You would love the control system software we use at work... (world leading platform for the industry).
No revision control. You have 'current' revision. That is it.
Integrated code editor that has no syntax highlighting.
Patches to the system will break components that are not considered 'core'. Which forces updates of ALL components in the system. This has lead to bugs persisting at sites for years with no patch because nobody wants to fix bugs when it costs tens of millions of dollars to do so.
No automatic testing. Of anything. When we update a component everything has to be tested manually. Someone will sit for 2 weeks and check every state of GUI symbols for the whole HMI. Oh joy...
If you change ANYTHING in code, you can no longer connect to controllers to view live data. You need to do a download to the control with the code changes before live data can be observed. This means that as soon as you make changes, you lose the ability to view the old code running. There is no way to have both a 'online capable' version of the code and a changed codebase in the same control system. We operate two separate virtual environments and switch VLANs or just move a cat6 when testing...
This is for oil rig control systems. There is no automated testing of any kind, even for critical emergency shutdown systems. Every test is done manually. The ESD systems are usually a complex matrix of casues and effects with hundreds of inputs, hundreds of outputs... This is all tested manually as the software does not support any reasonable simulation of the controller input/output systems.
Well, one reason is when you have a vendor which does not support your system -at all- if you install any unauthorized software packages or even OS updates that have not been cleared.
At that point you want 'clean' VMs that follow the vendor spec exactly.
Engineering workstation on the air-gapped system is connected to the same keyboard and monitor as an office machine. Space constraints in the office on an oil rig.
The same engineer who went around pushing orange 'locks' in all the usb ports on the whole damn plant, including on the switches etc also created this gem. Unlock the USb port on the KVM, add a usb stick. That way he could easily 'move files between the systems without looking for a stick'.....
Guild Wars 2 solved this issue beautifully I felt.
When you enter a zone your hp, damage etc gets scaled to the level of the area. Only down-scaled however so you cannot just jump to high level areas immediately.
This DOES mean that your friends at higher levels can play with you though,which a bunch of my friends did. Worked great.
Sadly the game didnt really 'last' for us for a variety of other reasons.
I would not pay to level up an alt... but if I were to start on a new server? I actually might.
Starting out on a new server, even with heirlooms you still end up sometimes strapped for cash. Boosting up to 90 so you have a 'money-runner' so to speak might be worth it.
Personally I've leveled up probably 30 characters since I started playing shortly after launch in EU.. I find it enjoyable compared to a lot of other time-wasters. Sometimes I just want to mindlessly derp around after a long day of figuring shit out at work.
I doubt I will make use of it, but I can see situations where I could. Especially with the amusing exchange rate/cost of living difference between the US and where I live... 60 bucks is roughly 4 pints:p
They know the exact cause of the problem, they just wont tell us.
"This is a known issue with the ProLiant 380DL G5 series."
Yet they do not consider it a production flaw or a bug, even though it will require a motherboard replacement to fix. They consider it "not our problem" so customers are left to hunt the market for refurb machines to replace em.. (we're locked into a certain line due to the HUGE costs of re-certifying the system if we change anything..)
Yeah.... this is going to bite them in the ass... hard.
We recently had an issue with HP servers showing temperatures of 255C on motherboard sensors... They said this was a firmware issue and told us to flash the bios to fix this. We did... the sensor now shows -127C. Big help.
It actually required a motherboard replacement and they claimed this was -not- a warranty issue because the server was too old. In the meantime we've had 4 more servers have this issue, which makes them unusable in our environment (oil rig HMI).
Would they now not give us the fix without us feeding them a bit of cash? Fuck them.
They talked about blocking news sites, social networks and music streaming services where I work.
That talk lasted about 3 days after the department meeting, then it went dead silent on the issue.
Management were told in no uncertain terms that if this were to happen, people would stop all goodwill towards the company and just do EXACTLY what was required by them to get paid, and nothing more... Aaaaand the blocking talk went silent;)
Unless the segment of drug users is fairly large, blanket testing does not pay for itself. So even if the two other issues were ignored, it would still be a bad idea.
Costs money, different budget from any losses so the manager in charge of the expense will reject your proposal. He has no motivation to spend the extra money to secure the system as he is not the one who is fucked if they get hacked.
If only I wasnt under multiple NDAs I'd love to describe how insane the offshore oil business really is when it comes to security....
Some examples:
We have people accessing the secure clients from onshore using RDP, the security for that is implemented as read-only users on the domain offshore... so it assumes there are no flaws in the RDP client for an unpatched Windows 2003 server... yay.....
They gave access to the raw OPC servers for a data logging service that is managed from a 3rd party office on shore... With no access control implemented so that they could save 5000 dollars... this on a rig that produces 50 million USD worth of product -a day-.
Nobody get security at these companies, nobody. It is painful to watch your audit get marginalized because any fix will cost money. Especially if the whole security upgrade to patch up at least 20 serious issues cost less than 10 minutes of downtime... sigh.
These rigs tend to have a top-level operator system based on windows, with limited patching and a variety of issues. Why? Building a custom system is expensive, and any losses from breaches are gambled on by managers who are not personally responsible for anything. All they care about is short term goals and their next bonus...
I stopped feeling bad for them years ago when yet another security flaw was reported and ignored. It will bite them in the ass eventually, until then, they wont learn a thing.
We bring new software on usb sticks, get em scanned and then inserted into clients on the secure network. Hell, we even bring windows updates in.exe form this way...
And this is for oil rig control systems.
Practicality and immediate cost seems to win everywhere sadly...
Plant network people need access to the secure network.. so they link em Corporate network epople need access to the plant network... so they link em.. Corporate ALSO needs internet for obvious reasons and link to that...
Technical people and security people scream bloody murder at the security implications, but are overruled for financial reasons and we end up with a hodgepodge of connections possible... sigh
Slashdot Mirror
"Load balancing" the work like that works nicely.. until you run at 90% load all the time, and you suddenly lose 15% of your capacity.
If I buy something and have my library set to sync I am fine with the download.
If they decided to give me something like this, let me opt-in to the download.
Data is not free.
You would love the control system software we use at work... (world leading platform for the industry).
No revision control. You have 'current' revision. That is it.
Integrated code editor that has no syntax highlighting.
Patches to the system will break components that are not considered 'core'. Which forces updates of ALL components in the system. This has lead to bugs persisting at sites for years with no patch because nobody wants to fix bugs when it costs tens of millions of dollars to do so.
No automatic testing. Of anything. When we update a component everything has to be tested manually. Someone will sit for 2 weeks and check every state of GUI symbols for the whole HMI. Oh joy...
If you change ANYTHING in code, you can no longer connect to controllers to view live data. You need to do a download to the control with the code changes before live data can be observed. This means that as soon as you make changes, you lose the ability to view the old code running. There is no way to have both a 'online capable' version of the code and a changed codebase in the same control system. We operate two separate virtual environments and switch VLANs or just move a cat6 when testing...
This is for oil rig control systems. There is no automated testing of any kind, even for critical emergency shutdown systems. Every test is done manually.
The ESD systems are usually a complex matrix of casues and effects with hundreds of inputs, hundreds of outputs... This is all tested manually as the software does not support any reasonable simulation of the controller input/output systems.
Enjoy that little gem.
How do you prove that you cannot remember something?
How do you prove that they destroyed it?
The issue here is that you have to prove your innocence, and there is no viable way to do so.
The issue is that a lot of the phones stolen make their way out of those countries to a place where they CAN be used.
China is supposedly a big place to sell stolen phones (big shock).
This article is linked in the story article. It has a lot more info on the process.
http://www.nrl.navy.mil/media/...
Well, one reason is when you have a vendor which does not support your system -at all- if you install any unauthorized software packages or even OS updates that have not been cleared.
At that point you want 'clean' VMs that follow the vendor spec exactly.
Air gaps are fun.
Engineering workstation on the air-gapped system is connected to the same keyboard and monitor as an office machine.
Space constraints in the office on an oil rig.
The same engineer who went around pushing orange 'locks' in all the usb ports on the whole damn plant, including on the switches etc also created this gem.
Unlock the USb port on the KVM, add a usb stick. That way he could easily 'move files between the systems without looking for a stick'.....
You cannot fix stupid.
Some players enjoy leveling, others do not.
Guild Wars 2 solved this issue beautifully I felt.
When you enter a zone your hp, damage etc gets scaled to the level of the area. Only down-scaled however so you cannot just jump to high level areas immediately.
This DOES mean that your friends at higher levels can play with you though,which a bunch of my friends did. Worked great.
Sadly the game didnt really 'last' for us for a variety of other reasons.
I would not pay to level up an alt... but if I were to start on a new server? I actually might.
Starting out on a new server, even with heirlooms you still end up sometimes strapped for cash.
Boosting up to 90 so you have a 'money-runner' so to speak might be worth it.
Personally I've leveled up probably 30 characters since I started playing shortly after launch in EU.. I find it enjoyable compared to a lot of other time-wasters. Sometimes I just want to mindlessly derp around after a long day of figuring shit out at work.
I doubt I will make use of it, but I can see situations where I could. :p
Especially with the amusing exchange rate/cost of living difference between the US and where I live... 60 bucks is roughly 4 pints
They require a social account to 'outsource' the verification of non-bot accounts.
Doesnt work well, but still...
Account-less commenting was ruined by trolls years ago.
They know the exact cause of the problem, they just wont tell us.
"This is a known issue with the ProLiant 380DL G5 series."
Yet they do not consider it a production flaw or a bug, even though it will require a motherboard replacement to fix. They consider it "not our problem" so customers are left to hunt the market for refurb machines to replace em.. (we're locked into a certain line due to the HUGE costs of re-certifying the system if we change anything..)
Where I work the engineers pick the hardware. Not a bad place in that way.
On several servers over the course of 4 years?...
Yeah.... this is going to bite them in the ass... hard.
We recently had an issue with HP servers showing temperatures of 255C on motherboard sensors...
They said this was a firmware issue and told us to flash the bios to fix this. We did... the sensor now shows -127C. Big help.
It actually required a motherboard replacement and they claimed this was -not- a warranty issue because the server was too old. In the meantime we've had 4 more servers have this issue, which makes them unusable in our environment (oil rig HMI).
Would they now not give us the fix without us feeding them a bit of cash? Fuck them.
Because if they do not they're probably violating all sorts of laws?
They talked about blocking news sites, social networks and music streaming services where I work.
That talk lasted about 3 days after the department meeting, then it went dead silent on the issue.
Management were told in no uncertain terms that if this were to happen, people would stop all goodwill towards the company and just do EXACTLY what was required by them to get paid, and nothing more... Aaaaand the blocking talk went silent ;)
There is a third issue here...
Unless the segment of drug users is fairly large, blanket testing does not pay for itself.
So even if the two other issues were ignored, it would still be a bad idea.
Costs money, different budget from any losses so the manager in charge of the expense will reject your proposal.
He has no motivation to spend the extra money to secure the system as he is not the one who is fucked if they get hacked.
Sad but true in many cases...
Getting caught with your pants down or a major shutdown due to a breach could put you in legal trouble.
So they're usually kept hushed the hell down by most companies.
Especially if you have a separate emergency shutdown (ESD) system that is fully up and running...
Goes something like this:
"Shit, close that valve we're getting an over-pressure on line 3"
"Valve closed"
"Bah, too slow, we're in a blowdown..."
Aaaand you have 300 feet of flame coming from the flare. Fun times for all :p
If only I wasnt under multiple NDAs I'd love to describe how insane the offshore oil business really is when it comes to security....
Some examples:
We have people accessing the secure clients from onshore using RDP, the security for that is implemented as read-only users on the domain offshore... so it assumes there are no flaws in the RDP client for an unpatched Windows 2003 server... yay.....
They gave access to the raw OPC servers for a data logging service that is managed from a 3rd party office on shore... With no access control implemented so that they could save 5000 dollars... this on a rig that produces 50 million USD worth of product -a day-.
Nobody get security at these companies, nobody. It is painful to watch your audit get marginalized because any fix will cost money.
Especially if the whole security upgrade to patch up at least 20 serious issues cost less than 10 minutes of downtime... sigh.
These rigs tend to have a top-level operator system based on windows, with limited patching and a variety of issues. Why?
Building a custom system is expensive, and any losses from breaches are gambled on by managers who are not personally responsible for anything. All they care about is short term goals and their next bonus...
I stopped feeling bad for them years ago when yet another security flaw was reported and ignored. It will bite them in the ass eventually, until then, they wont learn a thing.
We bring new software on usb sticks, get em scanned and then inserted into clients on the secure network. .exe form this way...
Hell, we even bring windows updates in
And this is for oil rig control systems.
Practicality and immediate cost seems to win everywhere sadly...
They dont need internet access, but it usually goes something like this...
Secure network ---firewall--- plant network ---firewall--- corporate network ---firewall --- internet!
Becaaause....
Plant network people need access to the secure network.. so they link em
Corporate network epople need access to the plant network... so they link em..
Corporate ALSO needs internet for obvious reasons and link to that...
Technical people and security people scream bloody murder at the security implications, but are overruled for financial reasons and we end up with a hodgepodge of connections possible... sigh