be compromised by the worms in the first place. That includes the admins of the e-mail systems of ISPs. It's time to start placing blame where it belongs. Security is a job function, not a function of the system. An {OS/mail system/website/whatever} is only as secure as its admin.
There are a lot of people who don't believe that talking on a cell phone while driving is dangerous.
Actually, I was just watching a report on the news earlier this week where New York State is looking at the results of the "hang up and drive" law passed a couple years back. It's looking like driving while using a hands-free set is as dangerous, if not more so, than using one without. Main reason being the amount of work it takes to get one "setup" when trying to answer a call. Not to mention the fact that you still have to take your eyes off the road to dial the phone, or even answer it.
Yet it has been shown that people using non-hands-free cell phones while driving have an accident rate roughly equivalent to drunk drivers.
The question I have is: how is that gauged? When I drive down the street, I'd say an EASY 25-40% of the cars I see nowadays is being driven by a person talking on a cell phone (and that's in NYS where said act is illegal). If the number of people who drive and talk has gone up by X%, then the amount of accidents on the road would have to go up by some corresponding amount. If the number of talk and drivers has gone up by 40%, I'd expect to see more than a single-digit increase in the number of accidents. Is that the case? Are there more accidents in general?
Okay, I'm not sure I'm making much sense, let's try a related issue: driver age. The most recent stat I heard is that a male between the ages of 18 and 25 is 4X as likely to get into an accident as a female between the ages of 50 and 65. The question I have is, do they account for miles driven in that equation? When I was between those ages, I easily put between 25,000 and 30,000 miles per year on my cars. I drove EVERYWHERE. Conversely, my grandmother in that age range almost never puts 10K miles on her car in a year. If I drove 3X as much, wouldn't that account for a significant portion of the "4X as likely"? (In those years, I had one accident that wasn't my fault, my grandmother in her "range" had one that was her fault.)Similarly, if a person using a cell phone while driving is more likely to have an accident, isn't it because it's more likely that someone will be driving while using a cell phone?
Leave the firewall turned ON, perhaps? Norton's stuff sucks, better to not install it at all if you want your machine to run well. Their stuff is bloated...VERY bloated. Use AVG for antivirus if you want one that small and free. Leave the XP firewall on and have fun! It's really not that difficult.
Excuse the pun, but: amen to that! There's a fella who posts on /. who has a sig that sums it all up: I like Linux, it's the fan club I can't stand.
It could be that Microsoft is run as poorly as every other company on the planet...where the development team tells marketing, "No, there's no way it'll be out this year" and marketing hears, "Blah blah blah blah this year". I have never worked with, nor heard of, a company that works so efficiently together, for evil or otherwise, to believe that Microsoft has found that golden goose of efficiency and productivity that has managed to elude every other company on the planet run by management-seminar dropouts.
I believe, when dealing with Microsoft or any other company, that the sig "Don't attribute to evil that which can easily be explained as stupidity" applies always.
What is it with people who publish open source software who think the most important thing to put on the front page is "what's new with the software" rather than "what the software IS"? I had to dig around to finally find the Introduction page, I shouldn't have to.
I get the feeling you either have bad hardware, or don't know what you are doing.
Most likely it's that they don't know what they're doing..the people who frequent this site are mostly IT guys who'd rather complain that it's "all Microsoft's fault" rather than find a solution to the problem. I've got three wireless machines, with three different wireless cards and not a one of them has these kinds of problems.
Windows compatibility was only a small fraction of the reason OS/2 died. The fact that IBM SOLD their SDK for $600-1000 when MS was giving theirs away for free was a huge nail in the coffin.
;-)
Well, that, and OS/2 sucked.
The previous sentence was only to provoke hordes of flames. If you agree with me, I don't wanna hear it.
Okay, to clarify what the parent said so that Mr. Picky here can be mollified (from the linked article): The non-fatal error message appeared only in two widely-distributed beta builds of Windows. But since the retail version of Windows 3.1 doesn't produce it, this is just dead history, right?
Yes, the message still existed in win.com, but it was not shown on retail releases of Win 3.1 running on DRDOS. Thank you for clarifying because I've been saying for years that I thought I remembered running Win 3.1 on DRDOS, but have been told time and time again that it was impossible (I jumped on the NT bandwagon pretty much as soon as it came out, so didn't run Win3.1x very long). Now I know I'm not crazy.
The only question I have, though, is why would you post as "proof" an article that proves the other person's stance?
which is a punishment for having done something wrong
No, it's not. It's a method of avoiding a lengthy trial. It's not an admission of guilt by any stretch of the imagination. Many companies settle because it's cheaper to do so than go to trial. My old employer would pretty much settle automatically on any lawsuit that was for under $20,000 because it would cost that much to just get their lawyers geared up. It's a relatively prudent business decision...do we pay $100,000 in order to avoid spending $20,000? MS made the same decsion..."It's impossible to prove we DIDN'T do something (the basis of all conspiracy theories), so do we spend millions and millions in court costs and negative advertising on a trial, or do we just give them $12M to go away?"
thank you anyway, U.S. Justice System, for ensuring that my rights as a consumer, and my ability to weild choice are protected in the browser marketplace
You really need to get a clue on how the justice system works before you start praising it. This is the biggest FLAW in the justice system. In order to stop these frivlous lawsuits, the law needs to change to protect corporations and individuals from them. Something along the lines of "If you bring suit, and lose, you're responsible for all the defendant's court and legal fees as well as punitive damages equal to thrice that amount" should do the trick. Then, companies like Opera will stop bringing suits against larger companies like Microsoft in the hopes of getting a settlement. They know MS will settle, they don't have to be right, or prove it in court. It's an easy $12M influx.
In this instance, Opera is the evil corporation manipulating the system for its own gain.
all versions of CVS released before May 19th
This is the first time they looked at the code?
This isn't possible! Are we sure it isn't April 1st? I mean, we've been told time and time again that this kind of thing isn't possible because of so many people reviewing the code! This affects all versions of CVS released before May 19th? How is that possible? Hasn't anyone LOOKED at the code?
I'm not sure I would have been so nasty, but I mostly agree with what you said.
:)
;)
You are correct, it was a bit over the top, but some things really get my blood boiling.
Though I must say, I am also a drunken Software Engineer and I take a fence to some of that.
Well, then I apologize. While I stand by my statements, they were too broad. I've met more than enough developers I wouldn't give USER access to let alone Admin, but there is a significant percentage that are good at both developing AND fixin' stuff.
Ok, you know, this type of stupid bullshit should NOT be posted to /. MS bashing is one thing, but when you publish a "news article" that is full of out and out lies, then it's just plain yellow journalism.
As expected, pretty quickly the registry started accumulating all sorts of rubbish, and the system started exhibiting strange bugs.
What the fuck are you installing??? My current HTPC was built on Windows 2000 server in February of 2000. It's been running 24/7 since then, and has hundreds of pieces installed, removed, updated, moved, etc since then. It's my test development box for ASP (which in my case means it's had 3 different versions of MS Office installed for twiddling with the various exposed COM components to be used in web pages.) It's connected to my TV and acts as DVR/multimedia machine and I've installed dozens of various multimedia apps over the years to test and play with (zoom player, two-three different versions of the ATI multimedia system, Winamp, etc). The hardware has been upgraded numerous times, and is about to go through another cycle. I don't experience ANY "strange bugs".
Then I made the mistake of installing VMWare 30 day demo on my system. As soon as I booted Linux under it as a guest OS, the the sound card went bonkers, and started producing high pitched screeching sounds.
Did you ever think it MIGHT be that guest OS? Linux support for sound cards is sketchy at best (yeah, I said sketchy at best). Regardless, I've got VMware installed on my desktop and have installed dozens of Linux distros on it. I've also used Basilisk II to run Mac OS 8 sessions. I've NEVER had a problem like that.
The Messenger Service spam was only a minor inconvenience as I knew how to turn it off;
Really? They why the fuck didn't you do it before you went online? For that matter, why didn't turn on the firewall before going online? I'll tell you why: while you try to come off as a person who knows what they're doing, all you end up doing is coming off as a user. A user who, granted, knows what the registry is or Windows update, but a user nonetheless. Your opinion, therefore, on anything "I.T." is worthless and void.
Ah, no, I see. I decided to look around your site. You're a programmer. The worst kind of user. That's right, programmers are users. They usually end up fucking up their systems beyond repair, then call the people who really know how a computer works to come fix it...or, they reinstall over and over again. Your opinion is, therefore, even less worthwhile than a user's.
Thanks for playing. Please come back
I'm going to have to agree with the majority of /.ers and say this is bullshit. Free software isn't the cause of problems in IT...it's the morons who work there. The fucknut deskside guys who think that defragging a friggin' hard drive actually FIXES something. The wastes of sperm who think that because they have a certification, they have any clue how a thing works and should be an administrator. Or, the self-propelled vacuums who rather than figure out how to fix a problem just throw up their arms at the first sign of trouble and say, "Well, that's Windows! Servers reboot every day! Microsoft designs it that way!"
But, even worse than that, it's the managers who don't have the skill to get the business to buy into what's best, rather than what the fad of the day is.
As the saying goes, "It's a poor musician who blames his instrument".
In short, technology will not solve the problem where the basics are missing. I say: Let them evolve
Amen. This would be just like trigger guards and motorcycle helmets. Let 'em die. Nature likes to skim her own gene pool.
Once this thing works, I'll be able to Google for porn done by my favorite actresses, regardless of correct file names! YAAY!!
MY math was wrong. It's friday and I'm leaving early, I put in your costs for the servers. :)
TCO sans SUS over 5 years = (65 * 4000) + (5 * (2 * 70000)) = $960,000
TCO with SUS over 5 years = (65 * 4000) + (5 * 20000) = $360,000
And, I DO see your point, most people calculate TCO based on soft dollars which are never recouped to the organization unless you get rid of people. If it takes 100 less man-hours to do a job a month, you don't save (100 * $average hourly) unless you get rid of the people doing the job. The above example, however, does that. That being said, though, freeing up admins to work on projects, rather than "regular maintenance" will help the organization become more efficient, thus lowering the TCO in other ways besides payroll.
Again, your math is wrong. Let's look at some real numbers, based on just our Citrix farm:
We have 60 server which cost $4000 each (those are Dell PE1550s from a couple years ago). Prior to SUS, we had 2 people, paid approximately $70,000/year, dedicated to maintaining the farm and administering it. We installed an SUS server, for ALL Windows servers at a cost of $2500 (it doesn't need to be a high-end machine, it doles out patches in the middle of the night when they're available). Now, the roles of administration have been rolled into our larger server group, and those two admins now fill different roles. The remaining admin tasks are minimal and handled by the whole team. Warranty is included on the machine for 3 years, and we purchased 5 extra 1550s to use as parts for this farm when the warranty runs out. Let's put the real numbers in...
TCO sans SUS over 5 years = (65 * 1000) + (5 * (2 * 70000)) = $765,000
TCO with SUS over 5 years = (65 * 1000) + (5 * 20000) = $165,000
I put in $20,000 as the annual administrative costs remaining on the farm. As administration of the Citrix farm is now limited to when new applications have to be published, this is a lot higher than it should be, but I figured I'd lean on the overly-high side before I'm accused of leaning on the overly-low side.