I suppose you're referring to the Green Party, Sierra Club, etc, etc, etc shills.
Back in the 70's it was the next ice age. Then it was ozone depletion, "we're doomed!". Then the ozone hole closed.
Answer this one, Why did the middle ages warming period get removed from the latest "scientific" reports? Was it to skew the charting results in order to get the "hockey stick" result?
Color me skeptical....
I had the same issue. I live well within the DSL distance from the Central Office but could not get DSL. I called Verizon and asked why not. The reason, our neighborhood had a fiber combiner at the head of the copper infrastructure. There was no direct copper line to the CO.
I now have four choices for broadband though, Cable, Satellite, wireless and Fiber Optic. Ten years ago I had two, dial-up or unidirectional cable modem. I tried cable modem when Adelphia finally installed bi-directional service. Service was abysmal and cost twice as much as Comcast (the next county over). As soon as Verizon installed fiber optic to the house, Adelphia dropped their price to match FIOS. I told them no dice, poor spotty service at any price wasn't worth it.
One other note, most of the top countries have telcos that are monopoly or run by the government as opposed to the US.
MCSE?? Nah. Never bothered.
"A Linux server takes me about two hours to build. Configuration is easy, especially if the.conf files are pre-configured in the lab.
Yes, when someone else does the work for you, it typically IS a whole lot easier. "
Uh, I'm the one doing the configuration builds in the lab first. Then I deploy them.
"Yup, and how often are you doing this that it takes you so long to build your machines? You do know you can set a default policy and use it on other machines, right? Oh, of course you do, you're an "expert"!
Its the creation of the specific policy profiles for each configuration that takes the time. The actual type security config, once built takes no time to apply. But, then again, you probably just use the unpatched out of the box configuration, one size fits all, with servers owned within 20 minutes. Hate to be in your company....
"Well, then, if that's your biggest gripe the problem isn't with the OS, it's with the user administering them. "
Wrong once again, Mr. default config. Its with an OS that has tons of inherently insecure software with no way to strip it out. Its called reducing the vulnerability footprint. It can't be attacked if its not on the machine.
From a security perspective, the Windows servers sit in a tightly restricted DMZ ensconced behind firewalls. E-mail gateways are Linux. Spam filter and Anti-virus are on the Linux gateway. Exchange never sees outside the Intranet.
Yeah, good luck to you with that. "
Works like a charm.
Uh yeah. I administer both Linux and Windows machines... Using Windows 2003 server a typical web server build with patches takes about 4-5 hours to complete. A SQL DB cluster server pair is about a two day process, if everything works right. Thats with standardized build procedures that were created in a test lab environment. Don't forget the little "gotchas" like programs that require the use of NETBIOS and can't run properly using DNS/ActiveDirectory.
A Linux server takes me about two hours to build. Configuration is easy, especially if the.conf files are pre-configured in the lab.
Both types require test lab work to get the proper configuration to include the security profile dialed in. Tightened up for security while letting the proper functions work.
From a security perspective, the Windows servers sit in a tightly restricted DMZ ensconced behind firewalls. E-mail gateways are Linux. Spam filter and Anti-virus are on the Linux gateway. Exchange never sees outside the Intranet.
My biggest gripe on Windows servers, I can't strip out all the useless services, dll's and programs that have no business being on a server. Yeah you can disable the service but I prefer not to have it there at all.
I live in Virginia. My house is a tad newer so I have the DEMARC boxes installed on the outside of the house. When I finished off the basement I installed a cat-5e and 2ea RG-6 COAX runs from the outside DEMARC to a patch installed in the basement. All the wiring in the original house is run in series to the demarc with 3 drops installed. One to the 2nd floor and one to the first floor. The third drop is coiled in the attic.
When Verizon installed FIOS, they pulled a single CAT-6 run to my patch (along with power) to the new FIOS box. The FIOS box had three RJ ports for the existing telephone drops. Cut-over was easy.
The changeover from Adelphia to Dish to FIOS for TV was just as easy. The cable demarc was for two TV sets we have wired in the house. Each repairman just changed where the inside drops were connected to.
FIOS does require a COAX drop from the inside router to the outside DEMARC. I found out that the set top boxes have their own IP addresses to receive the TV guide info. Verizon FIOS TV installs a cat-5 to COAX bridge by the data router. Verizon, for some strange reason does not install all the required drops at once. Since I already had the COAX run from outside the TV installer didn't have to run another cable. If you plan on getting both FIOS network and TV installed, request them to install both lines at once. Its easier to haul all the required cables at once rather than pulling a new one later. Saves on additional holes on the outside of your house.
Very true. But a lot of times we do rolling hardware upgrades where we build and configure new hardware offline and then bring the old server offline and bring the new server online. We currently have a volume license agreement where we keep track of the machines we have online. We decomission the old hardware after we remove it.
The new Longhorn model is that either you have to phone home to "mother" for your machine to be validated. The other choice is you have to install a license server on your network to validate your own servers. I'm not sure how often the servers have to phone home to be validated but if its anything like WGA that license server becomes a critical asset that can't go down.
More expense for a business to operate. And this truely is a waste of money just to keep your systems functioning.
I have FIOS installed. Been on it for about a year now. Verizon has port 80 blocked. They provide two levels of bandwidth:
5Mbps download with 2Mbps upload and 15Mbps down with 2Mbps upload and Up to 30 Mbps down and 5 Mbps upload. We're also one of the two test markets for FIOS TV. That work very well.
No issues with the service. FTTH was installed after much dickering with the local community. There are some communities her in Northern VA that have told Verizon that they can't put in Fiber.
Interesting thing to note. RIght after the NYT released the information about the NSA tracking overseas phone calls to and from the US (prefectly legal under FISA and other relevant statutes. It was also upheld in the FISA court of appeals) there were a quite a few reported incidents of middle eastern looking men attempting to purchase large numbers (in one case 160) of disposable cell phones. These phones are virtually untraceable. Coincidence, nope. Al Qeeda cells in the US trying to set up secure commuunications, you betcha. Thanks, NYT you just made it harder to nail the terrorists before they strike.
Every single revelation about intelligence sources and methods (whether they go into the details or not) makes it much more likely that we'll be hit with another serious attack.
Exactly what is being done wiht the data. Everyone screamed that the Government didn't connect the dots to prevent 9/11 attack. Can't have law enforcement and intel talking to each other. No data sharing. Able Danger was a program that pulled from open sources and it appears that it twigged Atta and a few other of the 9/11 attackers. That was shut down by the lawyers prior to 9/11.
THe purpose of intelligence is to gather information about your enemies and potential enemies to figure out their real intentions. If intel twigs onto something nefarious, you attempt to stop the action before it occurs.
Prevention is a heck of a lot better than filling body bags after he fact.
And by the way. All of these programs are perfectly legal with congressional and judicial oversight.
Sarbox has had a very bad impact on businesses. Aside from the billions its drained out of the economy, it also places regulartory requirements to track data within a business and ensure proper controls are in place. This DRM is a way of accomplishing this. It helps with the audit trails of who accessed and modified the data in a way that non-repudiatable. CEO's, when they sign the financial statments, put their job and freedom on the line that the numbers are correct and traceable. Failure to do that ends them up in prison. Even if there is no wrongdoing. Sarbox assumes everyone is a crook and you have to prove you're not.
Thanks Congress...
Google runs an OC-48 and an OC-12 pipe at each of its sites. Rumor has it there are four of them. Two in Virginia and two out west. I don't know what the price of an OC-12 let alone an OC-48 is but I can guarantee you that it sure as heck isn't free.
I just read the relevant sections of the FISA law. The following link is to the definitions. http://www4.law.cornell.edu/uscode/html/uscode50/u sc_sec_50_00001801----000-.html
1801. Definitions,(b),(2) clearly states that any person who engages in Internation terrorism is fair game. This section makes no distinction as to citizenship.
Subchapter 1802. (http://www4.law.cornell.edu/uscode/html/uscode50/ usc_sec_50_00001802----000-.html) goes into the procedure for conducting the warrantless wiretaps.
If they are certified by the Attourney General and the relevant committes in Congress are notified, then it is on the up and up.
Bottom line: The warrantless wiretaps are legal if the procedures outlined in FISA have been followed. It appears that they have since the Attourney General (and an Asst AG has as well) has made his certifications, the congressional comittees have bee notified (they have on numerous occasions) and the president has done the reauthorizations (he has).
I used to have dialup. With the firewall installed I was getting probed all the time. In fact, during one of the major outbreaks my sessions slowed to a crawl due to the probes hitting my machine.
No one is safe...
It was the ACLU that killed it.. Said it was a 4th amenndment violtaiont against unreasonable search and seizure for the police to use it. Fire & rescue squads most likely got scared off because they're government entities and could get sued for using this device. Even if it was to save lives.
I can hear the ACLU now, "but the police could borrow it too."
As a parent, I have the responsibility of monitoring what my children are watching and doing on the computer. Online games and web site? I took the responsibility to set up a proxy filter blocking sites I find inappropriate for my kids. I monitor what's on TV and teach my kids about what they can and can't watch.
I get annoyed when watching a show during prime time with my kids and I have to have the remote in hand to mute the commercial promos for shows that come on later. ( Putting up the TV guide, hitting mute and popping up the show description blocks the picture fine). I hate having to do that. Kids are too young to be seeing that kind of stuff. There's plenty of time later to deal with those issues when they're older.
I take an active role in bringing up my kids and I have no problems with the restrictions on games that are clearly out of bounds for kids. When they get old enough to make an informed decision on their own then by all means, let them. I hope they have the moral foundation to make the correct choice for them. In addition, the guts to be able to walk away from what they know isn't right.
It all about being the parent. I remember my parents telling me, "When you're in my house you follow my rules. When you're on your own you get to make the rules". As far as looking in your kids room, no sweat there. It my house, my rules.
And on top of it very poorly documented so you can figure out what the #^%$ is going on when it doesn't work right. Trying to get W2K3 working in a properly replicated evnironment without SP1 was almost impossible. Have one machine go haywire and the bi-directional replication is screwed for good. Had this issue in a production environment. No backup for an AD used with mission critical clusters ain't fun. Luckily SP1 was able to correct the issues.
Let me tell you, having to go through the build, integration and implementation of OpenLDAP/Samba on Linux FC3 taught me tons about what MS AD was supposed to be doing. Its a pain but I will tell you that the support was fantastic.
Ever look at the cost of doing a major MS Office upgrade? For the home user (me) th cost of a $295 upgrade for MS Office 2000 from MS Office97 when I rarely use all the programs was a waste of money. Started using OpenOffice on my Win machine because, economically I couldn't justify the upgrade expense. In addition, MS Office doesn't run on my Linux machine.
Businesses are taking a long hard look at the upgrade cost of programs. If there's an alternative that costs less and functions the same, this has a dramatic affect on the bottom line.
Actually MS is looking at changing their business plan. They're starting to see revenue drying up in various areas.
They are now getting into the Services arena. They plan on offiering a suite of services for customers. to install their software on servers, etc.
But, oh we're not going to screw our partners in the process. They can user our service offerings and provide "value add".
This is just an extension of an ongoing program thats been working for years. They have a "Trusted Traveler" program at a number of border crossings for faster processing of individuals that enter the country on a regular basis. The TT is issued an RFID card that is tied to your credentials in a DB. As you approach the boarder there are special TT lanes for you to go in. By the time you reach the INS station your information and photo are on display for the guard to verify.
Down near San Diego this has been working for folks that live in Mexico but work in SD.
The process works in speeding entry into the US.
Now the international community is working on providing RFID capability to passports,etc. Tie the ID number to your information in the DB.
BTW, the RFID device doesn't hold your personal info and photo. Its the DB index key to where the information is stored.
I find this interesting. Here in Virginia the Gas company (read monopoly) on providing service to your house has been deregulated. I am at liberty to purchase my natural gas from any supplier I wish. The gas company must provide service across their lines to my house. I pay a distribution fee that covers the cost of gas line maintenance and service to get the gas to my house over the monopoly lines.
The distro charge is regulated to ensure the consumer isn't gouged by the monopoly. My bill has two parts. 1st is from the gas supplier I contract with to provide me the actual gas. The 2nd part is for the distribution costs. This is a flat fee plus a per unit usage charge. The old gas company has broken into two parts. The gas supplier and the infrastructure provider.
This is a win-win. I get service over regulated lines while the actual product I can choose the best or least cost supplier. I can also make any long term contract for supplies I wish.
IMHO, wired telecommunications services where there is necessarily a monopoly for the last mile should use the same model. The last mile provider is a regulated monopoly while the customer has the ability to contract from any service provider they choose. The monopoly would exist even if there were multiple cables to your house, (ie, CATV and Telephone). This would encourage infrastructure upgrades since the monopoly would be able to recover costs with a reasonable profit for newer technology. Any service provider would have access to customers over the infrastructure at non discriminatory pricing, (Ie; everyone gets charged the same) no matter whether its another division of the monopoly or another company.
Electric power is moving in the same direction. (Yeah, I know. CA screwed it up big time.)
It all boils down to incompitent admins. Simple to remove all games from Windows systems. The process takes a few minutes when the machine is delivered.
One nice thing about Windows Group Policy objects, you can enforce security policies where they can't be changed. You can also rescan machines as they log onto the network and re-apply the policy if the tech savy person manages to circumvent it.
Slashdot Mirror
I suppose you're referring to the Green Party, Sierra Club, etc, etc, etc shills. Back in the 70's it was the next ice age. Then it was ozone depletion, "we're doomed!". Then the ozone hole closed. Answer this one, Why did the middle ages warming period get removed from the latest "scientific" reports? Was it to skew the charting results in order to get the "hockey stick" result? Color me skeptical....
I had the same issue. I live well within the DSL distance from the Central Office but could not get DSL. I called Verizon and asked why not. The reason, our neighborhood had a fiber combiner at the head of the copper infrastructure. There was no direct copper line to the CO. I now have four choices for broadband though, Cable, Satellite, wireless and Fiber Optic. Ten years ago I had two, dial-up or unidirectional cable modem. I tried cable modem when Adelphia finally installed bi-directional service. Service was abysmal and cost twice as much as Comcast (the next county over). As soon as Verizon installed fiber optic to the house, Adelphia dropped their price to match FIOS. I told them no dice, poor spotty service at any price wasn't worth it. One other note, most of the top countries have telcos that are monopoly or run by the government as opposed to the US.
MCSE?? Nah. Never bothered. "A Linux server takes me about two hours to build. Configuration is easy, especially if the .conf files are pre-configured in the lab.
Yes, when someone else does the work for you, it typically IS a whole lot easier. "
Uh, I'm the one doing the configuration builds in the lab first. Then I deploy them.
"Yup, and how often are you doing this that it takes you so long to build your machines? You do know you can set a default policy and use it on other machines, right? Oh, of course you do, you're an "expert"!
Its the creation of the specific policy profiles for each configuration that takes the time. The actual type security config, once built takes no time to apply. But, then again, you probably just use the unpatched out of the box configuration, one size fits all, with servers owned within 20 minutes. Hate to be in your company....
"Well, then, if that's your biggest gripe the problem isn't with the OS, it's with the user administering them. "
Wrong once again, Mr. default config. Its with an OS that has tons of inherently insecure software with no way to strip it out. Its called reducing the vulnerability footprint. It can't be attacked if its not on the machine.
From a security perspective, the Windows servers sit in a tightly restricted DMZ ensconced behind firewalls. E-mail gateways are Linux. Spam filter and Anti-virus are on the Linux gateway. Exchange never sees outside the Intranet.
Yeah, good luck to you with that. "
Works like a charm.
Uh yeah. I administer both Linux and Windows machines...
.conf files are pre-configured in the lab.
Using Windows 2003 server a typical web server build with patches takes about 4-5 hours to complete. A SQL DB cluster server pair is about a two day process, if everything works right. Thats with standardized build procedures that were created in a test lab environment. Don't forget the little "gotchas" like programs that require the use of NETBIOS and can't run properly using DNS/ActiveDirectory.
A Linux server takes me about two hours to build. Configuration is easy, especially if the
Both types require test lab work to get the proper configuration to include the security profile dialed in. Tightened up for security while letting the proper functions work.
From a security perspective, the Windows servers sit in a tightly restricted DMZ ensconced behind firewalls. E-mail gateways are Linux. Spam filter and Anti-virus are on the Linux gateway. Exchange never sees outside the Intranet.
My biggest gripe on Windows servers, I can't strip out all the useless services, dll's and programs that have no business being on a server. Yeah you can disable the service but I prefer not to have it there at all.
I live in Virginia. My house is a tad newer so I have the DEMARC boxes installed on the outside of the house. When I finished off the basement I installed a cat-5e and 2ea RG-6 COAX runs from the outside DEMARC to a patch installed in the basement. All the wiring in the original house is run in series to the demarc with 3 drops installed. One to the 2nd floor and one to the first floor. The third drop is coiled in the attic. When Verizon installed FIOS, they pulled a single CAT-6 run to my patch (along with power) to the new FIOS box. The FIOS box had three RJ ports for the existing telephone drops. Cut-over was easy. The changeover from Adelphia to Dish to FIOS for TV was just as easy. The cable demarc was for two TV sets we have wired in the house. Each repairman just changed where the inside drops were connected to. FIOS does require a COAX drop from the inside router to the outside DEMARC. I found out that the set top boxes have their own IP addresses to receive the TV guide info. Verizon FIOS TV installs a cat-5 to COAX bridge by the data router. Verizon, for some strange reason does not install all the required drops at once. Since I already had the COAX run from outside the TV installer didn't have to run another cable. If you plan on getting both FIOS network and TV installed, request them to install both lines at once. Its easier to haul all the required cables at once rather than pulling a new one later. Saves on additional holes on the outside of your house.
Very true. But a lot of times we do rolling hardware upgrades where we build and configure new hardware offline and then bring the old server offline and bring the new server online. We currently have a volume license agreement where we keep track of the machines we have online. We decomission the old hardware after we remove it. The new Longhorn model is that either you have to phone home to "mother" for your machine to be validated. The other choice is you have to install a license server on your network to validate your own servers. I'm not sure how often the servers have to phone home to be validated but if its anything like WGA that license server becomes a critical asset that can't go down. More expense for a business to operate. And this truely is a waste of money just to keep your systems functioning.
Yes, inbound on port 80... One of these days I have to check on port 25 to confirm. grc.com is a good site to use as a port scanner.
I have FIOS installed. Been on it for about a year now. Verizon has port 80 blocked. They provide two levels of bandwidth: 5Mbps download with 2Mbps upload and 15Mbps down with 2Mbps upload and Up to 30 Mbps down and 5 Mbps upload. We're also one of the two test markets for FIOS TV. That work very well. No issues with the service. FTTH was installed after much dickering with the local community. There are some communities her in Northern VA that have told Verizon that they can't put in Fiber.
IBM is not looking to settle but wants solid case law decided so no one can do this again.
Interesting thing to note. RIght after the NYT released the information about the NSA tracking overseas phone calls to and from the US (prefectly legal under FISA and other relevant statutes. It was also upheld in the FISA court of appeals) there were a quite a few reported incidents of middle eastern looking men attempting to purchase large numbers (in one case 160) of disposable cell phones. These phones are virtually untraceable. Coincidence, nope. Al Qeeda cells in the US trying to set up secure commuunications, you betcha. Thanks, NYT you just made it harder to nail the terrorists before they strike. Every single revelation about intelligence sources and methods (whether they go into the details or not) makes it much more likely that we'll be hit with another serious attack.
Exactly what is being done wiht the data. Everyone screamed that the Government didn't connect the dots to prevent 9/11 attack. Can't have law enforcement and intel talking to each other. No data sharing. Able Danger was a program that pulled from open sources and it appears that it twigged Atta and a few other of the 9/11 attackers. That was shut down by the lawyers prior to 9/11. THe purpose of intelligence is to gather information about your enemies and potential enemies to figure out their real intentions. If intel twigs onto something nefarious, you attempt to stop the action before it occurs. Prevention is a heck of a lot better than filling body bags after he fact. And by the way. All of these programs are perfectly legal with congressional and judicial oversight.
I wonder what version of DNS code MS uses. I find it rather interesting that the HOSTS file in MS Windows is located in ../etc/ directory.
Sarbox has had a very bad impact on businesses. Aside from the billions its drained out of the economy, it also places regulartory requirements to track data within a business and ensure proper controls are in place. This DRM is a way of accomplishing this. It helps with the audit trails of who accessed and modified the data in a way that non-repudiatable. CEO's, when they sign the financial statments, put their job and freedom on the line that the numbers are correct and traceable. Failure to do that ends them up in prison. Even if there is no wrongdoing. Sarbox assumes everyone is a crook and you have to prove you're not. Thanks Congress...
Google runs an OC-48 and an OC-12 pipe at each of its sites. Rumor has it there are four of them. Two in Virginia and two out west. I don't know what the price of an OC-12 let alone an OC-48 is but I can guarantee you that it sure as heck isn't free.
I just read the relevant sections of the FISA law. The following link is to the definitions. http://www4.law.cornell.edu/uscode/html/uscode50/u sc_sec_50_00001801----000-.html
1801. Definitions,(b),(2) clearly states that any person who engages in Internation terrorism is fair game. This section makes no distinction as to citizenship.
Subchapter 1802. (http://www4.law.cornell.edu/uscode/html/uscode50/ usc_sec_50_00001802----000-.html) goes into the procedure for conducting the warrantless wiretaps.
If they are certified by the Attourney General and the relevant committes in Congress are notified, then it is on the up and up.
Bottom line: The warrantless wiretaps are legal if the procedures outlined in FISA have been followed. It appears that they have since the Attourney General (and an Asst AG has as well) has made his certifications, the congressional comittees have bee notified (they have on numerous occasions) and the president has done the reauthorizations (he has).
I used to have dialup. With the firewall installed I was getting probed all the time. In fact, during one of the major outbreaks my sessions slowed to a crawl due to the probes hitting my machine. No one is safe...
It was the ACLU that killed it.. Said it was a 4th amenndment violtaiont against unreasonable search and seizure for the police to use it. Fire & rescue squads most likely got scared off because they're government entities and could get sued for using this device. Even if it was to save lives. I can hear the ACLU now, "but the police could borrow it too."
As a parent, I have the responsibility of monitoring what my children are watching and doing on the computer. Online games and web site? I took the responsibility to set up a proxy filter blocking sites I find inappropriate for my kids. I monitor what's on TV and teach my kids about what they can and can't watch. I get annoyed when watching a show during prime time with my kids and I have to have the remote in hand to mute the commercial promos for shows that come on later. ( Putting up the TV guide, hitting mute and popping up the show description blocks the picture fine). I hate having to do that. Kids are too young to be seeing that kind of stuff. There's plenty of time later to deal with those issues when they're older. I take an active role in bringing up my kids and I have no problems with the restrictions on games that are clearly out of bounds for kids. When they get old enough to make an informed decision on their own then by all means, let them. I hope they have the moral foundation to make the correct choice for them. In addition, the guts to be able to walk away from what they know isn't right. It all about being the parent. I remember my parents telling me, "When you're in my house you follow my rules. When you're on your own you get to make the rules". As far as looking in your kids room, no sweat there. It my house, my rules.
And on top of it very poorly documented so you can figure out what the #^%$ is going on when it doesn't work right. Trying to get W2K3 working in a properly replicated evnironment without SP1 was almost impossible. Have one machine go haywire and the bi-directional replication is screwed for good. Had this issue in a production environment. No backup for an AD used with mission critical clusters ain't fun. Luckily SP1 was able to correct the issues. Let me tell you, having to go through the build, integration and implementation of OpenLDAP/Samba on Linux FC3 taught me tons about what MS AD was supposed to be doing. Its a pain but I will tell you that the support was fantastic.
Ever look at the cost of doing a major MS Office upgrade? For the home user (me) th cost of a $295 upgrade for MS Office 2000 from MS Office97 when I rarely use all the programs was a waste of money. Started using OpenOffice on my Win machine because, economically I couldn't justify the upgrade expense. In addition, MS Office doesn't run on my Linux machine. Businesses are taking a long hard look at the upgrade cost of programs. If there's an alternative that costs less and functions the same, this has a dramatic affect on the bottom line.
Actually MS is looking at changing their business plan. They're starting to see revenue drying up in various areas. They are now getting into the Services arena. They plan on offiering a suite of services for customers. to install their software on servers, etc. But, oh we're not going to screw our partners in the process. They can user our service offerings and provide "value add".
This is just an extension of an ongoing program thats been working for years. They have a "Trusted Traveler" program at a number of border crossings for faster processing of individuals that enter the country on a regular basis. The TT is issued an RFID card that is tied to your credentials in a DB. As you approach the boarder there are special TT lanes for you to go in. By the time you reach the INS station your information and photo are on display for the guard to verify. Down near San Diego this has been working for folks that live in Mexico but work in SD. The process works in speeding entry into the US. Now the international community is working on providing RFID capability to passports,etc. Tie the ID number to your information in the DB. BTW, the RFID device doesn't hold your personal info and photo. Its the DB index key to where the information is stored.
I had al sorts of problems with AD replication that this SP seems to have fixed.
I find this interesting. Here in Virginia the Gas company (read monopoly) on providing service to your house has been deregulated. I am at liberty to purchase my natural gas from any supplier I wish. The gas company must provide service across their lines to my house. I pay a distribution fee that covers the cost of gas line maintenance and service to get the gas to my house over the monopoly lines. The distro charge is regulated to ensure the consumer isn't gouged by the monopoly. My bill has two parts. 1st is from the gas supplier I contract with to provide me the actual gas. The 2nd part is for the distribution costs. This is a flat fee plus a per unit usage charge. The old gas company has broken into two parts. The gas supplier and the infrastructure provider. This is a win-win. I get service over regulated lines while the actual product I can choose the best or least cost supplier. I can also make any long term contract for supplies I wish. IMHO, wired telecommunications services where there is necessarily a monopoly for the last mile should use the same model. The last mile provider is a regulated monopoly while the customer has the ability to contract from any service provider they choose. The monopoly would exist even if there were multiple cables to your house, (ie, CATV and Telephone). This would encourage infrastructure upgrades since the monopoly would be able to recover costs with a reasonable profit for newer technology. Any service provider would have access to customers over the infrastructure at non discriminatory pricing, (Ie; everyone gets charged the same) no matter whether its another division of the monopoly or another company. Electric power is moving in the same direction. (Yeah, I know. CA screwed it up big time.)
It all boils down to incompitent admins. Simple to remove all games from Windows systems. The process takes a few minutes when the machine is delivered. One nice thing about Windows Group Policy objects, you can enforce security policies where they can't be changed. You can also rescan machines as they log onto the network and re-apply the policy if the tech savy person manages to circumvent it.