The market for "home theater in a box" systems is proof positive that most people have terrible ears. The vast majority of consumer level audio equipment is just straight up garbage. My favorite is when people go on about how the "reviews are really good on this system!!!"...yea...reviews written by people who have absolutely no fucking idea what they are talking about. I see pictures of people's home theater setups...uneven speaker placement...rear channels set in front of the listener or even just strewn randomly about the room...and yet they say it sounds "awesome".
Yea, I'm an elitist, and I suppose it is good for those people that they can get by with cheap, junky, plastic equipment tossed randomly into the room. As an elitist, though, it just annoys the ever-loving shit out of me. I don't mind it too much for grandma and people that legitimately don't care...its just the people who get all hyped up like they actually know something that drives me crazy.
I can definitely tell the difference between compressed and not. The difference is readily apparently to me, though admittedly I have not run a FLAC/MP3 comparison...it's been mostly MP3 versus CD. I should probably try the FLAC comparison some time, just to see. I'm definitely not anti-MP3 either...its pretty much all I listen to in the car. I guess I am willing to make some compromises for convenience.
Good for you dude. Getting out. Living the dream. You're smart to have taken the opportunity. I was sort of praying for a layoff to try and start a photography business myself.
Biggest mistake of my life was getting in to this nightmare career. This industry is a fucking joke, the work sucks ass, the management is clueless, the users are stupid and unappreciative...the list goes on.
I am a fairly good photographer and seriously considered fine art photo or photojournalism as a major when I decided Computer Science wasn't for me. Instead I went into Information Technology. Definitely a decision that fucked the rest of my life. I would be broke as an artist, but I could not possibly be any more miserable.
It really is an awful career, I tell everyone who is thinking about going in to it to think again.
...triumphing over the rights of citizens. I don't see any reason why business' commerce should supersede the leisure activities of people who are home sick. Obviously this recommendation is asinine in the extreme and completely impossible to implement, but I don't think its the government's business to implement it anyway. If you want to talk about emergency services then, OK, maybe there is an argument there.
I also agree with the comment saying...well what about game companies' commerce? It's just another case of big business having the money to bribe politicians into prioritizing their interests over citizens'.
...Besides...everyone already surfs the web all day at work. I don't see where there is any difference.
Put everything in test, not configured properly for production, until such time as enough people start using test that it becomes production on its own. This usually happens slowly and organically, and usually in the middle of the night. Once you have at least 2-3 different groups screaming at you over the lack of availability of your test system you can be reasonably confident that it is now production.
I don't have a clue who the fuck you are but rest assured that I will remind you of this daily. It really doesn't require any special preparation or remembrance on my part..."god, I wish I could just blow my brains out" is pretty much my mantra.
Experience is the reason that the former is always assumed to be the only approach. Users don't give a fuck about understanding more or learning more or taking any responsibility at all for the security of the IT infrastructure. It often seems, in fact, that the more critical the position they hold in regards to access to sensitive information (doctors, lawyers, etc.) the more resistant they are to learning about IT or doing their part to keep the organization secure.
The ONLY solution is the former. As the population of workers is replaced by people who grew up with IT there will be fewer extreme examples of people totally unwilling to do anything at all, but in the end the user mentality remains the same. The ONLY solution is to simplify the solutions and force them, via policy, to accept "the best we can do".
I see this in every aspect of my job. Tell the sys admin that his server is off the wire because it was attempting to infect thousands of other critical servers and possibly even equipment which is even more critical and all he does is complain to his director that you're being a dick and not letting his box, that he failed to patch for 5 years, back on the wire...and thats an IT person. Don't get me started on explaining to the high-muckity-muck that their VPN connected laptop was the source of a worm which infected 200 computers with something they downloaded from a porn site.
The notion that basic competency is only for nerds, hardcore geeks, and experts is rooted firmly in the fact that almost no one is competent or even somewhat intelligent. Most people are stupid as fuck. They manage to do their job like a monkey can learn to press a button and get a treat, but try and teach that same monkey to type a password and get a treat and you're officially well past the point of diminishing returns.
The comments here are clearly full of security pros. Awesome.
I totally agree with you. I don't think it SHOULD be that way or that it NEEDS to be that way...but it is that way, especially today. We're so anxious to adopt IT and let it permeate every aspect of every organization but we're completely unwilling to deal with the consequences and mitigate the risks. Upper management is a bunch of balloon heads who don't know the first god damn thing about computers or security so when it comes down to "gosh we really need to have users type a password for this or it could be really bad" the answer is always "duhhhhhhhhhhh that sounds hard...forget about it".
"I figure this will be an ongoing problem until company management and employees accept their role in keeping company information safe."
Exactly. I suppose it's not that surprising that everyone wants all the benefits of IT without any of the responsibility given that a solid 90% of people are just too fucking stupid to understand that it even HAS consequences, but the willful disregard for protecting customers/patients info is just pathetic. You work in the medical industry and you see that doctors and nurses and sys admins just don't give a fuck about protecting their patients identities and privacy, regardless of how small an inconvenience they face.
I understand that a lot of security solutions are not always convenient but the level of laziness and disregard for people is really inexcusable. You wanna know the truth? Really easy to use security solutions just aren't here yet in a lot of areas. That's a fact. Viruses, worms, system compromises, botnets, identity theft...those ARE here in ALL areas. That's also a fact. If people don't like it then they should go back to using paper records...uhoh...that sounds a little more inconvenient than remembering two passwords doesn't it?
I realize this comment makes me sound like a security nazi but honestly I am pretty good at bridging the gap and have worked on both sides of the security fence. I am just really really tired of users whining. To a point, yes, usability is very important for a lot of reasons and anywhere possible you should strike a balance between usability and security. I don't discount that. However, in a lot of organizations security ALWAYS loses that battle...ALWAYS. Companies are jumping through incredible hoops to meet regs and appease auditors while willfully engaging in egregious breaches of security in areas not covered by laws.
Clearly a lot of programmers and not a lot of network/infosec people on here. Some of you seriously don't know what the fuck you are talking about or what you're doing. Trying to run a VPN endpoint on a private IP?? Just get another static address to run the endpoint and use the privates on the internal LAN. Not hard if your company is not actually in bankruptcy while you're trying to set this up. Advocating every host run its own DNS/mail relay? Oh, yea, no potential problems there...FYI...not everyone who uses a computer lives in mom's basement and has nothing to do all day but configure services which are already provided by any ISP/corporate network. Equating moving to IPv6 with networking every electrical device in your house? Ummm..huh?
The truth is we really don't know how Android is going to do, because there are hardly any Android phones on the market. Supposedly there are quite a few coming, but we'll see whether they actually materialize or not.
The real problem with Android, though, was the launch. They released an incomplete OS with no real application support on one phone on one second rate carrier. Then there was nothing. No new phones, no new carriers...nothing. Google should have waited until the OS was done and they could get at least two or three hardware manufacturers on board to release phones. There was plenty of buzz over Android BEFORE it was released, but not after. They rushed it out the door in a package that not too many people were really interested in. Android could be the greatest mobile OS ever but who would know?
I guess since it was google they figured we would all just fall at their feet. Either that or they figured they could roll it out on a shit carrier on one phone in order to work out the bugs. Keep it low profile so that anything that went wrong was just small deployment stuff...shaking the bugs out before the bigtime. Then, later on, start the full court press once it has a reputation good enough to get larger manufacturers for bigger carriers interested...and once they are sure they are delivering a solid product.
To me it seems like they just wasted the Android buzz that they had before the launch though. If this was an OS that was really targeted at "regular" cell phones I would think that their strategy was good...but this is an OS for smart phones which are a premium product with an audience that wants what is hot and what is current. They took the buzz that seems like it is EVERYTHING in selling a product like this and pissed it away on an extremely limited market. IMHO Android's first deployment should be the 10(?) phones that are supposedly on the way now. We should have all been salivating all this time rather than saying "oh yea I have one friend who has one but I haven't really seen it".
When you authenticate successfully with a passcode the passcode is immediately invalidated and cannot be used again. You cannot complete a login then use the same passcode again. At my old company we had to request special 30-second fobs for this reason. People would connect to a machine using their passcode and then need to su to root, but had to wait for the code on the token to change before they could authenticate again. If an attacker captures your passcode after you use it to successfully log in it's not going to do them any good at all.
I feel like I'm missing something because none of the comments that I read above mention this fact. Pretty basic stuff to anyone who has administrated the system before.
I think this phenomenon is mostly due to the fact that most IT jobs are boring. I know its a radical, outlandish theory, but it has a firm basis in fact. How many people do you know that work in IT and mostly surf the web for a living? Answer: a lot.
Boring...or insanely stressful and overly demanding of your time.
Maybe I read the act wrong or maybe its just been too long since I read it, but I thought the patriot act pretty much took care of this, from a legal standpoint anyway?
I have never found verizon to be especially evil. Corporate, to be sure, but never especially evil. I think this is a great move in the right direction. Of course they want to reduce their support costs! It's funny how people now want to blame companies for wanting to make money. Making money is a good thing as long as it isn't at all costs.
I have some relatives that work for Verizon and what goes on behind the scenes is truly beyond description...but at the end of the day I like their service a lot, they are moving in the right direction with FIOS (ESPECIALLY the symmetrical bandwidth offering!), and they're moving in the right direction with this.
I think most of the people complaining about this are pie-in-the-sky idealists who are holding out for a vision of the world that will never arrive, or at least isn't due in for a while. Their competing with comcast is reason enough to like them, as is their extremely good cell service, despite the ridiculous cost of their data plans. This is a good thing.
Excellent post. I'm not an expert in these things as I am not a developer, but from my 50,000 foot view this lines up very much with what I have known about the debate for years. I like things to be elegant too, but they almost never are in reality.
Not that I would consider 200 machines a ton of devices to manage, but dealing with a larger network is definitely a different story. Policies, procedures, scheduled downtime, documentation...this is your world. Just like the person above said, you're not an auto mechanic....you don't just go in and start monkeying around with things trying to fix them. VMWare might not be a terrible idea but it depends on exactly what you're supporting. You need to test things like patches and upgrades before they get deployed.
You said something about CD builds...we use cd builds with network based updates on a network of 25K managed devices, so cd builds are fine. One thing you may want to think about is centralization. Get the data off people's desktops so "fixing a desktop" can most of the time come down to rebuilding it. This will save you time. Spending two hours debugging a problem with an application that's only happening on one machine is a waste of everyone's time. This requires some retraining of the users and you'll never eliminate the need to back up data off the desktop completely, but you can still save a lot of headaches as well as creating network shares where you can get real backups going.
Definitely get REAL familiar with windows. People can say what they want about windows but for managing an enterprise network where there are novice users? It's the only way to go. Microsoft is dumb in a lot of ways, but there's a lot you can do with their software in the enterprise. That's not to say you shouldn't use UNIX where it's appropriate of course, but really take advantage of what windows has to offer because you know 99% or more of the companies you deal with will be running it and will not be changing.
VBScript and Wise Installer will be your friends especially if there are a lot of apps you will need to support. Even just for office...learn about msi and transforms and repackaging. The more you can standardize a build the better. One offs take time and knowledge to recover from. You want to be able to have the recent grad you can go out and hire rebuild the CEO's machine because it's just that easy to do. The more exceptions you make and bullshit you allow, the worse off you'll be and the more time it will take to support. If you have exceptions and one offs that aren't thoroughly documented? Your ass will be grass when that HDD dies or the app gets corrupted so don't allow them or don't agree to support them under your usual SLA.
Don't get ahead of yourself, because it's only 200 machines. That's nothing. Don't buy tons of expensive software and don't make yourself crazy trying to over-manage things, just work in the direction of standardization and centralization as it is appropriate to the client.
I see, so none of our 45,000 or so medical users should actually be able to *read* their mail, but they can know beyond a shaodw of a doubt that it is AVAILABLE for them, 24 hours a day, 7 days a week, 365 days a year.
This is a very technologist-centric viewpoint. Technical correctness is wonderful and something which is inexcusably absent from MS products, but what many key-tappers fail to realize is that Human Factors issues can be just as, if not more, cripplingly debilitating to an organization as technical issues can be. I am, mercifully, not familiar with our Exchange architecture, but in the time I have been here I cannot complain about anything from an end user perspective. Our Exchange support team is shockingly small for such a large organization and everything seems to be running fine to me.
In any case, I can't see this guy doing much worse than MS has already been doing. Hopefully he realizes that the next upgrade for MS is an upgrade of the back end to a back end which actually works to successfully support the standardized, if not good, front end they have been so successfull with. It sounds like the upgrades to Windows' functionality are worthless window dressing anyway, so hopefully he'll realize that the long term viability of the company rests on coming up with something that actually works well, rather than just another crop of whiz-bang "Features" which no one really uses.
I thought PNG was supposed to be teh new hotness...so much for that.
This is insanely stupid. I run a photoblog on an extremely low priced movable type hosting service and bandwidth isn't an issue for me. Bandwidth is such that we just don't need this at all. Yes, I understand that high traffic sites might benefit more from this than I would, but it hardly seems worth doing for all the chaos it will create. This is just another dumb Microsoft strategy to own the world.
This sounds like one of those features where you go, "oh, that will be a big improvement" and then when it actually comes time to take advantage of that feature it really doesn't work that well that often. I'm expecting to be disappointed.
Dear Customer,
Your RSA issued token access has officially been revoked due to security concerns. Please mail the token to the address below along with your account number and secret password.
Regards,
Bank President
Admittedly, still possible, but less likely. The best way around it would be to just make it policy not to send your password ever (obviously) but also to never mail your token anywhere. There is no reason that the bank ever needs the token back once they activate it, so you just tell your customers never to mail it anywhere. I know, some still will, but I think this is a FAR more unlikely possibility than a web page that looks and works EXACTLY like you actual bank's does.
The inexperience of the author is overwhelmingly evident in the "take no crap, live in my fantasy world" tone that he takes. Don't work in cubicles? Yea right, so where is the other 95% of the IT industry going to work since they are now barred from working at any company which doesn't piss away all it's money on overpriced urban real estate so every junior level coder can have their own office. To equate a company's respect for it's employees with whether or not they give you an office is a clear fallacy and will bar the author from working at many, many fine companies. Don't get me wrong, I hate cubeland too...HATE it. As a noncomformist it really rubs me the wrong way. However, it's the reality of what you have to put up with in this industry. It's a minor complaint in the grand scheme of things.
He rambles on with the usual "the boss doesn't take my genius advice" garbage too. It's not surprising and I certainly had my complaints about how they did things at the company I was laid off from a year out of college. However, that's how things are. Your goal should be getting in to a company where the higher-ups make good decisions so you don't HAVE to feel like everyone is stupider than you. I think a lot of times it's a corporate culture issue and you need to find a place which does things the same way you would do them. It doesn't necessarily mean that a company is bad just because everything isn't done the way you want it. The higher ups are the higher ups and they are going to do things they way they want to do them whether you agree with them or not. If the company is doing stupid things, I would agree that it could be a warning sign, but this dude frames it as though his junior level advice is supposed to matter. It's good to have a boss that listens to everyone, but sometimes you do not understand all the factors involved.
One of the most important things I think you learn working for companies in offices your first couple years out is office and company politics. There are SO many factors that go into decision making beyond what is technically important. Sometimes those other factors result in bad technical implementation, but a lot of times those other factors are just the reality of doing business and you need to accept them and work with them rather than chafing against them with the "I'm a genius" attitude the author takes. You as the junior level employee are not always privy to all the information which goes in to making a decision.
Certainly, there are bad managers and bad companies out there, but I think this dude is just not framing his advice in the right way. He comes off as the bitter, smarter than you tech worker who just got laid off. I think his attitude is part of the learning process, but I also think that he is giving bad advice to people who may be in a similar situation. He's making it out as if you're going to find a utopian place to work in your first couple years out: not going to happen for most people. I certainly don't encourage anyone to stay somewhere they're not happy, but you need to think about the balance of experience you're getting and what you're going to do in the future. If you keep quitting jobs because they're not treating you like a king, you will never, ever get a job you really like. When you're on the bottom rung sometimes you need to suck it up and put in your time. A lot of times, as you get more experience, things will start to make more sense to you.
I don't mean to come off as the jaded gray cubeland dweller. I certainly want to change certain things where I work and I am not exactly a conformist on any level. However, there are things you learn with experience that you just don't learn any other way. Now, with a couple years under my belt, I am just starting to understand why things are done the way they are. I am fortunate to be at a company which I think makes really excellent policies, in general, and being here it's easy to see that there are things I don't understand which actually result in a network that works pretty well. Coming to understand those factors is what you learn by sticking it out and not demanding the corner office right away.
No certs and I don't feel they would have helped me even during my lengthy unemployment. Around here I really didn't run into any jobs that required them.
As far as my personal opinion, they are mostly worthless. The certs test you on so much minutia that's not worth learning, and in the end you have people who don't know a damn thing more than those without them. I think some of the certs (CISSP and maybe some cisco ones) are worthwhile, but especially with the MS ones, that cert tells you exactly 0 about the knowledge of the person in question. If I had a dime for every question an MCSE has asked me about windows I would be chillin on an island somewhere and not worrying about this bullshit.
You want to know what a meaningful cert would be? Have someone who has never done it before set up an SSH server and client and tunnel windows remote desktop over it. Have someone install and configure a linux box who has never done it. Tell someone to get OpenBSD up and running by using only information available on the web. Have someone write a program to check if a file exists and copy over the file if it doesn't in a scripting language they've never used before given only the web for research. You get people who can learn as they go and certs are irrelevant.
Personally I'd rather have 10 guys who are *real* computer people...not just people in it because it's the new middle management...than 100 paper MCSE's who can tell you some worthless bullshit about printing protocols but can't solve a problem they didn't learn about in class without 10 grand worth of training and a $300 book. Problem solving skills and knowledge of how to find stuff online is ALL you need. I tell people to seach Google groups and they look at me like my head is glowing purple. Do you know how many problems I've solved with that? People have no ability to evaluate sources, cross reference, and learn quickly. 99% of the information you need to do any project is out there, you just have to find it and know how to process it. There are people who "get" computers and those who don't. Certs were invented for all the people who don't. I don't need to memorize this, that, and the other thing about Windows because I'll just learn it when I need to know it. The more critical the project is the more care you take in learning it. Simple.
So, now what? The ESRB is going to have to learn assembly and comb through game code to see if there is any content present which the manufacturer put in but has rendered inaccesable? What a bunch of pussified dumbshits. The politicians brought their usual think of the children shitrain down on them and they caved. "The rating has been undermined"...in what way has the rating of the shipping game been undermined????
Slashdot Mirror
The market for "home theater in a box" systems is proof positive that most people have terrible ears. The vast majority of consumer level audio equipment is just straight up garbage. My favorite is when people go on about how the "reviews are really good on this system!!!"...yea...reviews written by people who have absolutely no fucking idea what they are talking about. I see pictures of people's home theater setups...uneven speaker placement...rear channels set in front of the listener or even just strewn randomly about the room...and yet they say it sounds "awesome".
Yea, I'm an elitist, and I suppose it is good for those people that they can get by with cheap, junky, plastic equipment tossed randomly into the room. As an elitist, though, it just annoys the ever-loving shit out of me. I don't mind it too much for grandma and people that legitimately don't care...its just the people who get all hyped up like they actually know something that drives me crazy.
I can definitely tell the difference between compressed and not. The difference is readily apparently to me, though admittedly I have not run a FLAC/MP3 comparison...it's been mostly MP3 versus CD. I should probably try the FLAC comparison some time, just to see. I'm definitely not anti-MP3 either...its pretty much all I listen to in the car. I guess I am willing to make some compromises for convenience.
Good for you dude. Getting out. Living the dream. You're smart to have taken the opportunity. I was sort of praying for a layoff to try and start a photography business myself.
Biggest mistake of my life was getting in to this nightmare career. This industry is a fucking joke, the work sucks ass, the management is clueless, the users are stupid and unappreciative...the list goes on.
I am a fairly good photographer and seriously considered fine art photo or photojournalism as a major when I decided Computer Science wasn't for me. Instead I went into Information Technology. Definitely a decision that fucked the rest of my life. I would be broke as an artist, but I could not possibly be any more miserable.
It really is an awful career, I tell everyone who is thinking about going in to it to think again.
...triumphing over the rights of citizens. I don't see any reason why business' commerce should supersede the leisure activities of people who are home sick. Obviously this recommendation is asinine in the extreme and completely impossible to implement, but I don't think its the government's business to implement it anyway. If you want to talk about emergency services then, OK, maybe there is an argument there.
...Besides...everyone already surfs the web all day at work. I don't see where there is any difference.
I also agree with the comment saying...well what about game companies' commerce? It's just another case of big business having the money to bribe politicians into prioritizing their interests over citizens'.
Put everything in test, not configured properly for production, until such time as enough people start using test that it becomes production on its own. This usually happens slowly and organically, and usually in the middle of the night. Once you have at least 2-3 different groups screaming at you over the lack of availability of your test system you can be reasonably confident that it is now production.
I don't have a clue who the fuck you are but rest assured that I will remind you of this daily. It really doesn't require any special preparation or remembrance on my part..."god, I wish I could just blow my brains out" is pretty much my mantra.
Experience is the reason that the former is always assumed to be the only approach. Users don't give a fuck about understanding more or learning more or taking any responsibility at all for the security of the IT infrastructure. It often seems, in fact, that the more critical the position they hold in regards to access to sensitive information (doctors, lawyers, etc.) the more resistant they are to learning about IT or doing their part to keep the organization secure.
The ONLY solution is the former. As the population of workers is replaced by people who grew up with IT there will be fewer extreme examples of people totally unwilling to do anything at all, but in the end the user mentality remains the same. The ONLY solution is to simplify the solutions and force them, via policy, to accept "the best we can do".
I see this in every aspect of my job. Tell the sys admin that his server is off the wire because it was attempting to infect thousands of other critical servers and possibly even equipment which is even more critical and all he does is complain to his director that you're being a dick and not letting his box, that he failed to patch for 5 years, back on the wire...and thats an IT person. Don't get me started on explaining to the high-muckity-muck that their VPN connected laptop was the source of a worm which infected 200 computers with something they downloaded from a porn site.
The notion that basic competency is only for nerds, hardcore geeks, and experts is rooted firmly in the fact that almost no one is competent or even somewhat intelligent. Most people are stupid as fuck. They manage to do their job like a monkey can learn to press a button and get a treat, but try and teach that same monkey to type a password and get a treat and you're officially well past the point of diminishing returns.
The comments here are clearly full of security pros. Awesome.
I totally agree with you. I don't think it SHOULD be that way or that it NEEDS to be that way...but it is that way, especially today. We're so anxious to adopt IT and let it permeate every aspect of every organization but we're completely unwilling to deal with the consequences and mitigate the risks. Upper management is a bunch of balloon heads who don't know the first god damn thing about computers or security so when it comes down to "gosh we really need to have users type a password for this or it could be really bad" the answer is always "duhhhhhhhhhhh that sounds hard...forget about it".
"I figure this will be an ongoing problem until company management and employees accept their role in keeping company information safe."
Exactly. I suppose it's not that surprising that everyone wants all the benefits of IT without any of the responsibility given that a solid 90% of people are just too fucking stupid to understand that it even HAS consequences, but the willful disregard for protecting customers/patients info is just pathetic. You work in the medical industry and you see that doctors and nurses and sys admins just don't give a fuck about protecting their patients identities and privacy, regardless of how small an inconvenience they face.
I understand that a lot of security solutions are not always convenient but the level of laziness and disregard for people is really inexcusable. You wanna know the truth? Really easy to use security solutions just aren't here yet in a lot of areas. That's a fact. Viruses, worms, system compromises, botnets, identity theft...those ARE here in ALL areas. That's also a fact. If people don't like it then they should go back to using paper records...uhoh...that sounds a little more inconvenient than remembering two passwords doesn't it?
I realize this comment makes me sound like a security nazi but honestly I am pretty good at bridging the gap and have worked on both sides of the security fence. I am just really really tired of users whining. To a point, yes, usability is very important for a lot of reasons and anywhere possible you should strike a balance between usability and security. I don't discount that. However, in a lot of organizations security ALWAYS loses that battle...ALWAYS. Companies are jumping through incredible hoops to meet regs and appease auditors while willfully engaging in egregious breaches of security in areas not covered by laws.
Clearly a lot of programmers and not a lot of network/infosec people on here. Some of you seriously don't know what the fuck you are talking about or what you're doing. Trying to run a VPN endpoint on a private IP?? Just get another static address to run the endpoint and use the privates on the internal LAN. Not hard if your company is not actually in bankruptcy while you're trying to set this up. Advocating every host run its own DNS/mail relay? Oh, yea, no potential problems there...FYI...not everyone who uses a computer lives in mom's basement and has nothing to do all day but configure services which are already provided by any ISP/corporate network. Equating moving to IPv6 with networking every electrical device in your house? Ummm..huh?
...that pretty much says it all.
The best comment was this one...
http://hardware.slashdot.org/comments.pl?sid=1373053&cid=29459455
The truth is we really don't know how Android is going to do, because there are hardly any Android phones on the market. Supposedly there are quite a few coming, but we'll see whether they actually materialize or not.
The real problem with Android, though, was the launch. They released an incomplete OS with no real application support on one phone on one second rate carrier. Then there was nothing. No new phones, no new carriers...nothing. Google should have waited until the OS was done and they could get at least two or three hardware manufacturers on board to release phones. There was plenty of buzz over Android BEFORE it was released, but not after. They rushed it out the door in a package that not too many people were really interested in. Android could be the greatest mobile OS ever but who would know?
I guess since it was google they figured we would all just fall at their feet. Either that or they figured they could roll it out on a shit carrier on one phone in order to work out the bugs. Keep it low profile so that anything that went wrong was just small deployment stuff...shaking the bugs out before the bigtime. Then, later on, start the full court press once it has a reputation good enough to get larger manufacturers for bigger carriers interested...and once they are sure they are delivering a solid product.
To me it seems like they just wasted the Android buzz that they had before the launch though. If this was an OS that was really targeted at "regular" cell phones I would think that their strategy was good...but this is an OS for smart phones which are a premium product with an audience that wants what is hot and what is current. They took the buzz that seems like it is EVERYTHING in selling a product like this and pissed it away on an extremely limited market. IMHO Android's first deployment should be the 10(?) phones that are supposedly on the way now. We should have all been salivating all this time rather than saying "oh yea I have one friend who has one but I haven't really seen it".
When you authenticate successfully with a passcode the passcode is immediately invalidated and cannot be used again. You cannot complete a login then use the same passcode again. At my old company we had to request special 30-second fobs for this reason. People would connect to a machine using their passcode and then need to su to root, but had to wait for the code on the token to change before they could authenticate again. If an attacker captures your passcode after you use it to successfully log in it's not going to do them any good at all. I feel like I'm missing something because none of the comments that I read above mention this fact. Pretty basic stuff to anyone who has administrated the system before.
I think this phenomenon is mostly due to the fact that most IT jobs are boring. I know its a radical, outlandish theory, but it has a firm basis in fact. How many people do you know that work in IT and mostly surf the web for a living? Answer: a lot.
Boring...or insanely stressful and overly demanding of your time.
Maybe I read the act wrong or maybe its just been too long since I read it, but I thought the patriot act pretty much took care of this, from a legal standpoint anyway?
I have never found verizon to be especially evil. Corporate, to be sure, but never especially evil. I think this is a great move in the right direction. Of course they want to reduce their support costs! It's funny how people now want to blame companies for wanting to make money. Making money is a good thing as long as it isn't at all costs.
I have some relatives that work for Verizon and what goes on behind the scenes is truly beyond description...but at the end of the day I like their service a lot, they are moving in the right direction with FIOS (ESPECIALLY the symmetrical bandwidth offering!), and they're moving in the right direction with this.
I think most of the people complaining about this are pie-in-the-sky idealists who are holding out for a vision of the world that will never arrive, or at least isn't due in for a while. Their competing with comcast is reason enough to like them, as is their extremely good cell service, despite the ridiculous cost of their data plans. This is a good thing.
Excellent post. I'm not an expert in these things as I am not a developer, but from my 50,000 foot view this lines up very much with what I have known about the debate for years. I like things to be elegant too, but they almost never are in reality.
Not that I would consider 200 machines a ton of devices to manage, but dealing with a larger network is definitely a different story. Policies, procedures, scheduled downtime, documentation...this is your world. Just like the person above said, you're not an auto mechanic....you don't just go in and start monkeying around with things trying to fix them. VMWare might not be a terrible idea but it depends on exactly what you're supporting. You need to test things like patches and upgrades before they get deployed.
You said something about CD builds...we use cd builds with network based updates on a network of 25K managed devices, so cd builds are fine. One thing you may want to think about is centralization. Get the data off people's desktops so "fixing a desktop" can most of the time come down to rebuilding it. This will save you time. Spending two hours debugging a problem with an application that's only happening on one machine is a waste of everyone's time. This requires some retraining of the users and you'll never eliminate the need to back up data off the desktop completely, but you can still save a lot of headaches as well as creating network shares where you can get real backups going.
Definitely get REAL familiar with windows. People can say what they want about windows but for managing an enterprise network where there are novice users? It's the only way to go. Microsoft is dumb in a lot of ways, but there's a lot you can do with their software in the enterprise. That's not to say you shouldn't use UNIX where it's appropriate of course, but really take advantage of what windows has to offer because you know 99% or more of the companies you deal with will be running it and will not be changing.
VBScript and Wise Installer will be your friends especially if there are a lot of apps you will need to support. Even just for office...learn about msi and transforms and repackaging. The more you can standardize a build the better. One offs take time and knowledge to recover from. You want to be able to have the recent grad you can go out and hire rebuild the CEO's machine because it's just that easy to do. The more exceptions you make and bullshit you allow, the worse off you'll be and the more time it will take to support. If you have exceptions and one offs that aren't thoroughly documented? Your ass will be grass when that HDD dies or the app gets corrupted so don't allow them or don't agree to support them under your usual SLA.
Don't get ahead of yourself, because it's only 200 machines. That's nothing. Don't buy tons of expensive software and don't make yourself crazy trying to over-manage things, just work in the direction of standardization and centralization as it is appropriate to the client.
I see, so none of our 45,000 or so medical users should actually be able to *read* their mail, but they can know beyond a shaodw of a doubt that it is AVAILABLE for them, 24 hours a day, 7 days a week, 365 days a year.
This is a very technologist-centric viewpoint. Technical correctness is wonderful and something which is inexcusably absent from MS products, but what many key-tappers fail to realize is that Human Factors issues can be just as, if not more, cripplingly debilitating to an organization as technical issues can be. I am, mercifully, not familiar with our Exchange architecture, but in the time I have been here I cannot complain about anything from an end user perspective. Our Exchange support team is shockingly small for such a large organization and everything seems to be running fine to me.
In any case, I can't see this guy doing much worse than MS has already been doing. Hopefully he realizes that the next upgrade for MS is an upgrade of the back end to a back end which actually works to successfully support the standardized, if not good, front end they have been so successfull with. It sounds like the upgrades to Windows' functionality are worthless window dressing anyway, so hopefully he'll realize that the long term viability of the company rests on coming up with something that actually works well, rather than just another crop of whiz-bang "Features" which no one really uses.
I thought PNG was supposed to be teh new hotness...so much for that. This is insanely stupid. I run a photoblog on an extremely low priced movable type hosting service and bandwidth isn't an issue for me. Bandwidth is such that we just don't need this at all. Yes, I understand that high traffic sites might benefit more from this than I would, but it hardly seems worth doing for all the chaos it will create. This is just another dumb Microsoft strategy to own the world.
This sounds like one of those features where you go, "oh, that will be a big improvement" and then when it actually comes time to take advantage of that feature it really doesn't work that well that often. I'm expecting to be disappointed.
Dear Customer, Your RSA issued token access has officially been revoked due to security concerns. Please mail the token to the address below along with your account number and secret password. Regards, Bank President Admittedly, still possible, but less likely. The best way around it would be to just make it policy not to send your password ever (obviously) but also to never mail your token anywhere. There is no reason that the bank ever needs the token back once they activate it, so you just tell your customers never to mail it anywhere. I know, some still will, but I think this is a FAR more unlikely possibility than a web page that looks and works EXACTLY like you actual bank's does.
The inexperience of the author is overwhelmingly evident in the "take no crap, live in my fantasy world" tone that he takes. Don't work in cubicles? Yea right, so where is the other 95% of the IT industry going to work since they are now barred from working at any company which doesn't piss away all it's money on overpriced urban real estate so every junior level coder can have their own office. To equate a company's respect for it's employees with whether or not they give you an office is a clear fallacy and will bar the author from working at many, many fine companies. Don't get me wrong, I hate cubeland too...HATE it. As a noncomformist it really rubs me the wrong way. However, it's the reality of what you have to put up with in this industry. It's a minor complaint in the grand scheme of things.
He rambles on with the usual "the boss doesn't take my genius advice" garbage too. It's not surprising and I certainly had my complaints about how they did things at the company I was laid off from a year out of college. However, that's how things are. Your goal should be getting in to a company where the higher-ups make good decisions so you don't HAVE to feel like everyone is stupider than you. I think a lot of times it's a corporate culture issue and you need to find a place which does things the same way you would do them. It doesn't necessarily mean that a company is bad just because everything isn't done the way you want it. The higher ups are the higher ups and they are going to do things they way they want to do them whether you agree with them or not. If the company is doing stupid things, I would agree that it could be a warning sign, but this dude frames it as though his junior level advice is supposed to matter. It's good to have a boss that listens to everyone, but sometimes you do not understand all the factors involved.
One of the most important things I think you learn working for companies in offices your first couple years out is office and company politics. There are SO many factors that go into decision making beyond what is technically important. Sometimes those other factors result in bad technical implementation, but a lot of times those other factors are just the reality of doing business and you need to accept them and work with them rather than chafing against them with the "I'm a genius" attitude the author takes. You as the junior level employee are not always privy to all the information which goes in to making a decision.
Certainly, there are bad managers and bad companies out there, but I think this dude is just not framing his advice in the right way. He comes off as the bitter, smarter than you tech worker who just got laid off. I think his attitude is part of the learning process, but I also think that he is giving bad advice to people who may be in a similar situation. He's making it out as if you're going to find a utopian place to work in your first couple years out: not going to happen for most people. I certainly don't encourage anyone to stay somewhere they're not happy, but you need to think about the balance of experience you're getting and what you're going to do in the future. If you keep quitting jobs because they're not treating you like a king, you will never, ever get a job you really like. When you're on the bottom rung sometimes you need to suck it up and put in your time. A lot of times, as you get more experience, things will start to make more sense to you.
I don't mean to come off as the jaded gray cubeland dweller. I certainly want to change certain things where I work and I am not exactly a conformist on any level. However, there are things you learn with experience that you just don't learn any other way. Now, with a couple years under my belt, I am just starting to understand why things are done the way they are. I am fortunate to be at a company which I think makes really excellent policies, in general, and being here it's easy to see that there are things I don't understand which actually result in a network that works pretty well. Coming to understand those factors is what you learn by sticking it out and not demanding the corner office right away.
No certs and I don't feel they would have helped me even during my lengthy unemployment. Around here I really didn't run into any jobs that required them.
As far as my personal opinion, they are mostly worthless. The certs test you on so much minutia that's not worth learning, and in the end you have people who don't know a damn thing more than those without them. I think some of the certs (CISSP and maybe some cisco ones) are worthwhile, but especially with the MS ones, that cert tells you exactly 0 about the knowledge of the person in question. If I had a dime for every question an MCSE has asked me about windows I would be chillin on an island somewhere and not worrying about this bullshit.
You want to know what a meaningful cert would be? Have someone who has never done it before set up an SSH server and client and tunnel windows remote desktop over it. Have someone install and configure a linux box who has never done it. Tell someone to get OpenBSD up and running by using only information available on the web. Have someone write a program to check if a file exists and copy over the file if it doesn't in a scripting language they've never used before given only the web for research. You get people who can learn as they go and certs are irrelevant.
Personally I'd rather have 10 guys who are *real* computer people...not just people in it because it's the new middle management...than 100 paper MCSE's who can tell you some worthless bullshit about printing protocols but can't solve a problem they didn't learn about in class without 10 grand worth of training and a $300 book. Problem solving skills and knowledge of how to find stuff online is ALL you need. I tell people to seach Google groups and they look at me like my head is glowing purple. Do you know how many problems I've solved with that? People have no ability to evaluate sources, cross reference, and learn quickly. 99% of the information you need to do any project is out there, you just have to find it and know how to process it. There are people who "get" computers and those who don't. Certs were invented for all the people who don't. I don't need to memorize this, that, and the other thing about Windows because I'll just learn it when I need to know it. The more critical the project is the more care you take in learning it. Simple.
So, now what? The ESRB is going to have to learn assembly and comb through game code to see if there is any content present which the manufacturer put in but has rendered inaccesable? What a bunch of pussified dumbshits. The politicians brought their usual think of the children shitrain down on them and they caved. "The rating has been undermined"...in what way has the rating of the shipping game been undermined????
I agree, but with a different end result....Badnarik 2008! =]