What on Earth does anyone think contacting some organisation (that they probably have no contact with in day to day life) to tell them that they're idiots is going to achieve? More to the point, if it's not a public sector organisation and the people calling aren't shareholders, what the hell business is it of theirs?
A common selling point of open source is "if you don't like the support, you have the freedom to go elsewhere". Reading between the lines of the article, it seems like Opes have done just that. So as soon as someone decides they don't like the support and they want to go elsewhere, this is what they get? One thing I'm sure of, it certainly isn't going to encourage anyone to adopt Red Hat.
I bet the reaction would be totally different if they moved to Oracle Linux from some other commercial Unix.
At the same time, unless congress wants to hold and distribute material of questionable moral quality,
Stop right there.
When the purpose of your organisation is, to put it in very simple terms, "catalogue everything", you can't start making exceptions on moral grounds on the simple basis that what constitutes "questionable moral quality" today may be totally different tomorrow. Furthermore, who gets to define "questionable moral quality"? The closest anyone's ever come to creating such a definition is to say "Well, I can't actually come up with a concrete definition but I knows it when I sees it".
Been there, done that, got the T-shirt. Fortunately I was working at a private school so it had rather more leeway in terms of what it could do. But even then, you'd be amazed (and rather disappointed) at the rubbish that's foisted on our schools.
I'm generalising hugely here, but IME most teachers are working to teach. Not to run a computer network. To compound the problem, many teachers haven't spent much time working outside of a school so they've not developed the same degree of cynicism when faced with claims made in sales literature. The end result is that they genuinely have no idea of how badly they're being ripped off, and when a slick sales leaflet appears announcing some company to be a "specialist in education", they're often all over it - thinking "Ah, this looks ideal".
They'd go nuts if they knew that they could probably employ another teacher full-time for the amount they get ripped off every year.
But it's not XP with Active Directory I'm talking about. It's third-party software sold for educational purposes. I'll place money on it that your techs have spent their fair share of time wondering why the heck some piece of software that's been foisted on them by some teacher refuses to run if it's deployed using any method other than "Go to each PC in turn, insert CD and type D:\setup, click next next next".
By the way, does your school collect Tesco Computers for Schools vouchers? Did you know that you need at least 750 vouchers before you can get even a simple piece of software, and that software will generally only be licensed for use on one PC?
Even when the problems with deploying software on Windows are well-known and mostly solved (eg. with MSI files, repackaging products etc), there are pieces of software which seem to go out of their way to make deploying in an automated fashion almost impossible.
Yes I know "there are ways around it". Believe me, I've been there and tried almost every one of them. I've had varying degrees of success. It is not helped by software which is so convinced it's going to be running from a CD that it's hardcoded all its paths to the root of the directory it's running from (so you need to map a drive specifically for that piece of software - so you either need to run it from a wrapper script which uses subst to simulate this or you need to spend a precious drive letter on just one piece of software. ).
The great thing about having centrally managed setups (like you see so often with Windows) is that you can basically swap out workstations and have your complete environment right there. Yes, and? Time taken to build a workstation using a pre-built Ghost (or similar) image: 10 minutes. Time where the tech is required to be physically stood by the workstation while this is going on: Less than 1 minute. Time to carry workstation over to tech's desk and replace: 5 minutes plus walking time.
Now, let's assume for the sake of argument that the IT department has also prepared an image of the developers' workstation. You can bet that they won't be keeping it up to date with the latest hardware if that image is just used for one or two people, so if the developer's workstation fails two years down the line, they'll have to spend some time checking whether or not the hardware two years down the line requres a new kernel from the distributor - and if drivers for the hardware haven't made it to the distribution's kernel yet, you'll have to compile your own.
If something breaks on your workstation, you call IT, they bring you a new computer, swap it for your old one, and you continue working. Yes, it might take a little extra time to restore from backup, but compared to the time this guy obviously loses from Windows, does it really benefit? I don't think so. Restore from backup? What backup? I don't know anywhere that backs up its workstations - that's what the servers are there for. The best you're likely to get is an image of a desktop PC to install onto the new one - see my comments above.
Every time this topic comes up on Slashdot, there's some "I want a desktop running (insert OS of choice) and I will scream until I get it!" argument, usually put forward by someone who promptly demonstrates that they've got no idea how an IT department in the real world functions. In the real world, the IT department has to be pragmatic and cater for the majority. The remainder will generally have to learn to live with that, and tools like SSH, Cygwin/X and Hummingbird Exceed are what you use in order to live with it.
Debian is free until such time as you discover that the PC on your desk was built with some strange graphics card and it takes you two days wrestling to get X up and running.
The company doesn't care, they buy whatever PC Dell/HP/IBM are shipping this month in the knowledge that it'll work in Windows. They're not going to spend weeks ensuring that they're getting something for which Linux drivers exist.
Also, the IT department has a limited budget. Training someone up so they can offer support to the 3 people who want Unix desktops is hard to justify. My own take (and I'm the IT manager at our shop, which is almost entirely Linux on servers) has been "Fine, use Linux. We'll happily tell you what type of printers we use and what your DNS/mail server/web proxy should be, but it's your problem to set it up and your problem to support it. You just have to clear doing that with your manager and you're away."
We have to fake different UA strings in different labs just to get this stuff to run.
Wouldn't it be easier just to have a web proxy rewrite the UA string? I'm 95% sure squid can do that.
Back on the topic of educational software though... ughh. I worked in a school for just one year and it was enough to convince me that the way to sell software to schools is to send every school in the country a flyer proclaiming yourself to be "specialists in the education market" - that way you could make a bunch of sales without having to actually produce a half-decent product.
I was later told that there's a reason for this. Educational software - certainly in the UK - is generally split into two camps.
On the one hand, you've got stuff written by computer people. It's generally reasonably easy to manage, can be rolled out across a network and is not too much hassle. But it's also generally lousy at getting a point across, so it's not very popular with teachers. Bit of a problem when ultimately it's the teachers who are going to work with it.
On the other hand, you've got programs written by teachers who happen to have an interest in computing. It's generally quite good at getting a point across (and is thus popular with teachers) but it was usually written by someone who's never had to think beyond the PC on their desk. So the installation instructions say "Go to every PC, insert the CD and type D:\setup". In extreme cases, you find all sorts of annoyances: like parts of the setup program have been hardcoded to assume it's being installed from CD and the CD-ROM drive is drive D. Calling the software manufacturer and pointing out that this isn't terribly practical when the software is to be installed on a few hundred workstations generally results in an answer of "Oh. Never thought of that. Never mind, it only takes 5 minutes to install."
Multiplying that 5 minutes by the number of PCs which need the software installed is left as an exercise for the reader.
In the interests of fairness, I should point out that this was a few years ago - before XP was released and MSIs became as common as they are today. But I would be astonished if you were to tell me that things have changed that drastically.
Particularly in batch files which are not only executed one line at a time, they're also read into memory one line at a time. So you really don't want to overwrite a batch file that's currently running.
That's because rm doesn't get passed a *, it gets passed a list of filenames which has been expanded from the * by the shell.
Convention states that the way a program knows that no further arguments should be interpreted as command switches is by means of the -- switch. If no -- has been found, then anything which looks like a switch is generally interpreted as one.
The alternative would be to look to see if there is a -i file and if there is assume that you meant "delete file called -i" rather than "delete interactively", which runs completely contrary to another common Unix convention - specifically, that the program shouldn't try to second-guess the user.
This means that Microsoft is then obligated to provide you with technical support.
It does not, however, mean that Microsoft is obliged to put anyone any more intelligent than the rubber plant in the corner of the office on the technical support team.
Anyone who's ever tried to get real technical support knows what I mean.
There's a remarkable number of Windows users have no clue what version they're running, or even that the version might be significant. Ask an ordinary person who happens to own a PC what operating system they're running (or even what version of Windows) and there's a strong chance you'll get blank looks, a nonsensical answer (like "Oh, it's Windows '97") or an answer that's just plain wrong.
This problem is partly compounded by Microsoft abandoning a numerical versioning scheme. At least with numbers it's pretty clear that 3>2>1.
Might as well just ship it as a console game then.
The OS provides something very useful which bootable live-OS cds don't. An API designed for graphics and sound.
You can't use a bootable Windows based CD without paying Microsoft. And a bootable Linux CD is *always* going to be potluck whether or not the latest and greatest hardware will work - bit of a problem when it's a game (which by definition probably wants the latest and greatest hardware).
Not a software bug but a design flaw in a car I used to own.
The Vauxhall Astra Mk.2 (Opel Kadett E) had a design flaw in the steering column. Specifically, the steering column was rather weaker than the steering lock.
The upshot of it was when some little scrote decided to try and steal my car (this was way before cars were fitted with immobilisers), when he tried to break the steering lock the steering column snapped and the steering wheel came straight off in his hand.
Wouldn't it have been quicker (not to mention more secure) just to rebuild the box?
At least that way there's no niggling question lurking in the back of your mind "Have we got everything? Or is there still some random trojan on there?"
I would call it frivolous if the reasons I had for believing you have done me harm are obviously flimsy and constitute a gross lack of due diligence.
OK, let's break this down.
I say you've done me harm. Sort it out or I'll sue you.
You say "No you haven't. Prove it. I'll see you in court."
So I take you to court. Note that at this stage, while I've got a good idea you've done me harm, I have very little in the way of hard evidence.
I get a number of pieces of evidence under subpoena, and the conclusion from looking at that evidence is actually, I was wrong. It wasn't you who did me harm. So I drop the case. But there's no way I could have known that without the evidence I acquired through subpoena. AFAICT, the reason you find the lawsuit frivolous is it's cost you a lot of time and money to comply with the courts orders and you don't see why you should have to pay it. A blanket rule like "person who drops the case pays all costs" is going to put off anyone who can't afford to take that risk - mainly individuals who really need the protection of the courts.
What the courts appear to be doing right now is saying "Fine, you can drop the case. But the defendants counterclaim for the time and trouble you've caused them stands" on a case-by-case basis. Which seems eminently reasonable to me and I really can't think of a better alternative that could easily be enshrined in law.
The only realistic alternative (if you want to do such a scan without spending thousands on commercial software) is to start testing for vulnerabilities by hand.
Granted, this can, in the right hands, be a means of finding new vulnerabilities. But it's a hell of a lot more work and if you're only interested in known problems - why bother when someone else has already scripted the lot?
IMO, a well-maintained server's weakest link these days is stuff like weak passwords (for anything which requires user authentication, eg. ftp, POP3, IMAP) or something like poor code in a web application.
OK, raise your hand if you actually tried to RTFA to see if the server returned that?
<raises hand>
What on Earth does anyone think contacting some organisation (that they probably have no contact with in day to day life) to tell them that they're idiots is going to achieve? More to the point, if it's not a public sector organisation and the people calling aren't shareholders, what the hell business is it of theirs?
A common selling point of open source is "if you don't like the support, you have the freedom to go elsewhere". Reading between the lines of the article, it seems like Opes have done just that. So as soon as someone decides they don't like the support and they want to go elsewhere, this is what they get? One thing I'm sure of, it certainly isn't going to encourage anyone to adopt Red Hat.
I bet the reaction would be totally different if they moved to Oracle Linux from some other commercial Unix.
The first link is no longer there, it's a 404.
Anyone get a mirror up?
At the same time, unless congress wants to hold and distribute material of questionable moral quality,
Stop right there.
When the purpose of your organisation is, to put it in very simple terms, "catalogue everything", you can't start making exceptions on moral grounds on the simple basis that what constitutes "questionable moral quality" today may be totally different tomorrow. Furthermore, who gets to define "questionable moral quality"? The closest anyone's ever come to creating such a definition is to say "Well, I can't actually come up with a concrete definition but I knows it when I sees it".
Been there, done that, got the T-shirt. Fortunately I was working at a private school so it had rather more leeway in terms of what it could do. But even then, you'd be amazed (and rather disappointed) at the rubbish that's foisted on our schools.
I'm generalising hugely here, but IME most teachers are working to teach. Not to run a computer network. To compound the problem, many teachers haven't spent much time working outside of a school so they've not developed the same degree of cynicism when faced with claims made in sales literature. The end result is that they genuinely have no idea of how badly they're being ripped off, and when a slick sales leaflet appears announcing some company to be a "specialist in education", they're often all over it - thinking "Ah, this looks ideal".
They'd go nuts if they knew that they could probably employ another teacher full-time for the amount they get ripped off every year.
You should consider yourself very lucky indeed.
But it's not XP with Active Directory I'm talking about. It's third-party software sold for educational purposes. I'll place money on it that your techs have spent their fair share of time wondering why the heck some piece of software that's been foisted on them by some teacher refuses to run if it's deployed using any method other than "Go to each PC in turn, insert CD and type D:\setup, click next next next".
By the way, does your school collect Tesco Computers for Schools vouchers? Did you know that you need at least 750 vouchers before you can get even a simple piece of software, and that software will generally only be licensed for use on one PC?
Maybe I could have made my point clearer.
Even when the problems with deploying software on Windows are well-known and mostly solved (eg. with MSI files, repackaging products etc), there are pieces of software which seem to go out of their way to make deploying in an automated fashion almost impossible.
Yes I know "there are ways around it". Believe me, I've been there and tried almost every one of them. I've had varying degrees of success. It is not helped by software which is so convinced it's going to be running from a CD that it's hardcoded all its paths to the root of the directory it's running from (so you need to map a drive specifically for that piece of software - so you either need to run it from a wrapper script which uses subst to simulate this or you need to spend a precious drive letter on just one piece of software. ).
Time where the tech is required to be physically stood by the workstation while this is going on: Less than 1 minute.
Time to carry workstation over to tech's desk and replace: 5 minutes plus walking time.
Now, let's assume for the sake of argument that the IT department has also prepared an image of the developers' workstation. You can bet that they won't be keeping it up to date with the latest hardware if that image is just used for one or two people, so if the developer's workstation fails two years down the line, they'll have to spend some time checking whether or not the hardware two years down the line requres a new kernel from the distributor - and if drivers for the hardware haven't made it to the distribution's kernel yet, you'll have to compile your own. If something breaks on your workstation, you call IT, they bring you a new computer, swap it for your old one, and you continue working. Yes, it might take a little extra time to restore from backup, but compared to the time this guy obviously loses from Windows, does it really benefit? I don't think so. Restore from backup? What backup? I don't know anywhere that backs up its workstations - that's what the servers are there for. The best you're likely to get is an image of a desktop PC to install onto the new one - see my comments above.
Every time this topic comes up on Slashdot, there's some "I want a desktop running (insert OS of choice) and I will scream until I get it!" argument, usually put forward by someone who promptly demonstrates that they've got no idea how an IT department in the real world functions. In the real world, the IT department has to be pragmatic and cater for the majority. The remainder will generally have to learn to live with that, and tools like SSH, Cygwin/X and Hummingbird Exceed are what you use in order to live with it.
Debian is free until such time as you discover that the PC on your desk was built with some strange graphics card and it takes you two days wrestling to get X up and running.
The company doesn't care, they buy whatever PC Dell/HP/IBM are shipping this month in the knowledge that it'll work in Windows. They're not going to spend weeks ensuring that they're getting something for which Linux drivers exist.
Also, the IT department has a limited budget. Training someone up so they can offer support to the 3 people who want Unix desktops is hard to justify. My own take (and I'm the IT manager at our shop, which is almost entirely Linux on servers) has been "Fine, use Linux. We'll happily tell you what type of printers we use and what your DNS/mail server/web proxy should be, but it's your problem to set it up and your problem to support it. You just have to clear doing that with your manager and you're away."
We have to fake different UA strings in different labs just to get this stuff to run.
Wouldn't it be easier just to have a web proxy rewrite the UA string? I'm 95% sure squid can do that.
Back on the topic of educational software though... ughh. I worked in a school for just one year and it was enough to convince me that the way to sell software to schools is to send every school in the country a flyer proclaiming yourself to be "specialists in the education market" - that way you could make a bunch of sales without having to actually produce a half-decent product.
I was later told that there's a reason for this. Educational software - certainly in the UK - is generally split into two camps.
On the one hand, you've got stuff written by computer people. It's generally reasonably easy to manage, can be rolled out across a network and is not too much hassle. But it's also generally lousy at getting a point across, so it's not very popular with teachers. Bit of a problem when ultimately it's the teachers who are going to work with it.
On the other hand, you've got programs written by teachers who happen to have an interest in computing. It's generally quite good at getting a point across (and is thus popular with teachers) but it was usually written by someone who's never had to think beyond the PC on their desk. So the installation instructions say "Go to every PC, insert the CD and type D:\setup". In extreme cases, you find all sorts of annoyances: like parts of the setup program have been hardcoded to assume it's being installed from CD and the CD-ROM drive is drive D. Calling the software manufacturer and pointing out that this isn't terribly practical when the software is to be installed on a few hundred workstations generally results in an answer of "Oh. Never thought of that. Never mind, it only takes 5 minutes to install."
Multiplying that 5 minutes by the number of PCs which need the software installed is left as an exercise for the reader.
In the interests of fairness, I should point out that this was a few years ago - before XP was released and MSIs became as common as they are today. But I would be astonished if you were to tell me that things have changed that drastically.
Thanks, mods. Would have been a lot funnier if I could have seen the look on his face when it happened.
Having said that, you should have seen the look on my face when I came back to my car.
Particularly in batch files which are not only executed one line at a time, they're also read into memory one line at a time. So you really don't want to overwrite a batch file that's currently running.
That's because rm doesn't get passed a *, it gets passed a list of filenames which has been expanded from the * by the shell.
Convention states that the way a program knows that no further arguments should be interpreted as command switches is by means of the -- switch. If no -- has been found, then anything which looks like a switch is generally interpreted as one.
The alternative would be to look to see if there is a -i file and if there is assume that you meant "delete file called -i" rather than "delete interactively", which runs completely contrary to another common Unix convention - specifically, that the program shouldn't try to second-guess the user.
This means that Microsoft is then obligated to provide you with technical support.
It does not, however, mean that Microsoft is obliged to put anyone any more intelligent than the rubber plant in the corner of the office on the technical support team.
Anyone who's ever tried to get real technical support knows what I mean.
There's a remarkable number of Windows users have no clue what version they're running, or even that the version might be significant. Ask an ordinary person who happens to own a PC what operating system they're running (or even what version of Windows) and there's a strong chance you'll get blank looks, a nonsensical answer (like "Oh, it's Windows '97") or an answer that's just plain wrong.
This problem is partly compounded by Microsoft abandoning a numerical versioning scheme. At least with numbers it's pretty clear that 3>2>1.
Might as well just ship it as a console game then.
The OS provides something very useful which bootable live-OS cds don't. An API designed for graphics and sound.
You can't use a bootable Windows based CD without paying Microsoft. And a bootable Linux CD is *always* going to be potluck whether or not the latest and greatest hardware will work - bit of a problem when it's a game (which by definition probably wants the latest and greatest hardware).
Not a software bug but a design flaw in a car I used to own.
The Vauxhall Astra Mk.2 (Opel Kadett E) had a design flaw in the steering column. Specifically, the steering column was rather weaker than the steering lock.
The upshot of it was when some little scrote decided to try and steal my car (this was way before cars were fitted with immobilisers), when he tried to break the steering lock the steering column snapped and the steering wheel came straight off in his hand.
Wouldn't it have been quicker (not to mention more secure) just to rebuild the box?
At least that way there's no niggling question lurking in the back of your mind "Have we got everything? Or is there still some random trojan on there?"
Then I hope you like my new invention. It's a 3-dimensional photocopier. Place any object in there, turn it on and out pops an identical copy.
I am sure the manufacturing industry will be ecstatic to learn of this new invention.
If a case of assault against you is dropped, does that mean you can now go and assualt whoever you like without fear?
All judges do not share knowledge from a common pool. They are not the Borg.
While this is true, I'm sure they talk to each other. And once over, the cases become part of public record.
Sooner or later, even the most out of touch judge is going to notice a pattern in the number of cases being brought up by a single organisation.
I would call it frivolous if the reasons I had for believing you have done me harm are obviously flimsy and constitute a gross lack of due diligence.
OK, let's break this down.
I say you've done me harm. Sort it out or I'll sue you.
You say "No you haven't. Prove it. I'll see you in court."
So I take you to court. Note that at this stage, while I've got a good idea you've done me harm, I have very little in the way of hard evidence.
I get a number of pieces of evidence under subpoena, and the conclusion from looking at that evidence is actually, I was wrong. It wasn't you who did me harm. So I drop the case. But there's no way I could have known that without the evidence I acquired through subpoena. AFAICT, the reason you find the lawsuit frivolous is it's cost you a lot of time and money to comply with the courts orders and you don't see why you should have to pay it. A blanket rule like "person who drops the case pays all costs" is going to put off anyone who can't afford to take that risk - mainly individuals who really need the protection of the courts.
What the courts appear to be doing right now is saying "Fine, you can drop the case. But the defendants counterclaim for the time and trouble you've caused them stands" on a case-by-case basis. Which seems eminently reasonable to me and I really can't think of a better alternative that could easily be enshrined in law.
Disclaimer: IANAL. I'm not even in the US.
(kinda like the $600 razr phone, which is now $50 or free with a plan.)
Eh? That's been almost exclusively pay-as-you go in the UK for ages, and looks like being discontinued very shortly (if it hasn't been already).
Except for its OS/2 inheritance, which was an IBM/Microsoft joint project.
The only realistic alternative (if you want to do such a scan without spending thousands on commercial software) is to start testing for vulnerabilities by hand.
Granted, this can, in the right hands, be a means of finding new vulnerabilities. But it's a hell of a lot more work and if you're only interested in known problems - why bother when someone else has already scripted the lot?
IMO, a well-maintained server's weakest link these days is stuff like weak passwords (for anything which requires user authentication, eg. ftp, POP3, IMAP) or something like poor code in a web application.