From what I have experienced, the suits have a real problem getting an IT guy to see their point of view, and the same is true in reverse.
This is exactly true, and it's something that is getting worse as more and more IT services are outsourced. You no longer have the IT guys down the corridor who know how your business processes work, and automatically sanity check any new IT projects to make sure they're a good fit. Instead you're calling Bangalore then waiting for the onsite support guy to turn up: and it'll be a different person doing this every time, who doesn't know you, your business or what's core to the way you work
This is why there's a geek-shaped hole left when you outsource - a hole for someone who knows the IT side inside out, and also partners with the business to know their processes inside out. That person can then act as an IT business partner - representing the business's needs to IT, and representing IT's needs to the business.
This is less important if you just need general file'n'print type IT, but it's really valuable if your business depends on IT, and you have complex systems to consider.
This is what I do for a living. Yes, originally it was a "move this way or risk outsourcing" kind of career move, but it's very satisfying and personally I love it.
in pretty much ALL countries bar the US, you don't pay to receive calls or text messages (bar premium text messages that offer commercial services you've signed up for).
In the past week we've seen a story that claims that "Sick Building Syndrome" is actually a stress-based problem that can be traced back to poor management.
See http://www.telegraph.co.uk/news/main.jhtml?xml=/ne ws/2006/03/23/nsick23.xml&sSheet=/news/2006/03/23/ ixhome.html for details.
I'd say this is reasonably obvious, and also a similar explanation probably lies behind the original post. EM radiation causing stress, or work (in workplace full of electrical devices) causing stress - which do you think is more likely?
Essentials on my 5600 (actually branded an Orange SPV C500 - they're all HTC Typhoons underneath it all)
* Torch - simple program that turns screen on full brightness with white background so you can use it as a torch. Assign a speeddial to it. Free.
* Autokeylock - does what it says, also gives you handy clock display screensaver. Free.
* Citytime pocket alarms - easier to use than the dreadful inbuilt alarm, allows different alarms for different days of the week
* One great feature that's built in is automatic profile switching. When you've got a meeting booked in your calendar, it'll switch to the meeting profile automatically. It took me 6 months to find this!
* TomTom mobile GPS navigation and a bluetooth GPS device. I get full UK coverage with postcode nav in around 200MB including all UK speedcameras, all read to me by John Cleese's voice. Invaluable.
* Windows Media 10 ROM update - use MP3s as ringtones etc.
* Opera Mobile - until MiniMo comes out, the best browser. Pocket IE is practically unusable.
I've had loads of smartphones and this one is far and away the best I've used. Only a bigger screen and wifi could improve it - it's very much phone form factor rather than PDA.
does songbird do anything cool like add itunes-like features to generic usb bulk storage mp3 players? automatic upload of playlists, automatic download and transfer of podcasts, etc? now THAT would be cool and remove the few points that tie me to itunes/ipod at the moment...
whilst you're at it, you should take some responsibility for the power in the building, and perhaps the cleaning the toilets: after all, you know something about those activities, too...
absolute crap. consider the following:
1) excessive restrictions are bad
2) excessive support calls are bad
3) your network being compromised or going Foom! is bad
4) restricting some areas of a client PC reduces likelihood of users messing with stuff on their client that will need fixing
5) restricting some areas of a client PC reduces likelihood of users messing with stuff that will threaten the integrity of the network
it's all about balance. IT are there to do a job, just like you are.
Let's take one example: users at our site being irritated they can't change their screensaver from a dull Win2K screenlock to pretty fishes. Sounds petty? It's there because it turns out we have a legal requirement to lock unattended workstations to show due diligence in security - we work in a very tightly regulated industry.
This doesn't mean that you should lock down *every last thing* though - if it can't cause harm or there's a business case for it, let them have it. If you're not sure, don't allow it until a business case has been made.
local admin can still be restricted by group policy in the windows world.
our users can crack local admin, but they still have account restrictions that stop them doing anything *really* bad that might threaten the integrity of our network.
it's not what you think you know, it's what you're responsible for. Your IT department are responsible for the integrity of the IT systems. Someone who works in a lab but likes tinkering may have knowledge about the IT systems, but they're not responsible for them: it's not their job.
if what you're advocating is that every individual department is allowed to break away from the main network, setup their own infrastructure, and service it any way they like, then it's a dangerous road to go down. sure, it may appeal to the freedom-loving geek in you, but it has a lot of downsides: no economies of scale (e.g. licencing, helpdesk, etc), difficulty in communication across departments, loss of standardisation etc. all this probably *doesn't* translate into a lower Total Cost of Ownership. I appreciate you're in an academic setting so you don't have a requirement to maximise shareholder revenue, etc, but chances are you're still on a constrained budget and so cost *will* be a factor...
"Since when was it illegal to share your network connection with someone? Last I have heard there was an entire industry devoted to the service. They are called Internet Service Provider."
You are confusing technically possible and legal. Chances are, your ISP made you agree to a contract where you don't sublet your connection. Otherwise, blocks of flats would have one guy paying the bill and everyone else piggybacking on it. It's illegal as in you-signed-a-contract-saying-you-wouldn't-do-it, not illegal as in it's a separate offence in itself.
any phone that runs either windows mobile 5, or windows mobile 2003SE will do the job admirably. I run an Orange SPV C500, which is the same as an HTC Typhoon. You can get these for around 50UKP unlocked on ebay. The best bit about it is the Exchange synch...oh, and I run TomTom mobile sat nav on it too, via a BT GPS unit.
Of course I do: but getting owned by having port 80 open sounds kind of familiar, yes? Oh and IIS isn't expensive. Sure, it could be poorly secured Apache...
No it isn't. They don't accept liability, which is fine, because we test systems down to the minutest detail ourselves and accept liability for the system as a whole, not just the OS.
1) OP states port 80 and 9999 (or similar) are the only 2 ports open, and his boxes are getting owned
2) I posit that most likely vector is via port 80, which is usually used for running a webserver. given he's moaning about windows here it's quite likely it's IIS. not definite, mind, but it's a good guess.
Changing hardware on a Windows system is a dicey proposition at best. It's very typical to see Windows barf after spending 20 minutes at a "New Hardware Found" prompt and three reboots before bombing into uselessness.
This is bollocks, pure and simple.
If you know what you're doing you can slipstream whatever drivers and patches you want into a Windows install: one reboot at the end and you're done.
Takes me about 15 mins to crank out corporate images here for any of our hardware, and during that time the only interaction needed from me is to type in the asset tag of the PC.
1) bollocks . this is security camera footage? you're running it on something on a public subnet? why not use ipsec?
2) if you've got access to a datacenter you could plug your toaster into a rack power strip too, and trip the fuse, bringing down a server BUT YOU'D RIGHTLY BE CANNED FOR BEING A DUMBASS if you did.
1) it's perfectly possible to secure windows in such a way as to run a webserver. this is common sense
2) it would appear that the whole problem is he's got port 80 open (i.e. running a webserver) and is getting hosed by the usual exploits for IIS etc.
3) what he needs to do is clean the system, patch the system and *then* connect it back to the internet with appropriate hardening
4) profit
there's a huge number of safety-critical medical systems based on windows. this is not a problem at all, provided you take proper precautions - isolate machines where appropriate, ensure they're secure - etc.
speaking as someone who does this for a living, if you don't know what a 510 is, you shouldn't be messing with stuff you don't understand as when you get audited it'll be *you* they come looking for with burning torches...
Slashdot Mirror
This is exactly true, and it's something that is getting worse as more and more IT services are outsourced. You no longer have the IT guys down the corridor who know how your business processes work, and automatically sanity check any new IT projects to make sure they're a good fit. Instead you're calling Bangalore then waiting for the onsite support guy to turn up: and it'll be a different person doing this every time, who doesn't know you, your business or what's core to the way you work
This is why there's a geek-shaped hole left when you outsource - a hole for someone who knows the IT side inside out, and also partners with the business to know their processes inside out. That person can then act as an IT business partner - representing the business's needs to IT, and representing IT's needs to the business.
This is less important if you just need general file'n'print type IT, but it's really valuable if your business depends on IT, and you have complex systems to consider.
This is what I do for a living. Yes, originally it was a "move this way or risk outsourcing" kind of career move, but it's very satisfying and personally I love it.
i suspect in my case it's being fucking sick of the place...
there's this nifty bit of software that whitelists calls and SMS: http://treo.pdablast.com/articles/2006/3/2006321-B lock-Unwanted-Calls-with.html
in pretty much ALL countries bar the US, you don't pay to receive calls or text messages (bar premium text messages that offer commercial services you've signed up for).
In the past week we've seen a story that claims that "Sick Building Syndrome" is actually a stress-based problem that can be traced back to poor management.e ws/2006/03/23/nsick23.xml&sSheet=/news/2006/03/23/ ixhome.html for details.
See http://www.telegraph.co.uk/news/main.jhtml?xml=/n
I'd say this is reasonably obvious, and also a similar explanation probably lies behind the original post. EM radiation causing stress, or work (in workplace full of electrical devices) causing stress - which do you think is more likely?
and if you post about it on slashdot, is that level 5?
Essentials on my 5600 (actually branded an Orange SPV C500 - they're all HTC Typhoons underneath it all)
* Torch - simple program that turns screen on full brightness with white background so you can use it as a torch. Assign a speeddial to it. Free.
* Autokeylock - does what it says, also gives you handy clock display screensaver. Free.
* Citytime pocket alarms - easier to use than the dreadful inbuilt alarm, allows different alarms for different days of the week
* One great feature that's built in is automatic profile switching. When you've got a meeting booked in your calendar, it'll switch to the meeting profile automatically. It took me 6 months to find this!
* TomTom mobile GPS navigation and a bluetooth GPS device. I get full UK coverage with postcode nav in around 200MB including all UK speedcameras, all read to me by John Cleese's voice. Invaluable.
* Windows Media 10 ROM update - use MP3s as ringtones etc.
* Opera Mobile - until MiniMo comes out, the best browser. Pocket IE is practically unusable. I've had loads of smartphones and this one is far and away the best I've used. Only a bigger screen and wifi could improve it - it's very much phone form factor rather than PDA.
does songbird do anything cool like add itunes-like features to generic usb bulk storage mp3 players? automatic upload of playlists, automatic download and transfer of podcasts, etc? now THAT would be cool and remove the few points that tie me to itunes/ipod at the moment...
whilst you're at it, you should take some responsibility for the power in the building, and perhaps the cleaning the toilets: after all, you know something about those activities, too...
1) excessive restrictions are bad
2) excessive support calls are bad
3) your network being compromised or going Foom! is bad
4) restricting some areas of a client PC reduces likelihood of users messing with stuff on their client that will need fixing
5) restricting some areas of a client PC reduces likelihood of users messing with stuff that will threaten the integrity of the network
it's all about balance. IT are there to do a job, just like you are.
Let's take one example: users at our site being irritated they can't change their screensaver from a dull Win2K screenlock to pretty fishes. Sounds petty? It's there because it turns out we have a legal requirement to lock unattended workstations to show due diligence in security - we work in a very tightly regulated industry.
This doesn't mean that you should lock down *every last thing* though - if it can't cause harm or there's a business case for it, let them have it. If you're not sure, don't allow it until a business case has been made.
local admin can still be restricted by group policy in the windows world. our users can crack local admin, but they still have account restrictions that stop them doing anything *really* bad that might threaten the integrity of our network.
it's not what you think you know, it's what you're responsible for. Your IT department are responsible for the integrity of the IT systems. Someone who works in a lab but likes tinkering may have knowledge about the IT systems, but they're not responsible for them: it's not their job.
You locked them out of your lab PCs? Is this like the classic "You're Fired", "You can't fire me, I resign!" conversation?
if what you're advocating is that every individual department is allowed to break away from the main network, setup their own infrastructure, and service it any way they like, then it's a dangerous road to go down. sure, it may appeal to the freedom-loving geek in you, but it has a lot of downsides: no economies of scale (e.g. licencing, helpdesk, etc), difficulty in communication across departments, loss of standardisation etc. all this probably *doesn't* translate into a lower Total Cost of Ownership. I appreciate you're in an academic setting so you don't have a requirement to maximise shareholder revenue, etc, but chances are you're still on a constrained budget and so cost *will* be a factor...
"Since when was it illegal to share your network connection with someone? Last I have heard there was an entire industry devoted to the service. They are called Internet Service Provider."
You are confusing technically possible and legal. Chances are, your ISP made you agree to a contract where you don't sublet your connection. Otherwise, blocks of flats would have one guy paying the bill and everyone else piggybacking on it. It's illegal as in you-signed-a-contract-saying-you-wouldn't-do-it, not illegal as in it's a separate offence in itself.
any phone that runs either windows mobile 5, or windows mobile 2003SE will do the job admirably. I run an Orange SPV C500, which is the same as an HTC Typhoon. You can get these for around 50UKP unlocked on ebay. The best bit about it is the Exchange synch...oh, and I run TomTom mobile sat nav on it too, via a BT GPS unit.
...stopped them.
who do you sue if an expert system advises something that has an adverse event?
Of course I do: but getting owned by having port 80 open sounds kind of familiar, yes? Oh and IIS isn't expensive. Sure, it could be poorly secured Apache...
No it isn't. They don't accept liability, which is fine, because we test systems down to the minutest detail ourselves and accept liability for the system as a whole, not just the OS.
You don't learn on the job whilst installing MRI scanners, for a start.
1) OP states port 80 and 9999 (or similar) are the only 2 ports open, and his boxes are getting owned
2) I posit that most likely vector is via port 80, which is usually used for running a webserver. given he's moaning about windows here it's quite likely it's IIS. not definite, mind, but it's a good guess.
Changing hardware on a Windows system is a dicey proposition at best. It's very typical to see Windows barf after spending 20 minutes at a "New Hardware Found" prompt and three reboots before bombing into uselessness.
This is bollocks, pure and simple. If you know what you're doing you can slipstream whatever drivers and patches you want into a Windows install: one reboot at the end and you're done. Takes me about 15 mins to crank out corporate images here for any of our hardware, and during that time the only interaction needed from me is to type in the asset tag of the PC.
1) bollocks
. this is security camera footage? you're running it on something on a public subnet? why not use ipsec?
2) if you've got access to a datacenter you could plug your toaster into a rack power strip too, and trip the fuse, bringing down a server BUT YOU'D RIGHTLY BE CANNED FOR BEING A DUMBASS if you did.
1) it's perfectly possible to secure windows in such a way as to run a webserver. this is common sense
2) it would appear that the whole problem is he's got port 80 open (i.e. running a webserver) and is getting hosed by the usual exploits for IIS etc.
3) what he needs to do is clean the system, patch the system and *then* connect it back to the internet with appropriate hardening
4) profit
there's a huge number of safety-critical medical systems based on windows. this is not a problem at all, provided you take proper precautions - isolate machines where appropriate, ensure they're secure - etc.
speaking as someone who does this for a living, if you don't know what a 510 is, you shouldn't be messing with stuff you don't understand as when you get audited it'll be *you* they come looking for with burning torches...