I really don't think you have to be a geek to understand the concept of "what you do on your own time for no compensation without using your employer's equipment belongs to you, not your employer...unless you were a chump and gave away your soul in the employment agreement".
Not only that, but apparently California's law says that even if you _were_ that much of a chump, the employment agreement isn't enforceable on that count.
They'll probably confiscate my Real Libertarian card(tm) for saying this, but it'd be real nice if the law said that in Illinois too.:)
Everyone I've ever talked to lies about what they do on the internet. I did when I was young, my friends did, most of the people with anything to hide still do.
Of course, when I was 15, internet access was a dialup shell account on a public access system that limited access to porn not for any sort of "moral" reasons, but because they didn't have a lot of bandwidth or disk space available...so no *.binaries usenet groups...and of course the web hadn't been invented yet...:)
But realistically, if your kids are basically sane and responsible people, the best policy is to not worry so much about their internet use.
A worthless personal homepage does not harm anything except the creative reputation of its creator.
So I disagree with your assertion that there are "far too many" of them...except in the "in a perfect world, there wouldn't be any stupid people with nothing worthwhile to say" sense. "Far too many" implies that the presence of bad homepages somehow diminishes the rest of the net, or at least places some sort of measurable drain on a scarce resource. It doesn't.
In my more hopeful moods, I sometimes take the risk of supposing that a lot of those uninteresting home pages are built by people as a learning exercise. (In reality it's certainly a small percentage of the total...on the other hand, what _good_ webmaster _didn't_ build a few uninteresting pages during their learning process?)
Actually, it says that it's illegal to circumvent those technical measures _without the permission of the copyright holder_. Which doesn't help in any meaningful way with people who want to play DVDs under Linux, but it does mean that you (as the owner of the copyright on the pictures you took) can escape DMCA by giving yourself permission to crack the protection.:)
Right. We were talking about ditching landline phone service. I ditched landline phone service (without switching to the equally-evil cable service) that way. Too bad most people still can't.
No, I'm not talking about a cell phone. I'm talking about high-speed wireless internet service...which connects to the IP phone service from Vonage that I use for voice at home. Terrific internet and voice service without a penny paid to either Tweedledee (SBC/Ameritech) or Tweedledum (Comcast cable).:)
But like I said...most places don't have that. Sucks.
>sufficiently advanced technology to accomplish the DSL-without-a-dial-tone magic
DSL does not require a dial-tone, or any other services provisioned on the line. Perfectly standard DSL hardware will run just fine on any pair of copper wires you hand it.
DSL coexisting with a dialtone is actually more "magic" than DSL alone. So that just doesn't wash.
It doesn't even bother me that SBC won't sell me DSL without keeping my SBC voice service. What bothers me is that _Speakeasy_ won't sell me DSL unless I keep my SBC voice service. Why should either Speakeasy or Covad (the underlying wire access provider) care how I handle voice calls?
Ah well...at least I live in a place where high-speed licensed wireless is available.:)
>I don't know about you, but if you're like most Americans you don't get Election Day off from work, and your workplace is a good 30-45 minutes away from the district where you live and am registered to vote. Going to a polling place is physically inconvenient.
35-40 minutes? I _wish_ I'd ever lived that close to any of my workplaces.:) (Luckily I now work nights, so I get home just as the polls are opening on election days.) Lots and lots of Americans are in situations even worse than that.
And since we're talking about Canada here, one also has to consider that the weather can be a rather bigger player in some places up there in one's ability to get to the polls than it usually would be here in the US.
It's well worth thinking and arguing about the very real security issues involved in internet or telephone voting, but let's not pretend that "just get off your ass and go vote" is a reasonable rebuttal to the equally real problems of poll access.
>at the moment the usa more or less control the internet
"More or less", eh? How about just plain old "less"?
The US government does not control the internet in any meaningful way. The internet is controlled by the entities that own the routers...that is, the people and businesses that ponied up the money to BUILD the internet.
What's going on here is that a bunch of tin-pot tyrants are jumping up and down whining about how they can't control what people do on this network, so they want their puppet agencies at the UN to tell the people who did all the work "hey, you did such a great job, we're going to come in and STEAL everything you and your cohorts have spent the last thirty years building".
On behalf of the giants on whose shoulders we all stand, I say HELL NO!
Compare with free services that don't connect to the PSTN, that is.
A free service that doesn't connect to the PSTN is a toy. A geek plaything with minimal utility and no chance of ever supplanting regular POTS from the local wire monopoly for anybody with realistic needs.
On the other hand, services that do interconnect with the PSTN are already, at their present price points, cheaper than equivalent service from non-VOIP providers, and at least some of them are mature enough to be effective replacements for POTS.
I don't have a POTS line at my house anymore. All my voice service at home is provided by Vonage. And SBC/Ameritech gets not a penny of my money. No service that's free today or ever likely to be free in the future will be able to provide that.
On top of that, they'll give me a local number in any city where I have a lot of people who might want to call me, for a small extra fee. This has already made my life (and my business) incomparably easier.
...when was the last time you even saw a CD single? I can tell you that for me, it was back in the days when one still primarily purchased music on casettes.
Maybe they're still distributed in other markets, but it surprises me not at all that online music downloads sell more than CD singles...my one-man sideline consulting business that I run when I'm not working at my Real Job(tm) probably produces more revenue than CD singles do.:)
...if someone had told me yesterday that today I'd read a piece by a software activist even more stridently and offensively political than RMS, I'd have asked what they'd been smoking.
At least RMS and FSF/GNU gave the community a metric shitload of high-quality tools to go along with their rhetoric...I have yet to see what this guy's done to add any value to the world.
Forget that it would be extraordinarily expensive in a cash-poor business...
Print publications have a multi-month lead time for product reviews. If one of them were to stop doing their reviews from manufacturer supplied pre-release products, the resulting reviews would be very very old news before they got into readers' hands.
Moreover, even registration is not necessary unless (and until) you intend to sue somebody. Copyright is automatic for all copyrightable works, unless they're explicitly released into the public domain, and the only thing immediate registration gets you is an official record of the date of the work's creation...and with copyright being effectively perpetual these days, I don't see how that matters much either.
Their directions may in some cases be somewhat less efficient than the best possible route, but I've never found a case where they simply didn't work. And since they're the only mapping site I've found that has the features I've gotten used to (ie the "avoid toll roads" checkbox), they're the one I'm sticking with.
Indeed one system I've been obligated by circumstance to use does exactly this (not as a primary means, but as a supplement to the image)...and it turns out it's necessary, because sometimes the "distortion" takes the form of rotating a digit so that a significant percentage of it becomes invisible, thus rendering (for example) a "1" indistinguishable from a "7"...and of course if you're going to rotate images by up to 90 degrees in either direction (which this system does) than "6" will always be indistinguishable from "9" visually.
These annoyances, combined with the fact that the system in question required doing this step at every log-in (not just for the initial registration like most of them) resulted in it taking me over 2 hours to finally discover that it wasn't going to accept my credit card anyway, and I'd have to buy the products I wanted by putting a money order in an envolope and letting the blue snails take their sweet time getting it to my vendor.
So tell me...how is this supposed to prevent spam, again?
...isn't even worth what you pay for it. (Yeah, it's free of financial charge. And it's worthless. So one might think it'd be worth exactly what you pay. But you're also probably investing time reading all the responses to your request for info, and as long as the value of your time is higher than zero, that makes this a negative-sum proposition.)
Lots of people have said ask a lawyer. Yeah, do that, if you know any lawyers who aren't already so sick of giving you free legal advice that they got caller ID specifically for the purpose of ensuring that you always go to voice mail. Alternatively, if this is so massively annoying that you're willing to pay for legal advice, do that.
Whether free or paid for, the _best_ news you can expect to get is that even if this is a tort of some kind (IANAL and I'm making no claims one way or the other...merely stating a hypothetical), it will cost more to sue than the aggravation you're enduring could POSSIBLY be worth.
Change phone numbers (consider going with one of the VoIP providers...that's how I got rid of a phone number that used to belong to a fax machine). Get a Mail Boxes Etc box, use that as your primary mailing address, and throw away anything sent to where you actually live. Get your email address changed (or, if you can't, abandon it in favor of a new one). And next time be a bit more careful about throwing away personal data in public wastebaskets while standing a few feet away from people whose own fine-print tells you in no uncertain terms that they have no intention of respecting your privacy.
These are annoying things to have to do, but you don't need a lawyer to tell you they'll be a lot easier and a lot cheaper than filing a lawsuit, even if it turns out that you have credible grounds for one.
Re:PVRs are already making TV unrecognizable
on
TV's Tipping Point
·
· Score: 1
>You can get the same features (and more) for free (like beer) with Linux and Mythtv
Well...not really.
The last time I checked, MythTV's answer to changing channels on a cable box is "we'll let you run an external program to do it...except there is no external program that can do that, so I guess you can just FOAD". TiVO can do this out of the box. (For those of us with digital cable, a PVR is basically an unwieldly paperweight unless it has this feature.)
Plus which, while Linux and the MythTV software are free, the TV-capture hardware necessary to run MythTV is not, nor is a Linux system that can fit neatly on top of my TV. Not only are they not free-as-in-beer, they're not less expensive than an off-the-shelf TiVO.
MythTV seems like a nice project for people with spare hardware and lots of time on their hands, but frankly it doesn't seem likely to make even a sizeable dent in TiVO. And, since TiVO is not merely Linux-based but openly and flagrantly tolerant of hacking by users, I see no need to spend more money and more time to implement MythTV just to make some sort of statement against them.
>These "internet-accessible machines owned by the bank... hosted in offsite colo facilities that have no direct connection to [y]our network" -- do they have sensitive/valuable data on them thet they publish to the world?
Of course they don't. That'd be pretty stupid, unless we implemented similar security there. (At a commercial bank with retail clients, there's a need to have confidential information on machines with at least a tenuous connection to the web, so that customers can access their accounts through their web browsers. This is an investment bank...we don't have that requirement.:) )
I'm not going to argue against outsourcing security to a colo provider...if the internal outsourcing plan and the provider's security are done right, it can be better than a lot of companies could hope to do internally. But like I said...this is an investment bank with gigabucks under management...they already have people who know more about security engineering than most slashdot readers (myself included) ever will, and so they're not outsourcing their security at all...just cleanly seperating the machines that contain no truly secret information (and hence can talk to the world and survive with only the standard level of protection provided by good a good sysadmin keeping on top of patches and enforcing secure password policies) from the ones that could sink the firm, cost our clients mind-numbing amounts of money, and possibly disrupt the global financial markets if they were penetrated by professional crooks (and hence require the best security that a big budget _and skilled professional planning_ can provide).
I've known quite a few honest ones...although the only one I've sought out repeatedly (during multiple seperate job hunts) has been Interactive Business Systems. (Officially prospects work with recruiters, who are more or less interchangeable. In reality I spent most of my time dealing with a client account manager named Denny Tomaska out of the Chicago-Suburban office, who is definitely one of a kind.)
I don't know what their corporate compensation structure is like, but I do know that these people have gone WAY above and beyond to try and make custom-fit-like-a-glove deals for me. And although my present day-job is not one I got through them, I'd still have no qualms whatsoever about reccomending them to anybody in the market.
I fail to see the practical utility of this proposal. Unlike existing schemes, this one is explicitly not designed to be resolvable. One must wonder, given that, what good it is.
...on your specific security needs, and the needs of your user base. As always.
At the moment, for my "day job" (which is really at night, but never mind that), I do sysadmin and networking stuff for an international investment bank. The information on our computers is worth on the order of tens of billions of dollars on the market, not to mention the very serious privacy implications if there were a compromise (which have specific legal consequences in some of the jurisdictions where we operate, and serious PR consequences everywhere). As you would expect, the order of the day here is totally-closed firewalls with proxy servers to handle the specific traffic that's been determined to be appropriate. The internet-accessible machines owned by the bank are hosted in offsite colo facilities that have no direct connection to our network. Short of saying "no, you can't access the internet at all for any purpose no matter what", that's about as tightly secured as it's possible to get...and that's appropriate for the security needs of this environment.
On the other hand, I also run a small community ISP. It's a not-for-profit cooperative association, but in terms of security it'd be managed pretty much the same way if it were being run as a for-profit enterprise. Its security configuration is pretty much wide open...the machines with sensitive member information on them are hidden behind a proxying firewall, but the rest of the network is only firewalled to the extent necessary to prevent serious DoS attacks. That's also appropriate for the security needs of the environment.
Good security practice starts with a risk model and a threat model. Anyone who says "this is the level of security you need to implement" without understanding the risks and threats you face is somebody you should ignore.
...but I'm trying to figure out just what this feature would be good for.
It's cool that a room can know who I am (to set the preferred lighting level or whatnot), but why should a couch care? To show me what I want to watch on TV? That's a pretty complex algorithm that's taken me weeks to more-or-less teach to my TiVO...I don't want to have to teach it to my couch too. I despair of ever having furniture that can guess when I'll want to eat (let alone what), since even my GF hasn't proven too adept at that task.
What, other than "because it'd be cool to do", is the motivation for this project? (Not that being cool to do is a bad motivation...but it doesn't provide any reason for the rest of us to care.)
Slashdot Mirror
I really don't think you have to be a geek to understand the concept of "what you do on your own time for no compensation without using your employer's equipment belongs to you, not your employer...unless you were a chump and gave away your soul in the employment agreement".
:)
Not only that, but apparently California's law says that even if you _were_ that much of a chump, the employment agreement isn't enforceable on that count.
They'll probably confiscate my Real Libertarian card(tm) for saying this, but it'd be real nice if the law said that in Illinois too.
Everyone I've ever talked to lies about what they do on the internet. I did when I was young, my friends did, most of the people with anything to hide still do.
Of course, when I was 15, internet access was a dialup shell account on a public access system that limited access to porn not for any sort of "moral" reasons, but because they didn't have a lot of bandwidth or disk space available...so no *.binaries usenet groups...and of course the web hadn't been invented yet...:)
But realistically, if your kids are basically sane and responsible people, the best policy is to not worry so much about their internet use.
A worthless personal homepage does not harm anything except the creative reputation of its creator.
So I disagree with your assertion that there are "far too many" of them...except in the "in a perfect world, there wouldn't be any stupid people with nothing worthwhile to say" sense. "Far too many" implies that the presence of bad homepages somehow diminishes the rest of the net, or at least places some sort of measurable drain on a scarce resource. It doesn't.
In my more hopeful moods, I sometimes take the risk of supposing that a lot of those uninteresting home pages are built by people as a learning exercise. (In reality it's certainly a small percentage of the total...on the other hand, what _good_ webmaster _didn't_ build a few uninteresting pages during their learning process?)
Actually, it says that it's illegal to circumvent those technical measures _without the permission of the copyright holder_. Which doesn't help in any meaningful way with people who want to play DVDs under Linux, but it does mean that you (as the owner of the copyright on the pictures you took) can escape DMCA by giving yourself permission to crack the protection. :)
Right. We were talking about ditching landline phone service. I ditched landline phone service (without switching to the equally-evil cable service) that way. Too bad most people still can't.
:)
Wireless is the future, though.
No, I'm not talking about a cell phone. I'm talking about high-speed wireless internet service...which connects to the IP phone service from Vonage that I use for voice at home. Terrific internet and voice service without a penny paid to either Tweedledee (SBC/Ameritech) or Tweedledum (Comcast cable). :)
But like I said...most places don't have that. Sucks.
It wouldn't need to be good in the basement even if I lived there, because the antenna mounts on the outside of the house.
Unfortunately, not too many places seem to have service like this at consumer-oriented prices.
>sufficiently advanced technology to accomplish the DSL-without-a-dial-tone magic
:)
DSL does not require a dial-tone, or any other services provisioned on the line. Perfectly standard DSL hardware will run just fine on any pair of copper wires you hand it.
DSL coexisting with a dialtone is actually more "magic" than DSL alone. So that just doesn't wash.
It doesn't even bother me that SBC won't sell me DSL without keeping my SBC voice service. What bothers me is that _Speakeasy_ won't sell me DSL unless I keep my SBC voice service. Why should either Speakeasy or Covad (the underlying wire access provider) care how I handle voice calls?
Ah well...at least I live in a place where high-speed licensed wireless is available.
>I don't know about you, but if you're like most Americans you don't get Election Day off from work, and your workplace is a good 30-45 minutes away from the district where you live and am registered to vote. Going to a polling place is physically inconvenient.
:) (Luckily I now work nights, so I get home just as the polls are opening on election days.) Lots and lots of Americans are in situations even worse than that.
35-40 minutes? I _wish_ I'd ever lived that close to any of my workplaces.
And since we're talking about Canada here, one also has to consider that the weather can be a rather bigger player in some places up there in one's ability to get to the polls than it usually would be here in the US.
It's well worth thinking and arguing about the very real security issues involved in internet or telephone voting, but let's not pretend that "just get off your ass and go vote" is a reasonable rebuttal to the equally real problems of poll access.
>at the moment the usa more or less control the internet
"More or less", eh? How about just plain old "less"?
The US government does not control the internet in any meaningful way. The internet is controlled by the entities that own the routers...that is, the people and businesses that ponied up the money to BUILD the internet.
What's going on here is that a bunch of tin-pot tyrants are jumping up and down whining about how they can't control what people do on this network, so they want their puppet agencies at the UN to tell the people who did all the work "hey, you did such a great job, we're going to come in and STEAL everything you and your cohorts have spent the last thirty years building".
On behalf of the giants on whose shoulders we all stand, I say HELL NO!
Compare with free services that don't connect to the PSTN, that is.
A free service that doesn't connect to the PSTN is a toy. A geek plaything with minimal utility and no chance of ever supplanting regular POTS from the local wire monopoly for anybody with realistic needs.
On the other hand, services that do interconnect with the PSTN are already, at their present price points, cheaper than equivalent service from non-VOIP providers, and at least some of them are mature enough to be effective replacements for POTS.
I don't have a POTS line at my house anymore. All my voice service at home is provided by Vonage. And SBC/Ameritech gets not a penny of my money. No service that's free today or ever likely to be free in the future will be able to provide that.
On top of that, they'll give me a local number in any city where I have a lot of people who might want to call me, for a small extra fee. This has already made my life (and my business) incomparably easier.
...when was the last time you even saw a CD single? I can tell you that for me, it was back in the days when one still primarily purchased music on casettes.
:)
Maybe they're still distributed in other markets, but it surprises me not at all that online music downloads sell more than CD singles...my one-man sideline consulting business that I run when I'm not working at my Real Job(tm) probably produces more revenue than CD singles do.
Cocaine wasn't illegal when Coca-Cola contained it. (Drug prohibition is a 20th century creation...Coca-cola is older than that.)
...if someone had told me yesterday that today I'd read a piece by a software activist even more stridently and offensively political than RMS, I'd have asked what they'd been smoking.
At least RMS and FSF/GNU gave the community a metric shitload of high-quality tools to go along with their rhetoric...I have yet to see what this guy's done to add any value to the world.
Forget that it would be extraordinarily expensive in a cash-poor business...
Print publications have a multi-month lead time for product reviews. If one of them were to stop doing their reviews from manufacturer supplied pre-release products, the resulting reviews would be very very old news before they got into readers' hands.
Moreover, even registration is not necessary unless (and until) you intend to sue somebody. Copyright is automatic for all copyrightable works, unless they're explicitly released into the public domain, and the only thing immediate registration gets you is an official record of the date of the work's creation...and with copyright being effectively perpetual these days, I don't see how that matters much either.
Their directions may in some cases be somewhat less efficient than the best possible route, but I've never found a case where they simply didn't work. And since they're the only mapping site I've found that has the features I've gotten used to (ie the "avoid toll roads" checkbox), they're the one I'm sticking with.
Indeed one system I've been obligated by circumstance to use does exactly this (not as a primary means, but as a supplement to the image)...and it turns out it's necessary, because sometimes the "distortion" takes the form of rotating a digit so that a significant percentage of it becomes invisible, thus rendering (for example) a "1" indistinguishable from a "7"...and of course if you're going to rotate images by up to 90 degrees in either direction (which this system does) than "6" will always be indistinguishable from "9" visually.
These annoyances, combined with the fact that the system in question required doing this step at every log-in (not just for the initial registration like most of them) resulted in it taking me over 2 hours to finally discover that it wasn't going to accept my credit card anyway, and I'd have to buy the products I wanted by putting a money order in an envolope and letting the blue snails take their sweet time getting it to my vendor.
So tell me...how is this supposed to prevent spam, again?
...isn't even worth what you pay for it. (Yeah, it's free of financial charge. And it's worthless. So one might think it'd be worth exactly what you pay. But you're also probably investing time reading all the responses to your request for info, and as long as the value of your time is higher than zero, that makes this a negative-sum proposition.)
Lots of people have said ask a lawyer. Yeah, do that, if you know any lawyers who aren't already so sick of giving you free legal advice that they got caller ID specifically for the purpose of ensuring that you always go to voice mail. Alternatively, if this is so massively annoying that you're willing to pay for legal advice, do that.
Whether free or paid for, the _best_ news you can expect to get is that even if this is a tort of some kind (IANAL and I'm making no claims one way or the other...merely stating a hypothetical), it will cost more to sue than the aggravation you're enduring could POSSIBLY be worth.
Change phone numbers (consider going with one of the VoIP providers...that's how I got rid of a phone number that used to belong to a fax machine). Get a Mail Boxes Etc box, use that as your primary mailing address, and throw away anything sent to where you actually live. Get your email address changed (or, if you can't, abandon it in favor of a new one). And next time be a bit more careful about throwing away personal data in public wastebaskets while standing a few feet away from people whose own fine-print tells you in no uncertain terms that they have no intention of respecting your privacy.
These are annoying things to have to do, but you don't need a lawyer to tell you they'll be a lot easier and a lot cheaper than filing a lawsuit, even if it turns out that you have credible grounds for one.
>You can get the same features (and more) for free (like beer) with Linux and Mythtv
Well...not really.
The last time I checked, MythTV's answer to changing channels on a cable box is "we'll let you run an external program to do it...except there is no external program that can do that, so I guess you can just FOAD". TiVO can do this out of the box. (For those of us with digital cable, a PVR is basically an unwieldly paperweight unless it has this feature.)
Plus which, while Linux and the MythTV software are free, the TV-capture hardware necessary to run MythTV is not, nor is a Linux system that can fit neatly on top of my TV. Not only are they not free-as-in-beer, they're not less expensive than an off-the-shelf TiVO.
MythTV seems like a nice project for people with spare hardware and lots of time on their hands, but frankly it doesn't seem likely to make even a sizeable dent in TiVO. And, since TiVO is not merely Linux-based but openly and flagrantly tolerant of hacking by users, I see no need to spend more money and more time to implement MythTV just to make some sort of statement against them.
>These "internet-accessible machines owned by the bank ... hosted in offsite colo facilities that have no direct connection to [y]our network" -- do they have sensitive/valuable data on them thet they publish to the world?
:) )
Of course they don't. That'd be pretty stupid, unless we implemented similar security there. (At a commercial bank with retail clients, there's a need to have confidential information on machines with at least a tenuous connection to the web, so that customers can access their accounts through their web browsers. This is an investment bank...we don't have that requirement.
I'm not going to argue against outsourcing security to a colo provider...if the internal outsourcing plan and the provider's security are done right, it can be better than a lot of companies could hope to do internally. But like I said...this is an investment bank with gigabucks under management...they already have people who know more about security engineering than most slashdot readers (myself included) ever will, and so they're not outsourcing their security at all...just cleanly seperating the machines that contain no truly secret information (and hence can talk to the world and survive with only the standard level of protection provided by good a good sysadmin keeping on top of patches and enforcing secure password policies) from the ones that could sink the firm, cost our clients mind-numbing amounts of money, and possibly disrupt the global financial markets if they were penetrated by professional crooks (and hence require the best security that a big budget _and skilled professional planning_ can provide).
I've known quite a few honest ones...although the only one I've sought out repeatedly (during multiple seperate job hunts) has been Interactive Business Systems. (Officially prospects work with recruiters, who are more or less interchangeable. In reality I spent most of my time dealing with a client account manager named Denny Tomaska out of the Chicago-Suburban office, who is definitely one of a kind.)
I don't know what their corporate compensation structure is like, but I do know that these people have gone WAY above and beyond to try and make custom-fit-like-a-glove deals for me. And although my present day-job is not one I got through them, I'd still have no qualms whatsoever about reccomending them to anybody in the market.
I fail to see the practical utility of this proposal. Unlike existing schemes, this one is explicitly not designed to be resolvable. One must wonder, given that, what good it is.
...on your specific security needs, and the needs of your user base. As always.
At the moment, for my "day job" (which is really at night, but never mind that), I do sysadmin and networking stuff for an international investment bank. The information on our computers is worth on the order of tens of billions of dollars on the market, not to mention the very serious privacy implications if there were a compromise (which have specific legal consequences in some of the jurisdictions where we operate, and serious PR consequences everywhere). As you would expect, the order of the day here is totally-closed firewalls with proxy servers to handle the specific traffic that's been determined to be appropriate. The internet-accessible machines owned by the bank are hosted in offsite colo facilities that have no direct connection to our network. Short of saying "no, you can't access the internet at all for any purpose no matter what", that's about as tightly secured as it's possible to get...and that's appropriate for the security needs of this environment.
On the other hand, I also run a small community ISP. It's a not-for-profit cooperative association, but in terms of security it'd be managed pretty much the same way if it were being run as a for-profit enterprise. Its security configuration is pretty much wide open...the machines with sensitive member information on them are hidden behind a proxying firewall, but the rest of the network is only firewalled to the extent necessary to prevent serious DoS attacks. That's also appropriate for the security needs of the environment.
Good security practice starts with a risk model and a threat model. Anyone who says "this is the level of security you need to implement" without understanding the risks and threats you face is somebody you should ignore.
...but I'm trying to figure out just what this feature would be good for.
It's cool that a room can know who I am (to set the preferred lighting level or whatnot), but why should a couch care? To show me what I want to watch on TV? That's a pretty complex algorithm that's taken me weeks to more-or-less teach to my TiVO...I don't want to have to teach it to my couch too. I despair of ever having furniture that can guess when I'll want to eat (let alone what), since even my GF hasn't proven too adept at that task.
What, other than "because it'd be cool to do", is the motivation for this project? (Not that being cool to do is a bad motivation...but it doesn't provide any reason for the rest of us to care.)