solar power in space is a much better alternative that nuclear power.
Depends on where you're at in space. If you're outside of Jupiter's orbit, nukes are the way to go unless you have a few hundred square kilometers of mirrors to concentrate what little sunlight you get. And on Luna, too, nukes make sense. 2 weeks of every month it's dark and cold.
It's much more efficient, cheaper and if the launch fails (which it does on occasion, columbia any1?) then we won't risk blowing a nuke
They don't launch plutonium reactors or anything like that, they use radioactive isotope generators that act more like tea kettles and stop producing heat in what, 10, 15 years? They don't blow up.
Besides, it had a well-known small thermal exhaust port
It was only well-known because many Bothans died to bring us that information.
Ah, but the Emperor allowed the information to leak out in order to sucker the Rebel fleet into attacking in force that fully armed and operational death star...
This is true, if you don't want your employees to be productive beyond the 6 apps you've installed for them.. but if you want them to actually be able to use the wide variety of open source applications that are available then clearly they need to be able to run a package manager and install new apps. This basically means giving them root.
Let them screw around with package managers on their own time and their home machines. Letting users screw around with root access on a production machine is just asking for trouble. These machines belong to the company, not the user.
One of my clients demanded all his employees have administrator/superuser access on the company server. I told him no way, and why that was a bad idea. He insisted. I wrote him out a bill on the spot for time and services rendered, and gave him the number of a competitor with even less of a sense of humor than I have, then told him he'd be calling his new consultant on a daily basis as various users hosed their workstations and his servers. I also advised him to make sure the new consultant set him up with a damned good backup solution, he'd need it. Two days later, their new consultant called me up to bitch at me. I told him, 'Hey, consider it job security and charge 'em triple.'.
I like this version better: No system is foolproof, because fools are fiendishly clever.
The problem with making things idiot proof is you generate a better class of idiot.
As to the problem at hand, there are tons of things you can do to keep users out of trouble. Biggest one is, keep them from accessing sudo. Easiest way to do that is, create an 'admin' account on the machine before generating user accounts. Only the first user account on a Ubuntu machine has sudo access automagically. Additional users need to be added manually to the sudo group. Remove any and all software that you don't need. What those software pieces are would depend on your application. Then add the necessary maintanance scripting run as cron jobs, things like apt. Edit the/etc/apt/sources.list to restrict repositories. What I'd do then is, recut a master CD using Ubuntu Customisation Kit so you have a 'standard' install, and set up an inhouse repository for updates, fed from the inhouse server. Since the workstations only look at the inhouse repository, they should only be able to install from the local server. And if they're locked away from apt, that shouldn't be a problem.
And that stops users from downloading and running applications how?
By blocking them out of root access, they can't download a package like a.deb or an.rpm & install it. If they somehow manage to figure out how to download and compile a tarball, all they can install it to is their own home directory. I'd say, best way to do it is make sure they don't have compiler access. So, take them out of the sudo users group.
You RAR it when you want to password it. Like, pr0n, ya know. The pr0n with the nasty-assed viruses that chew up your computer til it turns into a doorstop that no amount of reformatting and reinstalling will fix.
If I own a building and advertise it as a place where people can show up to trade things -- sort of a bazaar or flea market -- you can bet that at least a few of the people who show up will be looking to deal or score drugs. Does that mean that I, as the owner of the building, am responsible for that?
Depends. If it was in Cleveland in the mid to late 90's, yeah, the city would sieze the property in a heartbeat, board it up, tear it down, then sell it to some developer who had his hand up one or more Councillman's ass.
Comparing an envelope to encryption is plain stupid.
Look up the original intention of the envelope sometime. It was developed to keep prying eyes from the contents thereof, and sealed in wax with a signet ring, thus providing evidence of tampering, much like modern encryption. Thus, the envelope paradigm is valid.
An envelope serves many other purposes besides concealing information, such as keeping multiple objects/papers together without getting separated or lost (which encryption has no comparative function), protects the letter from damage, (which encryption has no comparative function)
On my planet, several decades ago, they created two items that take care of these functions. They are, respectively, the stapler and the manilla folder. Perhaps I should come to your planet to trade these items? Precious metals only, please, payable on delivery.
Oh, and I want a monopoly on these products.
If the post office would accept papers of any size/shape for delivery then people may very well just start sending full sheets of paper without envelopes if it had any practical benefit such as only paying the postcard rate (about half that of a letter).
I once superglued a brick to one of those 'business reply' cards that said 'postage paid' and mailed it. Never heard from that particular company again, which is why I did it. That was in like, 1971 or earlier, maybe 1969...
Further, I never said encryption likely means you are a criminal.
100% of the uses of unbreakable, untraceable encryption I can think of are illegal.
So the 5 or 6 gigs of heavily encrypted data I'm keeping for a client of mine is 'illegal'? Funny, they told me it was a backup of a database containing medical and financial records for a collections agency. They asked me to store a copy after somebody burned down their office. I'm their IT guy. And I don't have the key. And yes, I signed an NDA, and I'm bonded.
When you start geting gbs and tbs of encrypted data, that screams of audio/visual data.
Or an offsite backup of heavily encrypted commercial information that you have no right to look at. Nor do the various government agencies without a warrant or going through proper channels. After losing their primary servers in the fire and nearly losing their backups, they decided on an offsite backup program. I set the software and scripts up, called the office manager over to the terminal, had him type in the passwords he wanted to use and write them down to put in an envelope to go to the lawyer's office safe just in case something happened to him. Worst case scenario, they lose 1 day of production, as the DVD is burned first thing in the morning for sneakering out to me.
In summary, you're an idiot.
Has your Party of choice issued you your Party secret decoder ring, Party weapon, and Party-approved shirt yet? Still cashing those Party paychecks?
Sure it does. You're saying I only need strong crypto if I'm doing criminal acts. By putting my snail mail in an envelope rather than using post cards, you're implying that I'm also doing criminal acts, otherwise I wouldn't need secrecy in snail mail.
Do you use post cards or envelopes? If envelopes, what crimes are YOU hiding?
One of my customers was running Win2K3 server with a mix of XP & 98SE clients, and had serious problems when they bought some new workstations running Vista. The server bogged down bigtime. Upgrading the server to 2k8 & upgrading the entire network to XP Pro fixed the problem. Their 'grocery app' (some collection software) haddn't been ported to Vista yet, so XP was the OS of the day.
Been trying to talk them into a *nix back end with the app on a Samba share, but they ain't buyin it...
The snail mail/postcard analogy just doesnt make sense to anything that I said.
Sure it does. You're saying I gotta give up any expectation of privacy in my communications. Consider reasonably strong encryption to be an envelope to put a message inside. Nobody needs to be reading my mail all the time.
Slashdot Mirror
Didn't see Serenity, did you?
Depends on where you're at in space. If you're outside of Jupiter's orbit, nukes are the way to go unless you have a few hundred square kilometers of mirrors to concentrate what little sunlight you get. And on Luna, too, nukes make sense. 2 weeks of every month it's dark and cold.
They don't launch plutonium reactors or anything like that, they use radioactive isotope generators that act more like tea kettles and stop producing heat in what, 10, 15 years? They don't blow up.
Dammit, I forgot Midway.
Ah, but the Emperor allowed the information to leak out in order to sucker the Rebel fleet into attacking in force that fully armed and operational death star...
Guam, Okinawa, & the Marshall Islands, off the top of my head. What are the other ones?
As far as the Confederate States of America are concerned, technically, they were a breakaway republic that was reconquered.
Heh. I always thought they were the adult form of paper clips...
I use Samba 3 when I need to. Otherwise, I don't bother.
Squid does a wizard job of that, once you learn to configure it. Nifty Ubuntu instructions too. And you'll need to look up access control limits too. It's not a big deal, just a bit touchy at times...
Let them screw around with package managers on their own time and their home machines. Letting users screw around with root access on a production machine is just asking for trouble. These machines belong to the company, not the user.
One of my clients demanded all his employees have administrator/superuser access on the company server. I told him no way, and why that was a bad idea. He insisted. I wrote him out a bill on the spot for time and services rendered, and gave him the number of a competitor with even less of a sense of humor than I have, then told him he'd be calling his new consultant on a daily basis as various users hosed their workstations and his servers. I also advised him to make sure the new consultant set him up with a damned good backup solution, he'd need it. Two days later, their new consultant called me up to bitch at me. I told him, 'Hey, consider it job security and charge 'em triple.'.
The problem with making things idiot proof is you generate a better class of idiot.
As to the problem at hand, there are tons of things you can do to keep users out of trouble. Biggest one is, keep them from accessing sudo. Easiest way to do that is, create an 'admin' account on the machine before generating user accounts. Only the first user account on a Ubuntu machine has sudo access automagically. Additional users need to be added manually to the sudo group. Remove any and all software that you don't need. What those software pieces are would depend on your application. Then add the necessary maintanance scripting run as cron jobs, things like apt. Edit the /etc/apt/sources.list to restrict repositories. What I'd do then is, recut a master CD using Ubuntu Customisation Kit so you have a 'standard' install, and set up an inhouse repository for updates, fed from the inhouse server. Since the workstations only look at the inhouse repository, they should only be able to install from the local server. And if they're locked away from apt, that shouldn't be a problem.
By blocking them out of root access, they can't download a package like a .deb or an .rpm & install it. If they somehow manage to figure out how to download and compile a tarball, all they can install it to is their own home directory. I'd say, best way to do it is make sure they don't have compiler access. So, take them out of the sudo users group.
You RAR it when you want to password it. Like, pr0n, ya know. The pr0n with the nasty-assed viruses that chew up your computer til it turns into a doorstop that no amount of reformatting and reinstalling will fix.
He's new here. Cut him some slack already so he can really fuck up.
Depends. If it was in Cleveland in the mid to late 90's, yeah, the city would sieze the property in a heartbeat, board it up, tear it down, then sell it to some developer who had his hand up one or more Councillman's ass.
Your mileage may vary...
An incurable romantic.
Fixed this for ya.
Seems American politics is openly following the Golden Rule now -- They who have the gold, buy the rules.
Look up the original intention of the envelope sometime. It was developed to keep prying eyes from the contents thereof, and sealed in wax with a signet ring, thus providing evidence of tampering, much like modern encryption. Thus, the envelope paradigm is valid.
On my planet, several decades ago, they created two items that take care of these functions. They are, respectively, the stapler and the manilla folder. Perhaps I should come to your planet to trade these items? Precious metals only, please, payable on delivery.
Oh, and I want a monopoly on these products.
I once superglued a brick to one of those 'business reply' cards that said 'postage paid' and mailed it. Never heard from that particular company again, which is why I did it. That was in like, 1971 or earlier, maybe 1969...
Might I quote you here?
So the 5 or 6 gigs of heavily encrypted data I'm keeping for a client of mine is 'illegal'? Funny, they told me it was a backup of a database containing medical and financial records for a collections agency. They asked me to store a copy after somebody burned down their office. I'm their IT guy. And I don't have the key. And yes, I signed an NDA, and I'm bonded.
Or an offsite backup of heavily encrypted commercial information that you have no right to look at. Nor do the various government agencies without a warrant or going through proper channels. After losing their primary servers in the fire and nearly losing their backups, they decided on an offsite backup program. I set the software and scripts up, called the office manager over to the terminal, had him type in the passwords he wanted to use and write them down to put in an envelope to go to the lawyer's office safe just in case something happened to him. Worst case scenario, they lose 1 day of production, as the DVD is burned first thing in the morning for sneakering out to me.
Has your Party of choice issued you your Party secret decoder ring, Party weapon, and Party-approved shirt yet? Still cashing those Party paychecks?
Where'd I go wrong??
Do you use post cards or envelopes? If envelopes, what crimes are YOU hiding?
Been trying to talk them into a *nix back end with the app on a Samba share, but they ain't buyin it...
Sure it does. You're saying I gotta give up any expectation of privacy in my communications. Consider reasonably strong encryption to be an envelope to put a message inside. Nobody needs to be reading my mail all the time.
Microsoft Windows XP, I think. $100 is about right for the street price of XP Home if you look hard enough.
Particularly in the Deep South, where barbeque is almost a religion on its own.
People for Eating Tasty Animals, anyone?
I do, however, once RIAA is dead and buried, intend to dig them up once a year on the anniversary of their death just to make sure they're still dead.