I have worked in a variety of offices and have to say that I love the mixture of privacy (head down gettingon with it) and sociability (hanging around chatting)offered by full-height cubes.
The UK is very keen on open plan, and it's just too distracting for me. On the other hand being shut in an office seems too isolated.
The only thing I do like about cubes is the way they look when you walk into the room (like pig sty's).
My three rules for good cube life are:
1. Customise the lighting. 2. Customise the space. 3. Get some extra entertainment.
I always kill the overhead lights, in the UK anything less than 50Watts per square metre seems to be impossible, so turn the tubes by 90 degrees or use an air pistol to take them out.
Pin-ups are a must, family, hobbies, flags, etc etc... I have seen water scupltures, fish tanks (very nice fresh water fish), CD libraries (of the musical kind) the list is endless. In fact it was always a pleasure to see how people personalised their own space.
A Hi-Fi is a must, preferably valve driven, but whatever it is make it bigger than the ipod.
Finally lighting. Having killed the overhead lights, some nice subtle ikea desk lighting. I know someone that had a full standard uplighter.
Would I swap my open plan office for a cube... yes all day every day.
Again we get back to the basic security facts that are: If you have a copy of the secret used to access the data, then anyone who can impersonate you also has that secret. This digital vault product punted by these people is total snake oil. The only way you can have a machine that has security for service account credentials is a hardware secret store and even that only changes the problem to being how to protect you hardware secret store interface. In the end you would be better spending your money on other ways to protect your data.
I might be wrong but don't all records once expired always get resolved by the root's? The only way a request does not reach the root is when it is answered by a cache "en-route".
The only attacks I have heard about on the roots lasted a short time and hence not much had time to expire. To my knowlege there is no way to protect the root servers from a concerted attack. There is after all no restriction on where requests from the root servers are made. Flooding them with legitimate requests from enough hosts would reduce updates to the caches.
I belive that the expire time is potentialy huge, but the BIND handbook suggests 12 hours so I think the possibility of a sucessful attack based upon DNS is very real.
Please tell me I am talking bollocks, because I'd hate to be right.
DNS always strikes me as the weak point in the internet for the following reasons.
1. It relies on a small number of root servers to provide authority.
2. It runs over a connectionless protocol UDP.
3. It passes through a lot of firewalls with little or zero inspection.
My disaster scenario looks like this.
1. Someone looks for a hole in a common DNS library on a common platform (gethostbyname or similar on W*ndows) and finds an exploit that exposes the listening socket to attack.
This works because: Machines that are connected to the net are making constant DNS requests so that the return sockets are frequently open. Also by the very nature of DNS replies can come from anywhere and ether spoof the source address or just pretend to be a root server.
2. Flood the DNS root servers for a period of time greater than 24 hours so that the DNS records of all domains expire.
To be honest you don't need (2.), you just need a good exploit (like slammer). The key is to take out DNS for over 24 hours and watch things grind to a halt.
you appear to have issues
were you breast fed as a child?
in 14 words you have revealed your true self, and I'm amazed that you can type so well with one hand.
About 10 years ago I was working on a product that used 200 Amp IGBT's for a traction drive. I spent about a month researching the thermal circuits used to cool these devices.
The conclusion: The best thermal contact is metal to metal. The best way of acheiving this is by "lapping" the contact area's together with a fine abrasive. Once your have done this the application of a minute amount of thermal grease improves conductivity by less than 0.5%. We also discovered that applying more than a fine film or grease significantly decreased the conductivity (10% or more).
Slashdot Mirror
I have worked in a variety of offices and have to say that I love the mixture of privacy (head down gettingon with it) and sociability (hanging around chatting)offered by full-height cubes.
The UK is very keen on open plan, and it's just too distracting for me. On the other hand being shut in an office seems too isolated.
The only thing I do like about cubes is the way they look when you walk into the room (like pig sty's).
My three rules for good cube life are:
1. Customise the lighting.
2. Customise the space.
3. Get some extra entertainment.
I always kill the overhead lights, in the UK anything less than 50Watts per square metre seems to be impossible, so turn the tubes by 90 degrees or use an air pistol to take them out.
Pin-ups are a must, family, hobbies, flags, etc etc... I have seen water scupltures, fish tanks (very nice fresh water fish), CD libraries (of the musical kind) the list is endless. In fact it was always a pleasure to see how people personalised their own space.
A Hi-Fi is a must, preferably valve driven, but whatever it is make it bigger than the ipod.
Finally lighting. Having killed the overhead lights, some nice subtle ikea desk lighting. I know someone that had a full standard uplighter.
Would I swap my open plan office for a cube... yes all day every day.
Again we get back to the basic security facts that are: If you have a copy of the secret used to access the data, then anyone who can impersonate you also has that secret. This digital vault product punted by these people is total snake oil. The only way you can have a machine that has security for service account credentials is a hardware secret store and even that only changes the problem to being how to protect you hardware secret store interface. In the end you would be better spending your money on other ways to protect your data.
I might be wrong but don't all records once expired always get resolved by the root's? The only way a request does not reach the root is when it is answered by a cache "en-route". The only attacks I have heard about on the roots lasted a short time and hence not much had time to expire. To my knowlege there is no way to protect the root servers from a concerted attack. There is after all no restriction on where requests from the root servers are made. Flooding them with legitimate requests from enough hosts would reduce updates to the caches. I belive that the expire time is potentialy huge, but the BIND handbook suggests 12 hours so I think the possibility of a sucessful attack based upon DNS is very real. Please tell me I am talking bollocks, because I'd hate to be right.
DNS always strikes me as the weak point in the internet for the following reasons. 1. It relies on a small number of root servers to provide authority. 2. It runs over a connectionless protocol UDP. 3. It passes through a lot of firewalls with little or zero inspection. My disaster scenario looks like this. 1. Someone looks for a hole in a common DNS library on a common platform (gethostbyname or similar on W*ndows) and finds an exploit that exposes the listening socket to attack. This works because: Machines that are connected to the net are making constant DNS requests so that the return sockets are frequently open. Also by the very nature of DNS replies can come from anywhere and ether spoof the source address or just pretend to be a root server. 2. Flood the DNS root servers for a period of time greater than 24 hours so that the DNS records of all domains expire. To be honest you don't need (2.), you just need a good exploit (like slammer). The key is to take out DNS for over 24 hours and watch things grind to a halt.
http://www.aardvark.co.nz/pjet/gokart.htm
you appear to have issues were you breast fed as a child? in 14 words you have revealed your true self, and I'm amazed that you can type so well with one hand.
About 10 years ago I was working on a product that used 200 Amp IGBT's for a traction drive. I spent about a month researching the thermal circuits used to cool these devices.
The conclusion: The best thermal contact is metal to metal. The best way of acheiving this is by "lapping" the contact area's together with a fine abrasive. Once your have done this the application of a minute amount of thermal grease improves conductivity by less than 0.5%. We also discovered that applying more than a fine film or grease significantly decreased the conductivity (10% or more).
Lay off the grease!