I have a Big Red Button in my server room (right next to the light switch - nice idea, folks!) which is rigged up to cut mains power in the event of an emergency.
Unfortunately it is not connected to any of the UPSes, and being a server room, more or less everything is on a UPS.
In the UK, you walk out with the box you picked up off the shelf. There is a 1:1 relationship between "number of boxes on the shelf" and "number of discs behind the counter". (In theory. In practise there's sometimes a bargain bin which contains blank cases with a handwritten label - presumably some idiot stole the original box).
Sometimes there are runners to get the disc itself out from a drawer behind the counter, but as often as not the clerk behind the register just turns around and leafs through the drawer to find the disc.
This works OK in the UK, where most people don't mind queuing up. No idea how well it would transfer to New York.
Which isn't going to be particularly easy if you meet a clerk who is under the impression that the deactivation process is 100% perfect and the only way you could possibly have a DVD which is unreadable is because you stole it.
I've been cursed/blessed with looking relatively young for my age. So I was getting ID'd a lot later than a number of my friends were.
Once I got to about 23-24, I decided that anyone who thought I looked under 18 (this is the UK, we can drink at 18) was fantastic. Hey, I may look young for my age but a whole 6 or 7 years?
Telling the large, bald bouncer that you love him and want to have his babies (when you're male) is worth it just to see the look on their face. It's even better when you follow up with "seriously, I'm 25" and see the look on their face - how many people lie about their age to get served and make themselves that much older?
Certainly looks like it. And as for the managerial problems - well, I RTFA, and I couldn't make out any specific problems (apart from possible licensing issues, which is always a good one because you can say that about almost any technology you like). Read like a typical Gartner puff piece designed to spend a couple of hundred words not saying anything in particular, but generate a few soundbites for a mindless PHB.
Licensing is partially a red herring. Nobody reads the Microsoft EULA unless/until they get a shakedown from the BSA.
Where licensing does become important is that people do understand that they need things like client licenses, and that Microsoft have (either by accident or design; I think design) made it fantastically complicated.
Look at the annual Microsoft tax in the form of "subscription" licensing (pay per year and get a discount of around 20% on the outright purchase price - gee thanks, don't strain yourselves, MS) and it's enough to make anyone think seriously about evaluating open source, particularly if there's no particular reason an application needs to run on Windows.
in a few years maybe 65-85% of the world will be running an operating system that has it on by default. Hard to argue with that!
The World is Not A Bunch of Windows PCs.
The remaining 15-35% of the world will be running systems which don't lend themselves to upgrading. Old routers which are no longer supported by the manufacturer (just because a telco may regularly upgrade its core network doesn't mean it also regularly upgrades everything else), older proprietary OSes without IPv6 support (or which have IPv6 support provided you're prepared to pay $$$$).....
Surely anyone who logs onto their bank site from a wireless connection in a coffee shop is just asking to get owned?
Not really - this is the whole point of SSL. If you trust both endpoints, you don't much care about what's in the middle.
Now, if you'd said "anyone who logs into their bank site from a random Internet cafe PC is just asking to get owned", I'd agree. It wouldn't require a great deal of sophistication to install keyloggers on every PC. Or if you're rather more sophisticated, you could set up some sort of proxy which sets up a MITM with every HTTPS session, presenting a self-signed certificate for $BANK and configure the client PC's with the appropriate certificate from the proxy's root CA.
but EVERY time I call support, I let them know if I think this was a crappy design, or oversight.
I wish I lived in this world where "support" paid any attention whatsoever to customers making these points.
IME, if the product is working as designed then any problem you have with it is your problem, not theirs. The idea that the design could be somehow flawed simply does not feature anywhere in the list of "things which might go wrong".
Much harder to defraud (though remotely possible with a MITM attack).
Though as it's a one-time code, the MITM attack only works once and has to remain active as long as you're logged into the bank - essentially it would have to intercept the "logout" instruction and your criminal instead starts siphoning off your money as soon as you think you've logged out.
Much more technically complicated to achieve. And I'm sure I've heard of at least one bank which sends you a text message with details of any transactions you've carried out after you log out of the service, so any fraud would be spotted very quickly.
And (this is the best bit), they generally do so with a layout which looks crap viewed with IE (in other words - looks fine in Outlook, lousy in anything else), with links I'm supposed to click on directly and I've seen at least one spelling mistake in their emails before.
This isn't some crappy little no-name bank. It's one of the largest in the UK. Yet they send me emails which look worse than some of the phishing schemes I've seen.
If the software does not specify a certain version of the GPL, then you are free to use any of them. If you specify a GPL version number, then you are also free to allow the "or any later version" clause as well, but it is not necessary.
True. But all the GNU tools (including glibc, GCC) and everything which has had copyright assigned to the FSF will move to GPLv3. The Samba team has also expressed interest in moving to GPLv3, and Samba is mostly developed by a fairly small, close-knit team.
Therefore, once GPLv3 comes about, all future versions of any software which adopts GPLv3 will say "GPLv3 (optional: or later)".
If the Novell deal really does mean what a lot of people on/. are taking it to mean, Novell/SuSE will have no choice but to fork a huge amount of the software in their distribution because they won't be able to include the more recent GPLv3 versions.
That's a big enough problem as it is. If a major component of their distro (such as... oh, the Linux kernel) ever requires a version of GCC or GLIBC which (coincidentally) was released after GPLv3, then they'll also have to patch that.
If you think the Canadians are spying on you with rigged coins, you're hardly going to call the Canadian embassy and say "guys, we've got this coin here which is a bit odd, are you rigging them up with spying devices?"
And if someone else is spying on you using any random coin, then the people who minted that coin won't know about it so there's no point in asking them.
I don't think cost of copying is the issue there. Granted, it's part of the issue, but the traditional photographer who sits everyone down in front of a brown background has all but disappeared.
The photographers who made a business out of producing hundreds of essentially identical baby photos by sitting baby on a sheepskin rug are almost all gone now. The photographers who've thrown out the rug, encourage the parent to bring the child along in "whatever they're happiest wearing" and photograph the whole family in a more relaxed setting, however, are doing a roaring trade.
Such a fashion change has been going on for many years - I've seen letters in magazines dating back to the late '90s from photographers who've thrown out the old sheepskin and are very glad they did.
I was under the impression - be it rightly or wrongly - that there was no such thing as "new keys". My understanding was this:
It's obviously impractical to store a multiple GB movie several times over, each copy encrypted with different keys. So what happens instead is that the movie is encrypted with "title keys", and it's the title key that's repeated many times, encrypted with a different key each time.
The idea being that EVERY player - not every model, every single individual hardware player - has its own unique key with which it can decrypt just one of the many encrypted sets of title keys on the disk.
"Revocation" means once they've figured out which player's key was compromised, then future discs don't contain a title key that's encrypted with that player's key. Software players have to be updated, and one poor sap's hardware player is now a brick - but that poor sap was the Evil Pirate who hacked it, and the studios don't much care about him.
Of course, this starts to fall apart if/when some cheap factory in China which is OEM'ing for the likes of Philips or Toshiba decides that it's far cheaper just to let everything go out the door with the same set of private keys on it.
It doesn't need to be uncrackable. It just needs to be hard enough to crack that it's unlikely a film will hit Bittorrent until at least a few weeks after release, because it's then that most sales are made.
Which is a deliberately confusing way of clearing the ground for when future purchases don't work, next they instruct you to call customer service and get a firmware patch. (We all know what this is about.)
We also know what's coming next...
"I'm sorry sir, we don't support that player any more."
or...
"I'm sorry sir, we don't offer updates after the warranty has expired"
Technically there's nothing wrong with either disc or player, but you can't play it and it's the customer's problem. This is the kind of thing I'd expect to hear coming from the US, where I'm given to understand consumer protection laws are fairly lax, but I can't see it flying so well in the EU.
I think they're talking about the really big pirates. The ones who go out and buy all the mastering equipment to do the job properly.
But there aren't very many of those and most of them are probably in the far East, so there's little point in worrying that much about them when you're stood on US soil. Makes far more sense to go for the low-hanging fruit.
TBH, though, IME most schools won't pay for non-teaching staff until some time after it becomes painfully obvious to all that they are required.
In this case, it sounds to me like the OP is doing such a good job that it's not painfully obvious he's required. Perhaps the school hasn't experienced trying to keep everything going without someone on staff more than 1 day/week, or has done so with little major difficulty.
At the end of the day, the best advice I can give is "explain how your being there benefits the school and what the risks and problems are if there isn't someone there more often". And if, in all honesty, you don't think those issues are greater than the expenses incurred in employing you, don't expect the school to go ahead.
I've looked up the details of whoever's in charge and contacted them directly before. Or, more accurately, got the name of the managing director, called head office, asked to be put through to "their office" and spoken to their PA.
On the plus side, it's fantastically effective. A call from anyone at that level - or even their PA - will often go to the head of customer services very quickly, and get the issue resolved in far less time than trying to work your way up through a call centre staffed with people who quite frankly don't much care about any individual customer's complaint.
On the minus side, it's not something you'd want to do terribly often - particularly not with one company - as it would rapidly lose effectiveness. And if you find yourself in a position where you've got to do this more than once, even for separate incidents, maybe they don't need your business that badly anyway.
I don't know about what country you're in, but here in the UK there's no way someone would be hired as a sysadmin/IT manager/(insert job title here) in a school for that kind of money - not even in a relatively-rich private school.
Half that, maybe. Possibly a third if they think they can get by with an IT technician with little/no experience.
And if they go the technician route, there's a good chance you'll get someone whose idea of installing software is to march into a computer lab in the middle of a scheduled lesson, announce that everyone is being turfed out because they need to install software and then spend the rest of the afternoon logging on to every PC in that lab one at a time, putting a CD in each CD-ROM drive and going "start... run... d:\install". Yes, I have heard of this happening.
TBH, I wasn't forgetting. I just didn't think it was terribly important.
Unless Novell get advanced warning on where Microsoft plan to take.NET (ie. they learn about it before anything is released to the public), I don't understand how mono can ever be doing anything more than playing catchup.
Though at least with Novell, there's the money there to hire the developers to make the catchup process rather quicker and easier.
there is always the Mono Project (www.mono-project.org) It even has a Visual Basic Compiler.
Yes, it's not ready for primetime yet (imo), but it looks very promising.
WINE isn't ready for primetime yet (imo). As a project, it's been going on for about 10 years and it's been looking very promising in the last couple of years.
But then Microsoft release something new - maybe some new APIs in the latest version of Windows, or as part of a service pack - and suddenly WINE has more catching up to do.
The same is true of Mono. A project like that simply cannot hope to ever reach the same level as the product it's aping because as it's trying to hit a moving target.
I have a Big Red Button in my server room (right next to the light switch - nice idea, folks!) which is rigged up to cut mains power in the event of an emergency.
Unfortunately it is not connected to any of the UPSes, and being a server room, more or less everything is on a UPS.
Yep. Much of the architecture was taken for NT 4 (along with a fair bit from VMS) and a Windows-95 style GUI was slapped on top.
NT4 begat Windows 2000, which begat Windows XP.
Next question?
In the UK, you walk out with the box you picked up off the shelf. There is a 1:1 relationship between "number of boxes on the shelf" and "number of discs behind the counter". (In theory. In practise there's sometimes a bargain bin which contains blank cases with a handwritten label - presumably some idiot stole the original box).
Sometimes there are runners to get the disc itself out from a drawer behind the counter, but as often as not the clerk behind the register just turns around and leafs through the drawer to find the disc.
This works OK in the UK, where most people don't mind queuing up. No idea how well it would transfer to New York.
Which isn't going to be particularly easy if you meet a clerk who is under the impression that the deactivation process is 100% perfect and the only way you could possibly have a DVD which is unreadable is because you stole it.
Depends on how you handle it.
I've been cursed/blessed with looking relatively young for my age. So I was getting ID'd a lot later than a number of my friends were.
Once I got to about 23-24, I decided that anyone who thought I looked under 18 (this is the UK, we can drink at 18) was fantastic. Hey, I may look young for my age but a whole 6 or 7 years?
Telling the large, bald bouncer that you love him and want to have his babies (when you're male) is worth it just to see the look on their face. It's even better when you follow up with "seriously, I'm 25" and see the look on their face - how many people lie about their age to get served and make themselves that much older?
Certainly looks like it. And as for the managerial problems - well, I RTFA, and I couldn't make out any specific problems (apart from possible licensing issues, which is always a good one because you can say that about almost any technology you like). Read like a typical Gartner puff piece designed to spend a couple of hundred words not saying anything in particular, but generate a few soundbites for a mindless PHB.
Licensing is partially a red herring. Nobody reads the Microsoft EULA unless/until they get a shakedown from the BSA.
Where licensing does become important is that people do understand that they need things like client licenses, and that Microsoft have (either by accident or design; I think design) made it fantastically complicated.
Look at the annual Microsoft tax in the form of "subscription" licensing (pay per year and get a discount of around 20% on the outright purchase price - gee thanks, don't strain yourselves, MS) and it's enough to make anyone think seriously about evaluating open source, particularly if there's no particular reason an application needs to run on Windows.
in a few years maybe 65-85% of the world will be running an operating system that has it on by default. Hard to argue with that!
The World is Not A Bunch of Windows PCs.
The remaining 15-35% of the world will be running systems which don't lend themselves to upgrading. Old routers which are no longer supported by the manufacturer (just because a telco may regularly upgrade its core network doesn't mean it also regularly upgrades everything else), older proprietary OSes without IPv6 support (or which have IPv6 support provided you're prepared to pay $$$$).....
Surely anyone who logs onto their bank site from a wireless connection in a coffee shop is just asking to get owned?
Not really - this is the whole point of SSL. If you trust both endpoints, you don't much care about what's in the middle.
Now, if you'd said "anyone who logs into their bank site from a random Internet cafe PC is just asking to get owned", I'd agree. It wouldn't require a great deal of sophistication to install keyloggers on every PC. Or if you're rather more sophisticated, you could set up some sort of proxy which sets up a MITM with every HTTPS session, presenting a self-signed certificate for $BANK and configure the client PC's with the appropriate certificate from the proxy's root CA.
but EVERY time I call support, I let them know if I think this was a crappy design, or oversight.
I wish I lived in this world where "support" paid any attention whatsoever to customers making these points.
IME, if the product is working as designed then any problem you have with it is your problem, not theirs. The idea that the design could be somehow flawed simply does not feature anywhere in the list of "things which might go wrong".
Much harder to defraud (though remotely possible with a MITM attack).
Though as it's a one-time code, the MITM attack only works once and has to remain active as long as you're logged into the bank - essentially it would have to intercept the "logout" instruction and your criminal instead starts siphoning off your money as soon as you think you've logged out.
Much more technically complicated to achieve. And I'm sure I've heard of at least one bank which sends you a text message with details of any transactions you've carried out after you log out of the service, so any fraud would be spotted very quickly.
My bank does.
And (this is the best bit), they generally do so with a layout which looks crap viewed with IE (in other words - looks fine in Outlook, lousy in anything else), with links I'm supposed to click on directly and I've seen at least one spelling mistake in their emails before.
This isn't some crappy little no-name bank. It's one of the largest in the UK. Yet they send me emails which look worse than some of the phishing schemes I've seen.
If the software does not specify a certain version of the GPL, then you are free to use any of them. If you specify a GPL version number, then you are also free to allow the "or any later version" clause as well, but it is not necessary.
/. are taking it to mean, Novell/SuSE will have no choice but to fork a huge amount of the software in their distribution because they won't be able to include the more recent GPLv3 versions.
True. But all the GNU tools (including glibc, GCC) and everything which has had copyright assigned to the FSF will move to GPLv3. The Samba team has also expressed interest in moving to GPLv3, and Samba is mostly developed by a fairly small, close-knit team.
Therefore, once GPLv3 comes about, all future versions of any software which adopts GPLv3 will say "GPLv3 (optional: or later)".
If the Novell deal really does mean what a lot of people on
That's a big enough problem as it is. If a major component of their distro (such as... oh, the Linux kernel) ever requires a version of GCC or GLIBC which (coincidentally) was released after GPLv3, then they'll also have to patch that.
If you think the Canadians are spying on you with rigged coins, you're hardly going to call the Canadian embassy and say "guys, we've got this coin here which is a bit odd, are you rigging them up with spying devices?"
And if someone else is spying on you using any random coin, then the people who minted that coin won't know about it so there's no point in asking them.
I don't think cost of copying is the issue there. Granted, it's part of the issue, but the traditional photographer who sits everyone down in front of a brown background has all but disappeared.
The photographers who made a business out of producing hundreds of essentially identical baby photos by sitting baby on a sheepskin rug are almost all gone now. The photographers who've thrown out the rug, encourage the parent to bring the child along in "whatever they're happiest wearing" and photograph the whole family in a more relaxed setting, however, are doing a roaring trade.
Such a fashion change has been going on for many years - I've seen letters in magazines dating back to the late '90s from photographers who've thrown out the old sheepskin and are very glad they did.
I was under the impression - be it rightly or wrongly - that there was no such thing as "new keys". My understanding was this:
It's obviously impractical to store a multiple GB movie several times over, each copy encrypted with different keys. So what happens instead is that the movie is encrypted with "title keys", and it's the title key that's repeated many times, encrypted with a different key each time.
The idea being that EVERY player - not every model, every single individual hardware player - has its own unique key with which it can decrypt just one of the many encrypted sets of title keys on the disk.
"Revocation" means once they've figured out which player's key was compromised, then future discs don't contain a title key that's encrypted with that player's key. Software players have to be updated, and one poor sap's hardware player is now a brick - but that poor sap was the Evil Pirate who hacked it, and the studios don't much care about him.
Of course, this starts to fall apart if/when some cheap factory in China which is OEM'ing for the likes of Philips or Toshiba decides that it's far cheaper just to let everything go out the door with the same set of private keys on it.
It doesn't need to be uncrackable. It just needs to be hard enough to crack that it's unlikely a film will hit Bittorrent until at least a few weeks after release, because it's then that most sales are made.
Which is a deliberately confusing way of clearing the ground for when future purchases don't work, next they instruct you to call customer service and get a firmware patch. (We all know what this is about.)
We also know what's coming next...
"I'm sorry sir, we don't support that player any more."
or...
"I'm sorry sir, we don't offer updates after the warranty has expired"
Technically there's nothing wrong with either disc or player, but you can't play it and it's the customer's problem. This is the kind of thing I'd expect to hear coming from the US, where I'm given to understand consumer protection laws are fairly lax, but I can't see it flying so well in the EU.
I think they're talking about the really big pirates. The ones who go out and buy all the mastering equipment to do the job properly.
But there aren't very many of those and most of them are probably in the far East, so there's little point in worrying that much about them when you're stood on US soil. Makes far more sense to go for the low-hanging fruit.
Something like that's existed in debuggers for years - it's quite common to set up conditional breakpoints and the like.
I think it's a bit more complicated. I'm not quite sure I fully understand it, but I think clause 14 is talking about scripting a debugger.
Fair point, well made.
TBH, though, IME most schools won't pay for non-teaching staff until some time after it becomes painfully obvious to all that they are required.
In this case, it sounds to me like the OP is doing such a good job that it's not painfully obvious he's required. Perhaps the school hasn't experienced trying to keep everything going without someone on staff more than 1 day/week, or has done so with little major difficulty.
At the end of the day, the best advice I can give is "explain how your being there benefits the school and what the risks and problems are if there isn't someone there more often". And if, in all honesty, you don't think those issues are greater than the expenses incurred in employing you, don't expect the school to go ahead.
I've looked up the details of whoever's in charge and contacted them directly before. Or, more accurately, got the name of the managing director, called head office, asked to be put through to "their office" and spoken to their PA.
On the plus side, it's fantastically effective. A call from anyone at that level - or even their PA - will often go to the head of customer services very quickly, and get the issue resolved in far less time than trying to work your way up through a call centre staffed with people who quite frankly don't much care about any individual customer's complaint.
On the minus side, it's not something you'd want to do terribly often - particularly not with one company - as it would rapidly lose effectiveness. And if you find yourself in a position where you've got to do this more than once, even for separate incidents, maybe they don't need your business that badly anyway.
His expense won't be more then $100,000
I don't know about what country you're in, but here in the UK there's no way someone would be hired as a sysadmin/IT manager/(insert job title here) in a school for that kind of money - not even in a relatively-rich private school.
Half that, maybe. Possibly a third if they think they can get by with an IT technician with little/no experience.
And if they go the technician route, there's a good chance you'll get someone whose idea of installing software is to march into a computer lab in the middle of a scheduled lesson, announce that everyone is being turfed out because they need to install software and then spend the rest of the afternoon logging on to every PC in that lab one at a time, putting a CD in each CD-ROM drive and going "start... run... d:\install". Yes, I have heard of this happening.
TBH, I wasn't forgetting. I just didn't think it was terribly important.
.NET (ie. they learn about it before anything is released to the public), I don't understand how mono can ever be doing anything more than playing catchup.
Unless Novell get advanced warning on where Microsoft plan to take
Though at least with Novell, there's the money there to hire the developers to make the catchup process rather quicker and easier.
there is always the Mono Project (www.mono-project.org)
It even has a Visual Basic Compiler.
Yes, it's not ready for primetime yet (imo), but it looks very promising.
WINE isn't ready for primetime yet (imo). As a project, it's been going on for about 10 years and it's been looking very promising in the last couple of years.
But then Microsoft release something new - maybe some new APIs in the latest version of Windows, or as part of a service pack - and suddenly WINE has more catching up to do.
The same is true of Mono. A project like that simply cannot hope to ever reach the same level as the product it's aping because as it's trying to hit a moving target.