There are two types of people in this world - those who make regular backups and those who have never suffered data loss. The net result is the same, I don't see how data loss through an insecure OS is any different to data loss through theft, fire, HDD failure.
People in IT go on about backups like a mantra, repeating it like Ballmer repeats "Developers! Developers! Chair...er... Developers!". Yet I guarantee you not a single person walking this green earth has ever paid proper attention to that mantra - at least, not until they lost something important.
I don't have a great deal of sympathy for anyone whose data is at serious risk from something like this. They'd have lost it all eventually anyhow, one way or another.
Don't get too excited - there's quite a few loopholes I can see:
From the Microsoft page:
Q: How does the Community Promise work? Do I have to do anything in order to get the benefit of this CP?
A: No one needs to sign anything or even reference anything. Anyone is free to implement the specifications as they wish and do not need to make any mention of or reference to Microsoft. Anyone can use or implement these specifications with their technology, code, solution, etc. You must agree to the terms in order to benefit from the promise; however, you do not need to sign a license agreement, or otherwise communicate your agreement to Microsoft.
The terms include a MAD clause - you sue us for patent infringement, we can sue you.
Q: What if I donâ(TM)t implement the entire specification? Will I still get the protections under the CP?
A: The CP applies only if the implementation conforms fully to required portions of the specification. Partial implementations are not covered.
Oh yes. So if the specification is unclear? OOXML, I'm looking at you (even though it's not covered as part of this).
Q: Does this CP apply to all versions of the specification, including future revisions?
A: The Community Promise applies to all existing versions of the specifications designated on the public list posted at/interop/cp/, unless otherwise noted with respect to a particular specification.
Here's the getout. MS can release version 2.0 of a technology, change it enough so things which expect 2.0 won't work with 1.0 and then not include 1.0 in this program.
It is today because - mercifully - the monster that was Windows '9x has finally died. However Windows '9x made me swear never to touch Windows ever again as long as I lived.
(To be fair, I haven't managed that quite as well as I'd have liked because I'm typing this on a Windows PC right now - but since then I haven't run Windows at home and my work has been mostly Linux/Unix based, with Windows doing little more than provide an environment in which to run PuTTY.)
Whether or not TomTom, Garmin et al can continue to sell products at a sane price when they've lost 90% of sales is another matter altogether. The economies of scale you get when you commission a factory to make a hundred thousand units versus a thousand are absolutely mahoosive. Particularly with short runs, the cost isn't raw materials, it's setting up the tooling for manufacture. If that cost is only divided by a thousand units...
It is one more reason why the true followers of God look down on all other competing theologies.
Which is very nice, except everyone else also believes themselves to be true followers of God, has their own reasons for believing this and doesn't really care too much that the Koran hasn't changed.
(On a side note - the Koran may not have been translated but it must have been transcribed back in the days before printing presses. Further, I wonder if some words in Arabic have acquired slightly different meanings over the years....)
IME, most smaller organisations don't divide responsibilities up in quite such a cut and dried fashion, which means that dividing up computer functionality is made a lot harder.
The thing I found that helped more than anything wasn't actually locking the PC down beyond recognition. The thing I found was configuring the company-wide antivirus so that it always starts at boot and cannot be disabled by the end user. You'd be amazed how many people who really don't understand IT have read nerdy "I don't need no stinkin' AV" comments in forums and decided that if some person they've never met before doesn't need it, neither do they.
True story: a company rang me up about a year ago to ask if I'd be interested in buying some imaging software (think Ghost, Acronis etc).
I asked where they'd got my name and number from.
It turns out they had partnered with a company that produces imaging software that I had previously had contact with and were using the information they got through that partnering agreement. Specifically, they were using it to sell a competitors' product. And they honestly seemed to have no idea why I might be a little nervous about doing business with them.
IF the article had said "We looked into this system in some detail, albeit after we'd bought it, and discovered that anything based on Windows was fundamentally incapable of meeting our needs. So we've decided to move", then I would take it more seriously.
As it is, it sounds like a political move from a new managing director who's trying to make themselves out to be as different as possible from the previous one - and one of the ways they're doing that is to ditch the computer system. The fact that the old system runs Windows and the obvious alternative runs Linux is neither here nor there.
Face facts, it's just as possible to produce a lousy system based on Linux as it is on Windows.
Seriously, disinfecting PCs without reformatting them can be a PitA, but it's still possible. Stop being so lazy / stupid.
It's physically impossible to offer a cast iron guarantee that all the malware is gone unless you boot off a known-good CD and do as a bare minimum a checksum comparison of every executable, every library with known good copies (Notwithstanding the known collision issues with MD5). Anything less and there's the risk that the malware has affected the very libraries you're going to use to read all these files and calculate all the checksums.
This is probably overkill for a PC with a single, simple infection but for a heavily infected PC I wouldn't think twice. By the time you've done all that, it's going to be quicker to rebuild the PC. If your users aren't saving all their data to a server which gets regular backups, you deserve all you get anyway.
You would be amazed - and, I guarantee, disturbed at some of the total morons in this world masquerading as sysadmins.
The thing is, it's hard to spot them in the hour or so that's available in a typical interview, and a large number of IT managers don't know how to spot them once they've got the job.
Please don't get me wrong - a lot of people have replied (rather nastily IMO) - these are questions which I would like to see an answer to and aren't intended as sarcasm.
I'm sick of hearing this argument, only a complete tool would believe it. *Nix systems are inherently more secure, due to its security model (file permissions, groups, no admin rights, etc),
How exactly is a full ACL-based permissions system less secure than the "user, group, world" security model used in traditional Unix?
The implementation may suck in some cases, but we're talking about something that's inherent here, not a foible of the implementation.
Furthermore, because of the variety of software that can be installed on each box, only the most common programs (apache, nginx, ssl, ssh, etc) would be effective targets to attack,
There are three main forms of malware in the world - viruses (spread with minimal human intervention), worms (spreads with no human intervention whatsoever, generally takes advantage of a software bug) and trojans (requires a human to spread it).
A quick look on Symantec's website shows that the latest security issues are almost exclusively worms and trojans - neither of which Unix offers any intrinsic protection against.
In short, a Linux machine that is run by a competent administrator is MUCH more difficult to infect or attack than a Windows machine, and the parent is a moron.
Same is true of Windows, though a competent Windows administrator is perhaps rather harder to find amongst the enormous number of people who claim to be Windows admins.
Probably heavily locked-down desktops and even more heavily restricted internet access (basically none whatsoever; HTTP is allowed through a proxy that requires a username and password and doesn't allow access to the whole web).
This is quite possible to do in a company of such size because you can usually divide your staff into groups that match up quite well with their responsibilities and grant access accordingly, blocking everything else.
But most of the worlds' companies aren't 30,000 desktops. When you're dealing with a much smaller organisation, the amount you can lock things down is generally much reduced - and the ease with which someone who doesn't like a locked down desktop can scream at someone senior enough to get the lockdown overridden is far greater.
The whole point of a Ponzi scheme is Peter gives you $1000, Paul gives you $2000. You tell peter his $1000 is now worth $2000, you tell Paul his $2000 is worth $4000. Peter takes his money and you're left with $1000.
You now hope to Christ that Paul doesn't ask for his money before you can find someone else to give you at least $3000. Seeing as Paul has just seen his savings double in some absurdly small amount of time, then provided Paul has no reason to need the money quickly then you should be OK. As long as you've got more people joining your scheme than you have leaving, you're in business.
Yep. A service for which you can charge, if it's any comfort.
There is no way anyone in support will survive that day without a ringing in his ears.
Yes, that would be the telephone. It kind of goes with the job in tech support.
There are two types of people in this world - those who make regular backups and those who have never suffered data loss. The net result is the same, I don't see how data loss through an insecure OS is any different to data loss through theft, fire, HDD failure.
People in IT go on about backups like a mantra, repeating it like Ballmer repeats "Developers! Developers! Chair...er... Developers!". Yet I guarantee you not a single person walking this green earth has ever paid proper attention to that mantra - at least, not until they lost something important.
I don't have a great deal of sympathy for anyone whose data is at serious risk from something like this. They'd have lost it all eventually anyhow, one way or another.
Don't get too excited - there's quite a few loopholes I can see:
From the Microsoft page:
Q: How does the Community Promise work? Do I have to do anything in order to get the benefit of this CP?
A: No one needs to sign anything or even reference anything. Anyone is free to implement the specifications as they wish and do not need to make any mention of or reference to Microsoft. Anyone can use or implement these specifications with their technology, code, solution, etc. You must agree to the terms in order to benefit from the promise; however, you do not need to sign a license agreement, or otherwise communicate your agreement to Microsoft.
The terms include a MAD clause - you sue us for patent infringement, we can sue you.
Q: What if I donâ(TM)t implement the entire specification? Will I still get the protections under the CP?
A: The CP applies only if the implementation conforms fully to required portions of the specification. Partial implementations are not covered.
Oh yes. So if the specification is unclear? OOXML, I'm looking at you (even though it's not covered as part of this).
Q: Does this CP apply to all versions of the specification, including future revisions?
A: The Community Promise applies to all existing versions of the specifications designated on the public list posted at /interop/cp/, unless otherwise noted with respect to a particular specification.
Here's the getout. MS can release version 2.0 of a technology, change it enough so things which expect 2.0 won't work with 1.0 and then not include 1.0 in this program.
Windows crashing constantly is yet another myth.
It is today because - mercifully - the monster that was Windows '9x has finally died. However Windows '9x made me swear never to touch Windows ever again as long as I lived.
(To be fair, I haven't managed that quite as well as I'd have liked because I'm typing this on a Windows PC right now - but since then I haven't run Windows at home and my work has been mostly Linux/Unix based, with Windows doing little more than provide an environment in which to run PuTTY.)
Netscape was the end-all-be-all for browsers, but they decided to shift focus and took on stuff that wasn't their core. Where are they now?
They're increasing their market share against IE quite rapidly.
(g, d&r)
90% of the time they are.
Whether or not TomTom, Garmin et al can continue to sell products at a sane price when they've lost 90% of sales is another matter altogether. The economies of scale you get when you commission a factory to make a hundred thousand units versus a thousand are absolutely mahoosive. Particularly with short runs, the cost isn't raw materials, it's setting up the tooling for manufacture. If that cost is only divided by a thousand units...
Also, you can phone up your bank, if their site's not working for you and scream:
"WHAT DO YOU MEAN, YOU DON'T SUPPORT GOOGLE?"
Truly, spoken like a man who has never tried phoning up a bank and getting hold of anyone above the level of "mindless drone".
It is one more reason why the true followers of God look down on all other competing theologies.
Which is very nice, except everyone else also believes themselves to be true followers of God, has their own reasons for believing this and doesn't really care too much that the Koran hasn't changed.
(On a side note - the Koran may not have been translated but it must have been transcribed back in the days before printing presses. Further, I wonder if some words in Arabic have acquired slightly different meanings over the years....)
I'm doing it out there in the real world!
IME, most smaller organisations don't divide responsibilities up in quite such a cut and dried fashion, which means that dividing up computer functionality is made a lot harder.
The thing I found that helped more than anything wasn't actually locking the PC down beyond recognition. The thing I found was configuring the company-wide antivirus so that it always starts at boot and cannot be disabled by the end user. You'd be amazed how many people who really don't understand IT have read nerdy "I don't need no stinkin' AV" comments in forums and decided that if some person they've never met before doesn't need it, neither do they.
Ubisoft claims playing cracked games can cause your nuts to fall off.
I wondered why that happened.
That's the one piece of advice I'd offer.
True story: a company rang me up about a year ago to ask if I'd be interested in buying some imaging software (think Ghost, Acronis etc).
I asked where they'd got my name and number from.
It turns out they had partnered with a company that produces imaging software that I had previously had contact with and were using the information they got through that partnering agreement. Specifically, they were using it to sell a competitors' product . And they honestly seemed to have no idea why I might be a little nervous about doing business with them.
IF the article had said "We looked into this system in some detail, albeit after we'd bought it, and discovered that anything based on Windows was fundamentally incapable of meeting our needs. So we've decided to move", then I would take it more seriously.
As it is, it sounds like a political move from a new managing director who's trying to make themselves out to be as different as possible from the previous one - and one of the ways they're doing that is to ditch the computer system. The fact that the old system runs Windows and the obvious alternative runs Linux is neither here nor there.
Face facts, it's just as possible to produce a lousy system based on Linux as it is on Windows.
By itself this isn't a particularly useful trait - in fact, it can be downright damaging.
Tasty to humans and easy to farm, OTOH...
Windows 7 for me is more stable, faster and less crashing.
I don't mean to troll, but what on Earth were you doing with XP to make it crash regularly? Properly set up, it's fairly solid.
Informative Note for Those who Probably Don't Get the Reference:
You can do a resurrection using ketchup instead of blood. You just have to be prepared for unexpected results.
Seriously, disinfecting PCs without reformatting them can be a PitA, but it's still possible. Stop being so lazy / stupid.
It's physically impossible to offer a cast iron guarantee that all the malware is gone unless you boot off a known-good CD and do as a bare minimum a checksum comparison of every executable, every library with known good copies (Notwithstanding the known collision issues with MD5). Anything less and there's the risk that the malware has affected the very libraries you're going to use to read all these files and calculate all the checksums.
This is probably overkill for a PC with a single, simple infection but for a heavily infected PC I wouldn't think twice. By the time you've done all that, it's going to be quicker to rebuild the PC. If your users aren't saving all their data to a server which gets regular backups, you deserve all you get anyway.
You would be amazed - and, I guarantee, disturbed at some of the total morons in this world masquerading as sysadmins.
The thing is, it's hard to spot them in the hour or so that's available in a typical interview, and a large number of IT managers don't know how to spot them once they've got the job.
Please don't get me wrong - a lot of people have replied (rather nastily IMO) - these are questions which I would like to see an answer to and aren't intended as sarcasm.
I'm sick of hearing this argument, only a complete tool would believe it. *Nix systems are inherently more secure, due to its security model (file permissions, groups, no admin rights, etc),
How exactly is a full ACL-based permissions system less secure than the "user, group, world" security model used in traditional Unix?
The implementation may suck in some cases, but we're talking about something that's inherent here, not a foible of the implementation.
Furthermore, because of the variety of software that can be installed on each box, only the most common programs (apache, nginx, ssl, ssh, etc) would be effective targets to attack,
There are three main forms of malware in the world - viruses (spread with minimal human intervention), worms (spreads with no human intervention whatsoever, generally takes advantage of a software bug) and trojans (requires a human to spread it).
A quick look on Symantec's website shows that the latest security issues are almost exclusively worms and trojans - neither of which Unix offers any intrinsic protection against.
In short, a Linux machine that is run by a competent administrator is MUCH more difficult to infect or attack than a Windows machine, and the parent is a moron.
Same is true of Windows, though a competent Windows administrator is perhaps rather harder to find amongst the enormous number of people who claim to be Windows admins.
Probably heavily locked-down desktops and even more heavily restricted internet access (basically none whatsoever; HTTP is allowed through a proxy that requires a username and password and doesn't allow access to the whole web).
This is quite possible to do in a company of such size because you can usually divide your staff into groups that match up quite well with their responsibilities and grant access accordingly, blocking everything else.
But most of the worlds' companies aren't 30,000 desktops. When you're dealing with a much smaller organisation, the amount you can lock things down is generally much reduced - and the ease with which someone who doesn't like a locked down desktop can scream at someone senior enough to get the lockdown overridden is far greater.
No, Microsoft use Akamai as a frontend to most of their major websites.
You may be surprised. Wasn't all that hassle about exploding laptop batteries caused by OEMs using rebadged Sony batteries?
Of course it wasn't. It was ghostwritten by a professional writer who had spoken to the 13 year old.
It certainly was.
The whole point of a Ponzi scheme is Peter gives you $1000, Paul gives you $2000. You tell peter his $1000 is now worth $2000, you tell Paul his $2000 is worth $4000. Peter takes his money and you're left with $1000.
You now hope to Christ that Paul doesn't ask for his money before you can find someone else to give you at least $3000. Seeing as Paul has just seen his savings double in some absurdly small amount of time, then provided Paul has no reason to need the money quickly then you should be OK. As long as you've got more people joining your scheme than you have leaving, you're in business.
Well, you learn something every day. Thanks.