How did you discover the FIOS rollout schedule for your location? I'm contemplating moving my household and I would definitely use the current/future availability of FIOS to help me choose my destination. However, I can't figure out where to look to find a map that says "This is where you can get it, this is where you can get it in 6 months, and this is where you're out of luck."
So how did you figure this out?
Ask around on dslreports.com, someone should be able to tell you.
Just occurred to me how to access the cabling. Like any other large office building, we sublet floor space to other companies. Law firms, brokerage offices, etcetera that aren't under our control, administratively or physically. If you can access those areas, and they aren't security concious, you've exploited another weakness.
At the risk of being pedantic, I'm going to reply. Keep in mind, I'm not saying this would definitely work, just I know how our environment is set up, and how obsessive our corporate security folks are, and these are actual weaknesses in our environment that aren't being addressed. Other businesses may not be as careful as we are, so I can only imagine what holes they might have.
There are DHCP servers that will request Authentication or only allow certain MAC addresses to get IP's.
We have probably 6000 devices in our downtown campus. At least a dozen or so a day die and get replaced. Recording MAC addresses for each one and adding it to a RADIUS server or something like that isn't on our radar.
No one has yet solved the issue of how you know the bank has just the right printer with just the right firmware version. Plus how do you know what IP address is a printer without special tools such as a sniffer. It's not a hack for the amatuer.
No, it's a hack for a ping sweep tool. All the printers ship with a standard easily recognizable format for host names, which never get changed. Or if they do, they get changed to something like "xerox255-001". Plus, like any other environment, our static IP's start at a low number and go up to.50 or so. all your printers are going to have static IP's. Believe me, if you saw a ping sweep for one of our subnets, it would take you about 15 seconds to figure out whats a printer, router, server, switch or PC, based on our naming convention.
Then, the printers all have helpful web interfaces that will tell you everything you need to know about them, and all the settings they use to authenticate users to the network, hostnames for domain controllers, etcetera.
Also, don't you want to control that printer and it's agent from outside the bank? To do that you got to do a lot more things, like change firewall/router rules and routing tables, etc. which will require a login to the firewall. You may also have a DMZ you have to deal with. Once you are in it's not going to be easy to punch out.
Simple, install the wireless access point near a common area like a coffee shop or lobby, or an outside wall, and sit next door. The exact opposite of how I used to sit in my cube on the 7th floor and pick up free wireless from the hotel across the street to get out from behind the firewall.
The old janitor/maintenance man trick may work to get access if the bank employees are stupid but it'll only work once. There is also the assumption the Cat5 cables are running over the area of the restroom and that they carry internal traffic.
That is probably the biggest assumption, I know ours all run in cable trays under the floor, and hub rooms are locked, only accessible by ID badge. Still, it's techinically possible if you had access to building blueprints, to find a weak spot.
If you found a haphazardly Windows system that was configured by poor admins you might get it to work. It's probably easier to steal an employee acess ID and password, then you got it all at your fingertips.
We have an entire department devoted to security, and they are major pains in the ass. They just aren't looking at this stuff.
Bullsh*t. You been watching too much Hollywood crap. They'd have to have a ladder to reach the tiles, some way to cut the Cat 5 cable, put a connector on the end (non-trivial if fiber), then have to splice the router into the cable, set the router IPs to be on the same subnet as the bank (unless you know this you'll need a sniffer program to grab it). While they are doing this they can't cause a noticable outage and I doubt the banks DNS is going to give the laptop an IP without some kind of login and authentication. Plus you probably need to know what kind of printers they are running, thier IP addresss and/or name before you can get to them to install the Trojan/virus.
I don't know what you mean, a DHCP server will happily give out IPs to anything that asks for one, there's no authentication involved. And if you're good, you can probably cut a cat5 cable and put an RJ45 on it in a minute or two. Sure the guy at the cube who's cable you cut will probably complain, but how long will it take an electrician to figure out what happened, or will they just pull a new cable? Not saying I believe the story, but it's not as far-fetched as you make it sound.
And anyway, a 4 port Linksys WRT54g will function like a hub, and pass the DHCP request right through if it's set up right. That's why admins freak about people buying them at Best Buy and hooking them up under their desks.
Heck if I was doing it, I'd have my laptop set up to talk to the Linksys box with WPA and not broadcast an SSID, to make it harder for security to find my private WAN.
What you are describing is an EFI Fiery RIP. This is not just a "workstation hanging off of the printer." It is doing the actual work of rasterizing the Postscript. Get rid of it, and your Xerox is not even a dumb printer. It won't print at all.
EFI Fiery controllers generally run a version of XP Embedded, which is itself locked down in a variety of ways, but sometimes not. They often have a proprietary motherboard with unique RIP hardware. We have several here. One, driving a Canon CLC 4000, does not even have enough of Windows present to install a driver (VNC in this case).
Well ours had enough of Windows for us to install the corporate antivirus software, and the SMS client, and now Altiris. So corporate security bitches every time they get a report because the Fiery box isn't current on Windows Update patches.
And it has IE 6 on it, can visit websites, has command line functionality, will run vbscript, Remote Desktop and Dameware remote software. So how is that not a Windows workstation?
That being said, what's the difference between the Xeroxes with Fiery's and the ones without? They all print, scan, copy and email. What's the advantage to the workstation for your average technophobic secretary?
I take it from the summary that simple print-scan-copy machines aren't what is being mentioned. Instead, referring to those smart printers that "can access all your companies files" -- couldn't figure how that was a good idea when I saw the ads myself.
We have bunch of these Xeroxes that have - wait for it - an XP workstation hanging off them! No idea what the advantage to that is. You can't use it as a print server, because only ten people at a time can have a connection to it, so as soon as it starts to get heavily used, users complain that they can't connect to it. There's some kind of management console on it that allows you to reprint documents. Yours or your managers I presume. And the management console needs local admin rights to run.
So we run around locking down all the users workstations, but we have a shared workstation in the corner logged in as local admin with no screen saver. Thanks, Xerox! And they don't run Windows update either, you have to get patches from EFI, the compapny that builds the workstations and sells them to Xerox. We don't know how to support them, and neither do the Xerox reps.
So we create a server queue, that points to the workstation, that points to the printer. WTF? Where's the value added there? But we can manage our own print jobs! So? Why do you want to? You can't click print again if you need another copy?
And the drivers don't play nice. Very fun when you have over a hundred queues installed on each print server. the other day, they spent all morning trying to install drivers for one of these crap sandwiches. Every time they installed the driver the server would die.
And every floor has 3 or 4 of them, because each department needs their own. so half of them are totally underused. But we're saving money on all the printers we replaced! You mean the ones that migrated to users desks? We have people with a Laserjet 8000 sitting on a table in their office, sucking up power and $90 toner cartridges, so Manager McPrivileged doesn't have to walk down the hall to print out his 5 emails a day.
We keep telling the Xerox sales rep that we hate her. She thinks we're kidding.
Over here in Blighty, the expression "you have egg on your face" is often said to a man who had forgotten to zip up his trouser flies, possibly after visiting a urinal.
Ha! Where I'm from, we say "Kennywood's open!"
50 Imaginary mod points to the first person to correctly localize that euphemism!
Think of all the 1's and 0's flowing into the ocean right now?! The cost to the environment here is appalling. Someone turn the valves on that internet backbone, stat! Think about the animals!
Good thing it wasn't token-ring. We'd never find the token underwater!
"Let he who is without sin throw the first stone."
Yeah. I work for a financial services corporation. Our email policy is a 60 day retention.
Except for the ones we are required *by law* to keep for 3 years or seven years, by the SEC or Sarbanes-Oxley.
In a format that can be guaranteed not to have been tampered with, selectively deleted or altered.
So, I definitely call shenanigans on this. Somebody somewhere, in whatever the government equivalent of the auditing department is, knew this was against the law.
Partially - Notepad will handle up to 32 Mb, but yeah, I wouldn't want to try it. I use Textpad myself, and PrimalScript for vbscripting
Can we all agree that if your log files are 800 Mb you should probably think about rotating them more often? And Word wouldn't be my first or second choice for ascii text files. Hell, I'll suck them into Excel if I have to sort them by line before I'd use Word.
Trying to pretend religion is the cause of humankind's problems and that people would all get along merrily if it were not for religion is just as absurd. It's as absurd as those who decry the "intolerance" of the religious while themselves being intolerant of the religious.
It may not be the cause, but it sure as hell isn't helping. As if people need another reason to feel superior to other people. If any of the people who call themselves "religious" would act the way their religion tells them to, life would be grand. Instead for the majority of folks, it's just a club they belong to, in order to feel a warm fuzzy cloud of "us - good, them - bad" around themselves. I find more tolerance and open-mindedness in atheist/agnostics than in believers.
From the site: 'Demographics have shown that not only are FireFox users a somewhat small percentage of the internet, they actually are even smaller in terms of online spending, therefore blocking FireFox seems to have only minimal financial drawbacks, whereas ending resource theft has tremendous financial rewards for honest, hard-working website owners and developers.
It's probably true that most Firefox users are significantly smaller purchasers of penis enlargement creams and V1@gra as opposed to their IE using counterparts.
I hate (US/Bush/Republicans/US Military) and I'll believe anything (Iran/Chirac/Democrats/Liberal Reporters) say they reinforces my beliefs without questioning anything. Lots of pinheads write lots of reports for other pinheads while other people do real work.
--
Or conversely:
I hate (brown-skinned foreigners/Hillary/Democrats/liberals) and I'll believe anything (Gonzalez/Bush/Republicans/Fox News) say they reinforces my beliefs without questioning anything. Lots of pinheads write positive spin for other pinheads while other people do criminal acts and gut the constitution in the name of freedom and Jesus.
Agreed. I work for a school district where we run every specialized oddball program on a network that uses roaming profiles, and everyone has limited rights to their PC.
The capability may be there on the windows side for things to work seamlessly, but most of it was developed without a bit of thought into how it might act on a network like ours.
IE:
* software that puts important stuff into the users profile or into the user registry hive that it can't run without, forcing us to make special "reinstallers" that run for every user that logs into the workstation.
* software that requires read/write priviledges to random places on the local drive or parts of the registry which normal users don't normally have.
* software that uses the users profile as a cache area, making the profiles huge and causing slow login and logout.
permissions and multiple users can be a huuuge PITA
Same here - lan admin at a bank, users all locked down.
If the software is well-behaved and installs sensibly, it's not a problem. You'd be amazed how many packages of financial institution specialized software behave as listed above.
You'd think by now, the vendors and developers of software would get it. They know who their market is. Banks are the most security paranoid companies there are. We've been trying to lock down desktops since NT 4 came out, but the frickin' vendors make it impossible.
I thought I read that although the law was repealed, they made it very difficult to receive any federal highway money if the states didn't comply with the 55 mph limit. Not sure if that's true or not.
Working too hard? Try not working enough.
on
Understanding Burnout
·
· Score: 0, Troll
My current job is like a minimum security prison. After 10 years of working my way up the ladder from hardware repair to desktop support, to Novell 3.x and 4.11 admin, I got a Windows admin job at a small startup. For almost two years I had control over all the corporate Windows boxes, and ran things however I wanted, (as long as it didn't cost anything.)
Then the company went bust, and I got downsized, so I went back to my last job, end user support at a 20,000 seat corporation. Everything is siloed into it's respective department. Where I used to have control over the Novell tree in my OU and allowed to create my own login scripts, print queues, network shares, now I do Windows desktop support, and nothing but desktop support. I do no projects, no builds, no login scripts, no evaluations of new equipment. The engineering lab evaluates all software, and creates install packages and OS images for everything, and hands it to us. I create nothing.
I come here every day, sit down, surf the web about 4 hours a day, do mindless trivial bullshit the rest of the time, then go home. I sit in a cube and don't have a direct view of anyone else, like a cell. My co-workers don't talk much, and they don't have much interest in technology. I entertain myself with writing scripts and batch files for the limited access I have to the systems, but I don't have anyone who's interested to show them to or to bounce ideas off of.
The money is good, the benefits are good, the work is easy, it's 8:30 to 5 Monday to Friday, I should have no complaints, but the boredom and lack of any sort of challenge is freaking killing me.
I was looking through my resumes directory, and I must have at least 30 cover letters I've sent out in the past 3 years. I've been on at least 20 interviews, and still haven't had any offers. I've got a lot of knowledge, but not enough experience on the resume, I guess. I've gone through the 5 stages of grief about my career, for a long time I was just freaking out about being stuck here, angry, then depressed, and now I'm just into acceptance. I'm tired of sending out resumes and not getting called, even more tired of getting interviewed and not getting hired. I come in, stare at my monitor for 8 hours and go home. 20 years till retirement. Whoopee!
So... you can connect an external eeprom that runs your own code within a few minutes.
Even if it were possible to write your own firmware, you would have the ability to flash the onboard eeprom just as quickly, or even do A quick solder job on the onboard chip, replacing it with your own.
Considering you can desolder a 16 pin EEPROM within seconds, or just as easily hijack it's communication interface (probably just I2C) it's not unreasonable that there are going to be lots of flaws in this system.
Do you actually think Karl Rove is going to explain to his RNC dirty-tricks people how to unsolder a 16 pin EEPROM? Or do you suppose you'd want to make the interface a little simpler, given that you aren't sure the intelligence level of your user/thug?
With this simple an interface, you could sell an election to anyone, anytime. Capitalism at its finest!
I do desktop support for a Fortune 500 financial services institution, and we are already doing numbers 2 and 3, pushing 1 even as we speak, and I'm sure 4 is being implemented or contemplated, as basically everything from your web access and email to your shoe size and bathroom habits are audited regularly. These are all being driven by Sarbanes-Oxley and data breach notification laws. If the government can pass these laws, they ought to be able to follow them as well.
1. I'm sure on slashdot a lot of people actually have one, or work with a lot of people that have one, but when someone says "Oh, MCSE is a breeze, 10 minutes of studying and I could take it", take them up on it, offer to pay the $100 if they can pass "Exam 70-294: Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure" or "Exam 70-285: Implementing and Managing Microsoft Exchange Server 2003". I bet you 95 out of 100 can't do it without studying.
But you know, no one ever actually points out that that is called CHEATING.
If you actually study the material, as I did, and take the tests honestly, they aren't that easy. And as an added bonus, you atually learn something. They aren't terribly difficult, if you have the real world experience, but certainly not a breeze.
It's unfortunate that a cert is meaningless because so many people are able to pass without working at it, but if you are honest with yourself and study, it at least gives you a baseline and a direction as to what a company thinks is the important concepts of their software that you should know.
That then should give you the ability to talk intelligently at the interview about the software. If the interviewer can't weed out the cheaters then they shouldn't be hiring people. You could probably do it over the phone, before you even bring someone in.
Please name one example of Microsoft every being held accountable for their software failing to work as promised?
I'm so fscking tired of hearing this retort everyone brings up "MS accountability". No one ever said if you lose money, Microsoft reimburses you. No one says that about *anything*. Accountability means one thing to a business, minimizing risk. Perfect example, from a piece of vendor software by a major financial software company.
Major financial institution, using commercial tax processing software, new version comes out every year, supporting the new tax laws. versions 99, 00, 01, 02, 03 supported on NT. Version '04 comes out, vendor states the software is no longer supported on NT4. Since NT4 is no longer officially supported by MS, they can't get support writing the app for NT, ergo, no more support on NT4.
At this point the software works fine on NT4, nothing is really changing, version '04 is not substantially different from '03, no expectation that the app will no longer work. But the corporate position is that it is less of a risk to spend the money to upgrade the entire tax department to XP, which required new PC's to handle the new OS, than to bet that they wouldn't have problems, which could:
a) cause clients tax returns to not be processed, losing them money due to IRS penalties, etcetera
b) cause them to seek reimbursement from us, losing us money.
c) make us look bad due to a bad business decision, causing our stock price to drop, losing us money.
d) cause us, as a licensed tax preparer, to be exposed to IRS fines and penalties, losing us money.
e) see C above.
f) possibly run afoul of various SEC and federal regulations like Sarbanes-Oxley regarding operating under a known risk instead of taking steps to mitigate it, which could lead to fines and penalties, losing us money.
g) see C above.
Anyone see a common thread here?
If the app is supported by the vendor, and there is a problem we can't figure out, we can call them up and reasonably expect them to do everything they can to fix it, patch it or provide a workaround, and they have a reasonable expectation of the same from MS. If we know it's unsupported and we have a problem, we can be pretty sure their response will be "sorry, can't help you."
So the bean counters looked at the fixed cost of buying 30 new PC's and the chargeback cost of having LAN support swap them out, versus the range of possible costs of not upgrading ranging from $0 to $x millions, and decided to upgrade.
And that's what people mean when they talk about accountability. It's a lot more nuanced than suing Microsoft because your server crashed and you lost your database.
Slashdot Mirror
How did you discover the FIOS rollout schedule for your location? I'm contemplating moving my household and I would definitely use the current/future availability of FIOS to help me choose my destination. However, I can't figure out where to look to find a map that says "This is where you can get it, this is where you can get it in 6 months, and this is where you're out of luck."
So how did you figure this out?
Ask around on dslreports.com, someone should be able to tell you.Just occurred to me how to access the cabling. Like any other large office building, we sublet floor space to other companies. Law firms, brokerage offices, etcetera that aren't under our control, administratively or physically. If you can access those areas, and they aren't security concious, you've exploited another weakness.
There are DHCP servers that will request Authentication or only allow certain MAC addresses to get IP's.
We have probably 6000 devices in our downtown campus. At least a dozen or so a day die and get replaced. Recording MAC addresses for each one and adding it to a RADIUS server or something like that isn't on our radar.
No one has yet solved the issue of how you know the bank has just the right printer with just the right firmware version. Plus how do you know what IP address is a printer without special tools such as a sniffer. It's not a hack for the amatuer.
No, it's a hack for a ping sweep tool. All the printers ship with a standard easily recognizable format for host names, which never get changed. Or if they do, they get changed to something like "xerox255-001". Plus, like any other environment, our static IP's start at a low number and go up to .50 or so. all your printers are going to have static IP's. Believe me, if you saw a ping sweep for one of our subnets, it would take you about 15 seconds to figure out whats a printer, router, server, switch or PC, based on our naming convention.
Then, the printers all have helpful web interfaces that will tell you everything you need to know about them, and all the settings they use to authenticate users to the network, hostnames for domain controllers, etcetera.
Also, don't you want to control that printer and it's agent from outside the bank? To do that you got to do a lot more things, like change firewall/router rules and routing tables, etc. which will require a login to the firewall. You may also have a DMZ you have to deal with. Once you are in it's not going to be easy to punch out.
Simple, install the wireless access point near a common area like a coffee shop or lobby, or an outside wall, and sit next door. The exact opposite of how I used to sit in my cube on the 7th floor and pick up free wireless from the hotel across the street to get out from behind the firewall.
The old janitor/maintenance man trick may work to get access if the bank employees are stupid but it'll only work once. There is also the assumption the Cat5 cables are running over the area of the restroom and that they carry internal traffic.
That is probably the biggest assumption, I know ours all run in cable trays under the floor, and hub rooms are locked, only accessible by ID badge. Still, it's techinically possible if you had access to building blueprints, to find a weak spot.
If you found a haphazardly Windows system that was configured by poor admins you might get it to work. It's probably easier to steal an employee acess ID and password, then you got it all at your fingertips.
We have an entire department devoted to security, and they are major pains in the ass. They just aren't looking at this stuff.
I don't know what you mean, a DHCP server will happily give out IPs to anything that asks for one, there's no authentication involved. And if you're good, you can probably cut a cat5 cable and put an RJ45 on it in a minute or two. Sure the guy at the cube who's cable you cut will probably complain, but how long will it take an electrician to figure out what happened, or will they just pull a new cable? Not saying I believe the story, but it's not as far-fetched as you make it sound.
And anyway, a 4 port Linksys WRT54g will function like a hub, and pass the DHCP request right through if it's set up right. That's why admins freak about people buying them at Best Buy and hooking them up under their desks.
Heck if I was doing it, I'd have my laptop set up to talk to the Linksys box with WPA and not broadcast an SSID, to make it harder for security to find my private WAN.
EFI Fiery controllers generally run a version of XP Embedded, which is itself locked down in a variety of ways, but sometimes not. They often have a proprietary motherboard with unique RIP hardware. We have several here. One, driving a Canon CLC 4000, does not even have enough of Windows present to install a driver (VNC in this case).
Well ours had enough of Windows for us to install the corporate antivirus software, and the SMS client, and now Altiris. So corporate security bitches every time they get a report because the Fiery box isn't current on Windows Update patches.
And it has IE 6 on it, can visit websites, has command line functionality, will run vbscript, Remote Desktop and Dameware remote software. So how is that not a Windows workstation? That being said, what's the difference between the Xeroxes with Fiery's and the ones without? They all print, scan, copy and email. What's the advantage to the workstation for your average technophobic secretary?
We have bunch of these Xeroxes that have - wait for it - an XP workstation hanging off them! No idea what the advantage to that is. You can't use it as a print server, because only ten people at a time can have a connection to it, so as soon as it starts to get heavily used, users complain that they can't connect to it. There's some kind of management console on it that allows you to reprint documents. Yours or your managers I presume. And the management console needs local admin rights to run.
So we run around locking down all the users workstations, but we have a shared workstation in the corner logged in as local admin with no screen saver. Thanks, Xerox! And they don't run Windows update either, you have to get patches from EFI, the compapny that builds the workstations and sells them to Xerox. We don't know how to support them, and neither do the Xerox reps.
So we create a server queue, that points to the workstation, that points to the printer. WTF? Where's the value added there? But we can manage our own print jobs! So? Why do you want to? You can't click print again if you need another copy?
And the drivers don't play nice. Very fun when you have over a hundred queues installed on each print server. the other day, they spent all morning trying to install drivers for one of these crap sandwiches. Every time they installed the driver the server would die.
And every floor has 3 or 4 of them, because each department needs their own. so half of them are totally underused. But we're saving money on all the printers we replaced! You mean the ones that migrated to users desks? We have people with a Laserjet 8000 sitting on a table in their office, sucking up power and $90 toner cartridges, so Manager McPrivileged doesn't have to walk down the hall to print out his 5 emails a day.
We keep telling the Xerox sales rep that we hate her. She thinks we're kidding.
There ya go, a pound a' jumbo and a Kewpie doll to the yinzer! :')
Ha! Where I'm from, we say "Kennywood's open!"
50 Imaginary mod points to the first person to correctly localize that euphemism!
Good thing it wasn't token-ring. We'd never find the token underwater!
"Let he who is without sin throw the first stone."
Yeah. I work for a financial services corporation. Our email policy is a 60 day retention.
Except for the ones we are required *by law* to keep for 3 years or seven years, by the SEC or Sarbanes-Oxley.
In a format that can be guaranteed not to have been tampered with, selectively deleted or altered.
So, I definitely call shenanigans on this. Somebody somewhere, in whatever the government equivalent of the auditing department is, knew this was against the law.
A-fucking-men.
Can we all agree that if your log files are 800 Mb you should probably think about rotating them more often? And Word wouldn't be my first or second choice for ascii text files. Hell, I'll suck them into Excel if I have to sort them by line before I'd use Word.
Notepad?
It may not be the cause, but it sure as hell isn't helping. As if people need another reason to feel superior to other people. If any of the people who call themselves "religious" would act the way their religion tells them to, life would be grand. Instead for the majority of folks, it's just a club they belong to, in order to feel a warm fuzzy cloud of "us - good, them - bad" around themselves. I find more tolerance and open-mindedness in atheist/agnostics than in believers.
It's probably true that most Firefox users are significantly smaller purchasers of penis enlargement creams and V1@gra as opposed to their IE using counterparts.
Or conversely:
I hate (brown-skinned foreigners/Hillary/Democrats/liberals) and I'll believe anything (Gonzalez/Bush/Republicans/Fox News) say they reinforces my beliefs without questioning anything. Lots of pinheads write positive spin for other pinheads while other people do criminal acts and gut the constitution in the name of freedom and Jesus.
Ain't political discourse fun?
POP3? no, but IMAP, yes.
The capability may be there on the windows side for things to work seamlessly, but most of it was developed without a bit of thought into how it might act on a network like ours.
IE:
* software that puts important stuff into the users profile or into the user registry hive that it can't run without, forcing us to make special "reinstallers" that run for every user that logs into the workstation.
* software that requires read/write priviledges to random places on the local drive or parts of the registry which normal users don't normally have.
* software that uses the users profile as a cache area, making the profiles huge and causing slow login and logout.
permissions and multiple users can be a huuuge PITA
Same here - lan admin at a bank, users all locked down.
If the software is well-behaved and installs sensibly, it's not a problem. You'd be amazed how many packages of financial institution specialized software behave as listed above.
You'd think by now, the vendors and developers of software would get it. They know who their market is. Banks are the most security paranoid companies there are. We've been trying to lock down desktops since NT 4 came out, but the frickin' vendors make it impossible.
I thought I read that although the law was repealed, they made it very difficult to receive any federal highway money if the states didn't comply with the 55 mph limit. Not sure if that's true or not.
I just gotta say: Fuckin' A! :')
Then the company went bust, and I got downsized, so I went back to my last job, end user support at a 20,000 seat corporation. Everything is siloed into it's respective department. Where I used to have control over the Novell tree in my OU and allowed to create my own login scripts, print queues, network shares, now I do Windows desktop support, and nothing but desktop support. I do no projects, no builds, no login scripts, no evaluations of new equipment. The engineering lab evaluates all software, and creates install packages and OS images for everything, and hands it to us. I create nothing.
I come here every day, sit down, surf the web about 4 hours a day, do mindless trivial bullshit the rest of the time, then go home. I sit in a cube and don't have a direct view of anyone else, like a cell. My co-workers don't talk much, and they don't have much interest in technology. I entertain myself with writing scripts and batch files for the limited access I have to the systems, but I don't have anyone who's interested to show them to or to bounce ideas off of.
The money is good, the benefits are good, the work is easy, it's 8:30 to 5 Monday to Friday, I should have no complaints, but the boredom and lack of any sort of challenge is freaking killing me.
I was looking through my resumes directory, and I must have at least 30 cover letters I've sent out in the past 3 years. I've been on at least 20 interviews, and still haven't had any offers. I've got a lot of knowledge, but not enough experience on the resume, I guess. I've gone through the 5 stages of grief about my career, for a long time I was just freaking out about being stuck here, angry, then depressed, and now I'm just into acceptance. I'm tired of sending out resumes and not getting called, even more tired of getting interviewed and not getting hired. I come in, stare at my monitor for 8 hours and go home. 20 years till retirement. Whoopee!
Even if it were possible to write your own firmware, you would have the ability to flash the onboard eeprom just as quickly, or even do A quick solder job on the onboard chip, replacing it with your own.
Considering you can desolder a 16 pin EEPROM within seconds, or just as easily hijack it's communication interface (probably just I2C) it's not unreasonable that there are going to be lots of flaws in this system.
Do you actually think Karl Rove is going to explain to his RNC dirty-tricks people how to unsolder a 16 pin EEPROM? Or do you suppose you'd want to make the interface a little simpler, given that you aren't sure the intelligence level of your user/thug?
With this simple an interface, you could sell an election to anyone, anytime. Capitalism at its finest!
I do desktop support for a Fortune 500 financial services institution, and we are already doing numbers 2 and 3, pushing 1 even as we speak, and I'm sure 4 is being implemented or contemplated, as basically everything from your web access and email to your shoe size and bathroom habits are audited regularly. These are all being driven by Sarbanes-Oxley and data breach notification laws. If the government can pass these laws, they ought to be able to follow them as well.
Yes you can, it takes at most an hour to study a braindump. I took 15 Microsoft exams, and never failed ( http://www.cobbaut.be/cobbaut.php?blad=cv ).
But you know, no one ever actually points out that that is called CHEATING.
If you actually study the material, as I did, and take the tests honestly, they aren't that easy. And as an added bonus, you atually learn something. They aren't terribly difficult, if you have the real world experience, but certainly not a breeze.
It's unfortunate that a cert is meaningless because so many people are able to pass without working at it, but if you are honest with yourself and study, it at least gives you a baseline and a direction as to what a company thinks is the important concepts of their software that you should know.
That then should give you the ability to talk intelligently at the interview about the software. If the interviewer can't weed out the cheaters then they shouldn't be hiring people. You could probably do it over the phone, before you even bring someone in.
I'm so fscking tired of hearing this retort everyone brings up "MS accountability". No one ever said if you lose money, Microsoft reimburses you. No one says that about *anything*. Accountability means one thing to a business, minimizing risk. Perfect example, from a piece of vendor software by a major financial software company. Major financial institution, using commercial tax processing software, new version comes out every year, supporting the new tax laws. versions 99, 00, 01, 02, 03 supported on NT. Version '04 comes out, vendor states the software is no longer supported on NT4. Since NT4 is no longer officially supported by MS, they can't get support writing the app for NT, ergo, no more support on NT4.
At this point the software works fine on NT4, nothing is really changing, version '04 is not substantially different from '03, no expectation that the app will no longer work. But the corporate position is that it is less of a risk to spend the money to upgrade the entire tax department to XP, which required new PC's to handle the new OS, than to bet that they wouldn't have problems, which could:
a) cause clients tax returns to not be processed, losing them money due to IRS penalties, etcetera
b) cause them to seek reimbursement from us, losing us money.
c) make us look bad due to a bad business decision, causing our stock price to drop, losing us money.
d) cause us, as a licensed tax preparer, to be exposed to IRS fines and penalties, losing us money.
e) see C above.
f) possibly run afoul of various SEC and federal regulations like Sarbanes-Oxley regarding operating under a known risk instead of taking steps to mitigate it, which could lead to fines and penalties, losing us money.
g) see C above.
Anyone see a common thread here?
If the app is supported by the vendor, and there is a problem we can't figure out, we can call them up and reasonably expect them to do everything they can to fix it, patch it or provide a workaround, and they have a reasonable expectation of the same from MS. If we know it's unsupported and we have a problem, we can be pretty sure their response will be "sorry, can't help you."
So the bean counters looked at the fixed cost of buying 30 new PC's and the chargeback cost of having LAN support swap them out, versus the range of possible costs of not upgrading ranging from $0 to $x millions, and decided to upgrade.
And that's what people mean when they talk about accountability. It's a lot more nuanced than suing Microsoft because your server crashed and you lost your database.