I got to wear an iPod mini at MacWorld, and it's hard to know just how small and light they are until you hold one yourself. They are SMALL and LIGHT. Maybe us geeks don't mind walking around batman-utility-belt style, but there are many people that would consider an original iPod to be way too huge that will now consider an iPod mini.
I didn't think much of the arm strap though. Maybe it's just me, but it seemed to keep sliding around on me with just walking around. During a workout it seems like the band would slide a lot.
Yeah, I see a lot of people stuck like that with insecure POP, and a lot of people who use the same password for their home account (which is almost always POP only) as they do for their work account. Bad bad bad.
One thing you could do, if you want to be a bit more secure, is to port forward port 110 using SSH to a server at home. Your POP password is still going out in the clear then, but it's going in the clear from your house, which is presumably more secure that going out over open wireless.
Please change the damned default SSID that was configured on your AP
A funny aside:
I was in Park City visiting friends over the holidays. The ISP for the friend that I was staying at went out of business, so I walked around the house looking for another wireless AP.
At one corner of the house, I find one, and the name is the first initial and last name of the person running it. It's not running with any security so I'm able to hop onto the net. So, I feed in his first initial and last name and "park city" into google (on his own wireless, even) and google gives me his home address and phone number.
I felt like calling him to thank him for the free wireless access.:)
I've had some fun sniffing the network around the office, around town, and at O'Reilly OSXCon, and I think the biggest security risk I see on wireless networks are plaintext POP passwords going out in-the-clear.
It's amazing how many people who should know better are still using plain POP for grabbing their mail. Since most mail client recheck for mail every few minutes, it's quite simple to grab passwords. Using those password, a hacker can then try the same password to enter the network, read the person's e-mail to do subsequent social engineering, or just fish around the person's e-mail for interesting information.
The second thing I think most people don't realize is that on a standard wireless network all the HTTP url's they are surfing to with a web browser are public. This may not be a security risk, but companies also may not want a hacker in the parking lot to know that a server named secretinternaldata.mycompany.com exists.
I set up an SSH tunnel from my laptop to my squid proxy at home just for fun to see if I could fix the issue. It worked well, but of course it's not something the average end-user with a laptop on wireless could manage.
I saw Berkeley and Intel also present on this technology at O'Reilly's Emerging Technology Conference in 2003. The presentation synopsis is here, although the presentation sadly is not:
They are doing amazing sci-fi type stuff with their Motes already, it was a pretty amazing presentation, touching on swarm behavior, conspiracy theories, technical deployment issues, and just plain good-old fun hackery. The wired article really should have mentioned that serious hobbyists can purchase a mote starter kit and other stuff here:
Note that there is a classroom starter kit. I would think this sort of stuff would get high-schoolers really excited about science. A great stocking stuffer for your local high-school (although at $1,000 or more maybe a little out of my budget).
1.) They DO require LPI Level 1 to be eligable for your CLE. They do not accept Comptia's Linux+ as they have said that it isn't open and impartial as LPI is, and they are deciding if RHCEs will be able to waive the LPI requirement.
No they don't. From the FAQ on the linked web page from the story: Novell recommends that you take the courses that prepare you for the Linux Professional Institute Certification (LPIC) level 1 to obtain the baseline knowledge that will best ready you for the course on Novell Services.
It appears the poster has confused this with the Novell Certified Linux Engineer study course, and his general impression is that he has some kind of anger at the lack of developement behind Novell's certification proposal.
Huh? This story *is* about the Novell Certified Linux Engineer course and certification. I think you're the confused one. It clearly states in the FAQ on the Novell website that LPI certification and classes are not required for the class or the test, but they are recommended.
You should check your facts before you call someone "wrong on so many levels." Again, my point is that Novell is calling someone a "Certified Linux Engineer" when all they are really testing the person on is their ability to install Novell's Linux-based products on Linux. It's kind of like Oracle teaching someone to install Oracle on Windows 2003 and calling the certification the "Oracle Certified Windows 2003 Engineer".
I agree than some PHBs (or maybe Pointy Haired People Who Hire Consultants) are clueless when it comes to what certs are good and bad, I do thing that in the IT industry people generally know the quality certification from the low-quality ones. I think most people now know that there are a lot of Paper MCSEs and CNEs out there, and they don't look for just that cert when hiring a consultant.
So, the problem with this certification from Novell is that it's called a Certified Linux Engineer, but it doesn't require any knowledge at all of the two Linux distributions that they now own. Also, this is really just one five-day class on a Novell product, not a whole certification track, so it kind of cheapens the entire value of the CxE certification for the whole CNE installed base.
So, even as a door-opener, I think this cert is badly positioned.
Novell had a Internet track to the CNE years ago, back in the days when Netscape Enterprise Web Server ran on Netware. The classes were horrible and I feel bad for anyone that paid to take them.
It appears from the website that this is just a single 5-day course on Novell Nterprise Services for Linux (Netware File and Print and Directory Services running on Linux), not a course on SuSE or Ximian. They suggest (but do not require) that you get a LPI certification first before taking the class.
It's kind of a stretch that they are calling this a Certified Linux Engineer, since there is no actual Linux training involved, just training on Novell's product running on Linux. In fact, the course material says that you should know Linux before taking the course.
So, unfortunately this seems like yet another empty certification, and shame on Novell for calling someone a Certified Linux Engineer when all they did was take a 5-day course on one of Novell's Linux products.
The server configuration feature is similar, but it isn't directly related to the DHCP security issue. The server configuration is specifically for cluster-type configurations where you want a server to boot up with a basic configuration automatically. You can also load the configuration from a file via a USB keychain or even an iPod. It's just a small XML file with all the configuration info.
Theoretically a hacker could exploit this as a "security" hole, but they would need to set up a local LDAP server to give out the configuration, and they would need to reboot the Xserves. They could just as easily go up to the Xserve and reload the OS from CD.
With the search on "warlock records" now, google gets better results, but actually filters out completely the Warlock Records home page that I used for the demo search! I guess filtering sites that include the phrase in their URL might be a bad idea.:)
Overall, the new results in the search have excluded a few search honeypot sites, but since the new search is now excluding the direct link to the record label, the search results are worse, not better, under the new system.
I generally like alltheweb's results better after a few weeks of using it. I think it's kind of a OSX vs. Windows thing. Since alltheweb isn't the most popular search engine, it isn't targeted by the search engine spammers and thus your results are generally better.
Actually, you're not *quite* right, but you're close.
Mac OSX Server comes with an unlimited client license with each Xserve (1U rackmount G4 server). There is also a stripped down Xserve cluster node specifically for clustering that comes with a 10-client copy of OSX Server.
You can also purchase OSX Server and install it on a G4 or G5 tower, or heck, even an iMac. It's $999 for unlimited clients and $499 for 1-10 clients. The unlimited version is not limited in any way under samba or otherwise. Unlimited means unlimited.
For support, you can purchase Applecare for the Xserve, which is basically a 3-year extended warranty, for $999. This doesn't cover configuration and installation. Frankly, OSX Server is easy enough to set up that I think a typical customer's best bet is to try to set it up themselves and then call support per-incident (I think $400 per incident).
But, for large companies there is also a cool new program for direct tech-to-tech helpdesk support. This costs $2,799 and provides two contacts for calling Apple, plus a quarterly collection of software tools. It's a really good deal for large customers.
OSX Server is really great. You get the power of BSD with the nice friendly Apple GUI on top for user management and such.
I agree with your points. In my experience, people want:
Either an integrated mail/calendar app or at least a mail and calendar app that play well together and at least look similar.
Good shared calendaring, meaning: busy search, proxy access for team members and secretaries, the ability to mark items private, and the ability to roll everything up into a nice-looking group calendar.
Offline access for laptop-based executives (and other employees, but the execs are the squeaky wheels)
I have looked around, and there really isn't anything that I see that fits the bill. The nice calendar solutions that I see out there are all web-based, so remote access is out.
By the way, I really like phpicalendar http://phpicalendar.sourceforge.net/nuke/ for a web-based ical display app.
Some people don't need all those features I listed, and they are the ones who are good for a linux, BSD, or OSX conversion, but it's hard to take away functionality from users that are used to having it.
Yeah, I think you hit the nail on the head with what I was thinking with laptop support. Now, there's no reason why a company couldn't go with Powerbooks on the laptop and go with cheap IBM desktops running linux, it's just a question of how many platforms a company wants to support.
I'm biased, but it seems to me that for the small price difference between an Apple with OSX and a linux desktop, an enterprise customer is probably better off with Apple. With OSX, they get:
Standardized, supported hardware with real enterprise support contracts available
A large base of consultants to choose from
A good desktop and laptop solution. Does IBM support Linux on their laptops this week? Which models?
The ability to run Microsoft Office, Open Office, and most other open source productivity packages
The ability to centrally manage authentication and workstation management using OSX server
The list goes on from there. A base model 17" eMac, which is perfectly suited to the average productivity worker, is only $799. Bump the RAM up to 256MB for a few dollars more and you're done, it will all work right out of the box.
Compared to the pain of getting a Linux system up and running and then supporting it, going Apple seems like a no-brainer in enterprise IT environments.
TIM 3.0 ended up working great under XP, and I'm having great fun playing it now. All I had to do was use Properties/Compatibility to set timwin.exe to win95 compatibility and it ran fine. No need to install it, just run the executable.
Couldn't get TIM 1.0 going, I just get the Sierra logo and it freezes. I'm happy with 3.0 though.
I found most of the "Incredible Machine" series available for download at The Underdogs (a great site for info/downloads of old games).
I haven't tried to install any of them yet, but I grabbed v3.0 and the original. Getting old DOS games to run under XP can be tricky, but there is always DOSEMU, which usually works. There are some tips on the site if you have trouble.
Heh, you're oversimplifying a bit, mr. anonymous coward.
Actually, I was technically part of sales, not part of marketing, so your blame is a bit misdirected.:) It's easy to blame marketing in novell as a problem, but actually there were times that the marketing was decent. If I had to pin my finger on anything, I'd say bad product direction and strategy were the biggest problem there.
While I was there, product management and engineering were reorganized at least three times, and there was never a good overall research or strategy group. Because of that, actual new and interesting product in a new space were few and far between.
I don't regret my time there. I worked for a large software company doing fun stuff, and generally worked with good people. Novell still does about a billion a year in software sales, so *somebody* must be buying it. It's like the Spice Girls though, no one will admit to it.:)
I think you misunderstood my point. My point was that just the mention of someone's help in a readme, or on a mailing list, or other non-physical help is a great motivator for people too.
While the ability to pay for giveaways and sponsor other freebies is an advantage for commercial software companies, I see Linux User's Groups getting similar sorts of free stuff from hardware vendors, and I see no shortage of Linux related freebies at conferences.
In the BSD world, I know a couple people that are BSD committers, and they are held in respect by others in the BSD world. Just that is a powerful motivator for them.
So, what I'm saying is that corporate software companies should emulate the free software world and give more people outlets for contributing articles, white papers, and code without reviews from the marketing or legal departments.
Giveaways are nice too, and it all adds up when you're going for a "network effect", so your point is still a good one. And yes, people *do* do crazy amounts of work for just a little recognition and some freebies. Look at the Microsoft MVP program, for example.
I worked as an evangelist for Novell, and, while I think Mr. Plamondon makes some good points, I agree with Micah Alpern that war analogies aren't necessarily the right ones. Also, I would think Mr. Plamondon would be more marketing-savvy than to refer to people that are helping him as "pawns". Chess analogy or not, it's not exactly a postitive signal to be sending out to people doing your work for you.:)
One very good point he makes is the idea of empowering other people to create materials about the technology you are evangelizing. It was amazing to me that I could get a lot of high quality help out of people for just a little public recognition, or some free software, or a nice gadget. People like to feel like they are helping with things that they feel passionately about. Heck, that's one of the reasons why the Linux movement has done so well, since just about anyone can dive in and start contributing in some way.
The problem I always experienced was from internal groups who were afraid of losing control of the corporate image. For example, we talked a lot about providing open forums and community sites for end users and consultants to share their solutions. This ended up being a series of communities we called CoolSolutions. But the actual code and solutions that people wrote went through a gauntlet of legal and marketing people, and it really wasn't an "open" community, it was all carefully screened.
The book "The Cluetrain Manifesto" talks a lot about these issues with large companies afraid to give up control. I think the right thing to do is for companies to loosly try to encourage an "ecosystem" around their technologies that then becomes self supporting. In this sense, they are practicing biomimicry in the form of crop diversity. You could think of internal PR and marketing departments as monocrops that are very susceptible to a single bad link, such as a sucky chief marketing officer. Diversity is good, and a product evangelism is one role that can encourage corporate "crop" diversity.
As an aside, I'm currently looking for a job. So if anyone in management read this and said, "product evangelists? I've gotta get me one of those!", then you can get to my resume here. or e-mail me at twid @ projectjellybean.com. I don't smell, I brush my teeth several times a day, I have no open oozing wounds, and I'm great fun at parties.
Or at least a compromise solution. In half-life, as you can see if you ever try out ogc, every player client knows where every player is at all times on the map, what their health is, and what weapon they are carrying.
Perhaps the game could server-side clip things outside of a minimum radius, and let the client handle the hard work of close-up clipping. That way, at least the ogc'ers couldn't see everything.
I'm sure some game designer is gonna give me a slap-down, but it sounds good.:)
One issue, as I see it, is the architecture of the game servers themselves. Half-Life, for example, feeds information about the location of all players on the entire map to the client. You can add all the signing and checking of client side binaries that you want, but someone is going to figure out a way to creatively intercept that data if it is there.
The long-term solution is to just not have the data there. While it would be more work on the CPU to make the game engine instantly draw a character on-screen from no previous information, I would think most multiplayer gamers would give up a few FPS to play cheat-free.
I'm not familar with any back-end changes for games like HL2 and Doom3. Is anyone out there thinking of this? It just seems common sense. If people are exploiting data, just remove the data.
Slashdot Mirror
You make a good point.
I got to wear an iPod mini at MacWorld, and it's hard to know just how small and light they are until you hold one yourself. They are SMALL and LIGHT. Maybe us geeks don't mind walking around batman-utility-belt style, but there are many people that would consider an original iPod to be way too huge that will now consider an iPod mini.
I didn't think much of the arm strap though. Maybe it's just me, but it seemed to keep sliding around on me with just walking around. During a workout it seems like the band would slide a lot.
Yeah, I see a lot of people stuck like that with insecure POP, and a lot of people who use the same password for their home account (which is almost always POP only) as they do for their work account. Bad bad bad.
One thing you could do, if you want to be a bit more secure, is to port forward port 110 using SSH to a server at home. Your POP password is still going out in the clear then, but it's going in the clear from your house, which is presumably more secure that going out over open wireless.
the tunnel would be something like this:
ssh -L 110:www.yourhomeserver.com:110 -f -N yourname@www.yourhomeserver.com
Here's a howto that goes into a little more depth.
Please change the damned default SSID that was configured on your AP
:)
A funny aside:
I was in Park City visiting friends over the holidays. The ISP for the friend that I was staying at went out of business, so I walked around the house looking for another wireless AP.
At one corner of the house, I find one, and the name is the first initial and last name of the person running it. It's not running with any security so I'm able to hop onto the net. So, I feed in his first initial and last name and "park city" into google (on his own wireless, even) and google gives me his home address and phone number.
I felt like calling him to thank him for the free wireless access.
I've had some fun sniffing the network around the office, around town, and at O'Reilly OSXCon, and I think the biggest security risk I see on wireless networks are plaintext POP passwords going out in-the-clear.
.02.
It's amazing how many people who should know better are still using plain POP for grabbing their mail. Since most mail client recheck for mail every few minutes, it's quite simple to grab passwords. Using those password, a hacker can then try the same password to enter the network, read the person's e-mail to do subsequent social engineering, or just fish around the person's e-mail for interesting information.
The second thing I think most people don't realize is that on a standard wireless network all the HTTP url's they are surfing to with a web browser are public. This may not be a security risk, but companies also may not want a hacker in the parking lot to know that a server named secretinternaldata.mycompany.com exists.
I set up an SSH tunnel from my laptop to my squid proxy at home just for fun to see if I could fix the issue. It worked well, but of course it's not something the average end-user with a laptop on wireless could manage.
Anyway, that's my
You are correct, my mistake. More correctly, I should have said that the training doesn't involve SuSE or Ximian at all.
I saw Berkeley and Intel also present on this technology at O'Reilly's Emerging Technology Conference in 2003. The presentation synopsis is here, although the presentation sadly is not:
e _sess/3797
o rks.htm
:)
http://conferences.oreillynet.com/cs/et2003/view/
They are doing amazing sci-fi type stuff with their Motes already, it was a pretty amazing presentation, touching on swarm behavior, conspiracy theories, technical deployment issues, and just plain good-old fun hackery. The wired article really should have mentioned that serious hobbyists can purchase a mote starter kit and other stuff here:
http://www.xbow.com/Products/Wireless_Sensor_Netw
Note that there is a classroom starter kit. I would think this sort of stuff would get high-schoolers really excited about science. A great stocking stuffer for your local high-school (although at $1,000 or more maybe a little out of my budget).
Imagine a Beowulf cluster of..... never mind.
1.) They DO require LPI Level 1 to be eligable for your CLE. They do not accept Comptia's Linux+ as they have said that it isn't open and impartial as LPI is, and they are deciding if RHCEs will be able to waive the LPI requirement.
No they don't. From the FAQ on the linked web page from the story:
Novell recommends that you take the courses that prepare you for the Linux Professional Institute Certification (LPIC) level 1 to obtain the baseline knowledge that will best ready you for the course on Novell Services.
It appears the poster has confused this with the Novell Certified Linux Engineer study course, and his general impression is that he has some kind of anger at the lack of developement behind Novell's certification proposal.
Huh? This story *is* about the Novell Certified Linux Engineer course and certification. I think you're the confused one. It clearly states in the FAQ on the Novell website that LPI certification and classes are not required for the class or the test, but they are recommended.
You should check your facts before you call someone "wrong on so many levels." Again, my point is that Novell is calling someone a "Certified Linux Engineer" when all they are really testing the person on is their ability to install Novell's Linux-based products on Linux. It's kind of like Oracle teaching someone to install Oracle on Windows 2003 and calling the certification the "Oracle Certified Windows 2003 Engineer".
I agree than some PHBs (or maybe Pointy Haired People Who Hire Consultants) are clueless when it comes to what certs are good and bad, I do thing that in the IT industry people generally know the quality certification from the low-quality ones. I think most people now know that there are a lot of Paper MCSEs and CNEs out there, and they don't look for just that cert when hiring a consultant.
So, the problem with this certification from Novell is that it's called a Certified Linux Engineer, but it doesn't require any knowledge at all of the two Linux distributions that they now own. Also, this is really just one five-day class on a Novell product, not a whole certification track, so it kind of cheapens the entire value of the CxE certification for the whole CNE installed base.
So, even as a door-opener, I think this cert is badly positioned.
Novell had a Internet track to the CNE years ago, back in the days when Netscape Enterprise Web Server ran on Netware. The classes were horrible and I feel bad for anyone that paid to take them.
It appears from the website that this is just a single 5-day course on Novell Nterprise Services for Linux (Netware File and Print and Directory Services running on Linux), not a course on SuSE or Ximian. They suggest (but do not require) that you get a LPI certification first before taking the class.
It's kind of a stretch that they are calling this a Certified Linux Engineer, since there is no actual Linux training involved, just training on Novell's product running on Linux. In fact, the course material says that you should know Linux before taking the course.
So, unfortunately this seems like yet another empty certification, and shame on Novell for calling someone a Certified Linux Engineer when all they did was take a 5-day course on one of Novell's Linux products.
The server configuration feature is similar, but it isn't directly related to the DHCP security issue. The server configuration is specifically for cluster-type configurations where you want a server to boot up with a basic configuration automatically. You can also load the configuration from a file via a USB keychain or even an iPod. It's just a small XML file with all the configuration info.
Theoretically a hacker could exploit this as a "security" hole, but they would need to set up a local LDAP server to give out the configuration, and they would need to reboot the Xserves. They could just as easily go up to the Xserve and reload the OS from CD.
Not to cross the threads, but if he did two of these, would they be X-Boxen?
If someone could post a complete linguistic analysis leading to a 100-post flamewar, that would be nice.
Thanks.
oh please, I was a late poster and I haven't even been modded up. If I wanted to karma whore I could do better than that (and have!). :)
I blogged a short article about this back in October:
:)
http://twid.livejournal.com/72781.html
With the search on "warlock records" now, google gets better results, but actually filters out completely the Warlock Records home page that I used for the demo search! I guess filtering sites that include the phrase in their URL might be a bad idea.
Overall, the new results in the search have excluded a few search honeypot sites, but since the new search is now excluding the direct link to the record label, the search results are worse, not better, under the new system.
I generally like alltheweb's results better after a few weeks of using it. I think it's kind of a OSX vs. Windows thing. Since alltheweb isn't the most popular search engine, it isn't targeted by the search engine spammers and thus your results are generally better.
Actually, you're not *quite* right, but you're close.
Mac OSX Server comes with an unlimited client license with each Xserve (1U rackmount G4 server). There is also a stripped down Xserve cluster node specifically for clustering that comes with a 10-client copy of OSX Server.
You can also purchase OSX Server and install it on a G4 or G5 tower, or heck, even an iMac. It's $999 for unlimited clients and $499 for 1-10 clients. The unlimited version is not limited in any way under samba or otherwise. Unlimited means unlimited.
For support, you can purchase Applecare for the Xserve, which is basically a 3-year extended warranty, for $999. This doesn't cover configuration and installation. Frankly, OSX Server is easy enough to set up that I think a typical customer's best bet is to try to set it up themselves and then call support per-incident (I think $400 per incident).
But, for large companies there is also a cool new program for direct tech-to-tech helpdesk support. This costs $2,799 and provides two contacts for calling Apple, plus a quarterly collection of software tools. It's a really good deal for large customers.
OSX Server is really great. You get the power of BSD with the nice friendly Apple GUI on top for user management and such.
I have looked around, and there really isn't anything that I see that fits the bill. The nice calendar solutions that I see out there are all web-based, so remote access is out.
By the way, I really like phpicalendar http://phpicalendar.sourceforge.net/nuke/ for a web-based ical display app.
Some people don't need all those features I listed, and they are the ones who are good for a linux, BSD, or OSX conversion, but it's hard to take away functionality from users that are used to having it.
Yeah, I think you hit the nail on the head with what I was thinking with laptop support. Now, there's no reason why a company couldn't go with Powerbooks on the laptop and go with cheap IBM desktops running linux, it's just a question of how many platforms a company wants to support.
The list goes on from there. A base model 17" eMac, which is perfectly suited to the average productivity worker, is only $799. Bump the RAM up to 256MB for a few dollars more and you're done, it will all work right out of the box.
Compared to the pain of getting a Linux system up and running and then supporting it, going Apple seems like a no-brainer in enterprise IT environments.
SciAm has run several articles on nanotubes over the years, several are indexed here, along with more general nanotech articles:
http://www.sciam.com/nanotech_directory.cfm
TIM 3.0 ended up working great under XP, and I'm having great fun playing it now. All I had to do was use Properties/Compatibility to set timwin.exe to win95 compatibility and it ran fine. No need to install it, just run the executable.
Couldn't get TIM 1.0 going, I just get the Sierra logo and it freezes. I'm happy with 3.0 though.
I found most of the "Incredible Machine" series available for download at The Underdogs (a great site for info/downloads of old games).
I haven't tried to install any of them yet, but I grabbed v3.0 and the original. Getting old DOS games to run under XP can be tricky, but there is always DOSEMU, which usually works. There are some tips on the site if you have trouble.
Heh, you're oversimplifying a bit, mr. anonymous coward.
Actually, I was technically part of sales, not part of marketing, so your blame is a bit misdirected.
While I was there, product management and engineering were reorganized at least three times, and there was never a good overall research or strategy group. Because of that, actual new and interesting product in a new space were few and far between.
I don't regret my time there. I worked for a large software company doing fun stuff, and generally worked with good people. Novell still does about a billion a year in software sales, so *somebody* must be buying it. It's like the Spice Girls though, no one will admit to it.
I think you misunderstood my point. My point was that just the mention of someone's help in a readme, or on a mailing list, or other non-physical help is a great motivator for people too.
While the ability to pay for giveaways and sponsor other freebies is an advantage for commercial software companies, I see Linux User's Groups getting similar sorts of free stuff from hardware vendors, and I see no shortage of Linux related freebies at conferences.
In the BSD world, I know a couple people that are BSD committers, and they are held in respect by others in the BSD world. Just that is a powerful motivator for them.
So, what I'm saying is that corporate software companies should emulate the free software world and give more people outlets for contributing articles, white papers, and code without reviews from the marketing or legal departments.
Giveaways are nice too, and it all adds up when you're going for a "network effect", so your point is still a good one. And yes, people *do* do crazy amounts of work for just a little recognition and some freebies. Look at the Microsoft MVP program, for example.
I worked as an evangelist for Novell, and, while I think Mr. Plamondon makes some good points, I agree with Micah Alpern that war analogies aren't necessarily the right ones. Also, I would think Mr. Plamondon would be more marketing-savvy than to refer to people that are helping him as "pawns". Chess analogy or not, it's not exactly a postitive signal to be sending out to people doing your work for you. :)
One very good point he makes is the idea of empowering other people to create materials about the technology you are evangelizing. It was amazing to me that I could get a lot of high quality help out of people for just a little public recognition, or some free software, or a nice gadget. People like to feel like they are helping with things that they feel passionately about. Heck, that's one of the reasons why the Linux movement has done so well, since just about anyone can dive in and start contributing in some way.
The problem I always experienced was from internal groups who were afraid of losing control of the corporate image. For example, we talked a lot about providing open forums and community sites for end users and consultants to share their solutions. This ended up being a series of communities we called CoolSolutions. But the actual code and solutions that people wrote went through a gauntlet of legal and marketing people, and it really wasn't an "open" community, it was all carefully screened.
The book "The Cluetrain Manifesto" talks a lot about these issues with large companies afraid to give up control. I think the right thing to do is for companies to loosly try to encourage an "ecosystem" around their technologies that then becomes self supporting. In this sense, they are practicing biomimicry in the form of crop diversity. You could think of internal PR and marketing departments as monocrops that are very susceptible to a single bad link, such as a sucky chief marketing officer. Diversity is good, and a product evangelism is one role that can encourage corporate "crop" diversity.
As an aside, I'm currently looking for a job. So if anyone in management read this and said, "product evangelists? I've gotta get me one of those!", then you can get to my resume here. or e-mail me at twid @ projectjellybean.com. I don't smell, I brush my teeth several times a day, I have no open oozing wounds, and I'm great fun at parties.
Or at least a compromise solution. In half-life, as you can see if you ever try out ogc, every player client knows where every player is at all times on the map, what their health is, and what weapon they are carrying.
Perhaps the game could server-side clip things outside of a minimum radius, and let the client handle the hard work of close-up clipping. That way, at least the ogc'ers couldn't see everything.
I'm sure some game designer is gonna give me a slap-down, but it sounds good.
One issue, as I see it, is the architecture of the game servers themselves. Half-Life, for example, feeds information about the location of all players on the entire map to the client. You can add all the signing and checking of client side binaries that you want, but someone is going to figure out a way to creatively intercept that data if it is there.
The long-term solution is to just not have the data there. While it would be more work on the CPU to make the game engine instantly draw a character on-screen from no previous information, I would think most multiplayer gamers would give up a few FPS to play cheat-free.
I'm not familar with any back-end changes for games like HL2 and Doom3. Is anyone out there thinking of this? It just seems common sense. If people are exploiting data, just remove the data.