It's like being forced to watch an extremely bad car crash in slow motion - so slow it takes place over the course of years rather than seconds. You know what's happening from quite early on in the process, you've got a pretty good idea of how it's going to pan out in the end, you can tell from the pace at which things progress that the end may be some time away and you're powerless to stop it.
Nobody's suggesting putting apt-get on phones; simply the concept. The obvious way to apply this on a smartphone is to allow as many app stores as you like and it's down to the user to decide which one(s) they want to use; the official one does effectively operate as a walled garden but there's no reason you can't install apps independently of the app store - or for that matter from someone else's app store.
Which does solve the malware problem while retaining freedom, but I rather suspect it gives Google such a massive advantage (they've already got an app store, all they need to do is remove the known malware, institute a review process for new apps and they're done) that nobody else would bother setting one up.
Month 9: "New research suggests that including punctuation marks in your password can make it 43% harder to guess!" BRILLIANT. From now on, all passwords must be at least 8 characters long, no greater than 15 characters long, consist of letters, numbers and punctuation, not appear in any dictionary even if common number/letter substitutions are accounted for, must not contain the same character repeated more than twice, must not contain sequential letters or numbers, will be checked against the phone number we have on record for you to ensure it's not that, must change every 30 days and you can't use the same password twice in a year! We'll keep records of your last 12 passwords to enforce this!
Month 10: "Security experts say onerous password rules can make systems less secure!" OK. From now on, all password rules are eliminated!
Month 11: "Are your users using passwords that are too short?" EEKS! PANIC! From now all, all passwords must be at least 8 characters long!
Granted, I gave an extreme example - but the thing is a dictionary attack is fantastically easy to defend against. So much so that many half-decent authentication schemes have protection against that baked right into them and turned on by default - get your password wrong too many times in a row and you get locked out.
I would dearly love to know exactly how many security breaches in the real world come from password brute-forcing (either through trying to login with every conceivable password or obtaining a list of hashes). I'm prepared to bet that in a significant percentage of cases, serious security breaches come from one of a handful of sources. Sources like:
- People whose unencrypted data (be it on CD, laptop, USB stick or whatever) gets stolen.
- Malware that grabs passwords.
- Corrupt employees/contractors.
You can not expect everything to be secure. You have to pick and choose your battles. Workers must have some freedoms. Most of the stuff they do should be easy. Difficulty should be reserved for where it is really needed. I hate seeing a system that has 54 character passwords that are reset every 28 days and must include lower case, uppercase, numbers and punctuation so that a call taker can log into the system to take calls. That is stupid shit.
You're not talking about security, you're talking about policies that are thrown together piecemeal in the form of a constantly-updated list of "Things that have been described as insecure in the latest issue of "IT Security for - and written by - PHBs Magazine"". You know how it goes:
Month 1: "Are your users using passwords that are too short?" EEKS! PANIC! From now all, all passwords must be at least 8 characters long!
Month 2: "Are your users using easily guessable passwords?" PANIC! From now on, all passwords must be at least 8 characters long and consist of letters and numbers!
Month 3: "Are your users using passwords that are too long? Yes, it's possible. Read our article..." SHIT! SHIT! SHIT! From now on, all passwords must be at least 8 characters long, no greater than 15 characters long and consist of letters and numbers!
Month 4: "Do you change your passwords often enough?" PANIC! From now on, all passwords must be at least 8 characters long, no greater than 15 characters long and consist of letters and numbers, and must change every 30 days!
Month 5: "Are your users abusing your policy by typing in the same password every time they're prompted to change it? Read our exclusive report...." ACTION STATIONS! From now on, all passwords must be at least 8 characters long, no greater than 15 characters long and consist of letters and numbers, must change every 30 days and you can't use the same password twice in a year! We'll keep records of your last 12 passwords to enforce this!
Month 6: "Are you secure against dictionary attacks? Read our article about this SHOCKING new attack method!" AAARGH! Right, from now on, all passwords must be at least 8 characters long, no greater than 15 characters long, consist of letters and numbers, not appear in any dictionary even if common number/letter substitutions are accounted for, must change every 30 days and you can't use the same password twice in a year! We'll keep records of your last 12 passwords to enforce this!
Month 7: "Did you know? 70% of people use a simple password like 'aaaaaaaaa' or '1234567890123' (not particularly surprising if you've been following everything we've said) Turn to page 12 for our exclusive report!" DAMN! From now on, all passwords must be at least 8 characters long, no greater than 15 characters long, consist of letters and numbers, not appear in any dictionary even if common number/letter substitutions are accounted for, must not contain the same character repeated more than twice, must not contain sequential letters or numbers, must change every 30 days and you can't use the same password twice in a year! We'll keep records of your last 12 passwords to enforce this!
Month 8: "New research suggests 30% of people use their own telephone number as a password!" OH NO YOU DON'T! From now on, all passwords must be at least 8 characters long, no greater than 15 characters long, consist of letters and numbers, not appear in any dictionary even if common number/letter substitutions are accounted for, must not contain the same character repeated more than twice, must not contain sequential letters or numbers, will be checked against the phone number we have on record for you to ensure it's not that, must change every 30 days and you can't use the same password twice in a year! We'll keep records of your last 12 passwords to enforce this!
OK, so I understand from other posts that Extremadura has historically done a good job of supporting Linux. Whatever. I still can't shake the feeling - particularly given past experience with other big migration projects - that this is a ploy to get a better price from Microsoft.
Not, I would say, a particularly PC view, and doubtless one that will get you modded troll quicker than a quick thing. But I would temper your view with a rather more - shall we say diplomatic? - way of putting things.
Some views are fundamentally incompatible and unless both parties are prepared to compromise, conflict will ultimately result. Full stop, end of conversation. Get together people who feel strongly enough to kill to make their point and give them the means to do so, you probably shouldn't be too surprised when they do. There's no way of getting around this, and to pretend there is is probably the most damaging thing extreme political correctness has ever achieved.
In this case, the conflict is between very conservative Muslims who happen to be in charge of a country and the West, but it could just as easily be between animal liberation people and drugs testing labs.
So? It supports plain old Dolby Digital; the last time I had more than two speakers plugged into it was about 2006/2007.
To be honest, it didn't seem to make much difference when I did. Maybe it's more noticeable if you watch a lot of action movies, but I was mildly surprised at how few things on DVD really seem to take full advantage of having the extra channels available even if they are mastered in Dolby Digital.
There's no "will be" about it, you have no idea how many budget storage providers I've looked at where the service they offer is mathematically impossible with current disk drive prices - they're generally oversubscribing themselves by an enormous amount to make ends meet.
A cloud provider going away is very much like a hard drive failing.
Except we are told that it's considerably less likely because operating a reliable service is their core business and hence should be something they're very good at.
No. Every time there's a textbook story on slashdot, someone posts this nonsense about "kickbacks." Every time I see it, I post a reply and ask for evidence. None is ever forthcoming.
It's endemic and comes up whenever a decision involving a significant amount of money is involved.
Thing is, I've seen all sorts of sales tricks. I've seen "Structure your conversation so you're talking to the customer like they already bought the product". I've seen "Pay a referral fee to anyone who recommends someone come to you". I've seen "Throw in a special offer that on closer inspection isn't all that special". I've seen "Make an opening offer that's really good, who cares if you just break even; sell the customer more stuff later because it's a lot easier to sell to an existing customer". I've seen "Get this totally unrelated valuable product when you spend £thousands. Please note that the totally unrelated product will still appear on your invoice and we won't deliver it to a different address so you personally will have to pretty openly defraud your employer if you want to keep it for yourself. We've nailed our computer system so your account manager can't override this, so please don't embarrass him by asking him to".
The closest I've ever seen to a kickback is "take the client out to lunch and pick up the tab". Yet the way/. talks about it, anyone would think that every big purchase involves invoicing 20% extra and paying it back to the man who placed the order in a brown paper bag containing unmarked, non-sequential notes. Cobblers.
I thought one of the fundamental aspects of modern empirical science is that, unlike a religion, it is ALWAYS open to revision and dispute.
It's open to revision and dispute provided those proposing revisions or disputing the evidence can bring falsifiable hypotheses or credible evidence of their own to the table. Or for that matter if those disputing can demonstrate how existing evidence is flawed - which becomes more difficult as a hypothesis develops into an accepted theory because the amount of evidence that needs overturning becomes impossibly large.
It's not open to adopting a different stance simply because a group of people have decided they don't like the findings.
There is only one way to deal with this sort of customer abuse (and that's what it is).
Make it substantially less painful for the person on the other end to refund you. And if that means letters to the CEO, phone calls every 10 minutes, walking into the store and supergluing your hand to the counter - so be it.
- Is the default filesystem for Windows. Count every Windows PC and yes it probably is the most widely used. - Advanced/Feature rich: NTFS has an enormous number of features. For some reason best known only to the FSM these are seldom used outside of Windows itself - userland software seldom scratches the surface.
I don't think they fear Linux geeks. I think they are terminally afraid average people could realize how bad and how far behind Windows actually is in comparison to the alternatives.
You keep telling yourself that.
Microsoft is, I concede, many years behind Linux in a number of features. Unfortunately, only about 2% of people on the planet care about 98% of those features.
There are features where Windows is probably 10-15 years ahead of Linux. These are features that 98% of people on the planet do care about.
I have heard an alternate theory - one that I quite like (but it remains to be seen whether it'll play out).
Subsidies.
Seriously, Microsoft is all-but unknown in the mobile phone & tablet marketplace - and the total failure of anyone to produce a tablet comparable in build quality and specs to the iPad for a significantly cheaper price - puts Microsoft at a severe disadvantage. They get involved with some cheap nasty Chinese OEM, they wind up with their product being synonymous with cheap nasty tablets. They get involved with someone like Samsung, the product works out at exactly the same price as an iPad or a top Android tablet but without the benefit of a large app store or a brand that's well respected in that marketplace. By subsidising the tablets, Microsoft could make a dent in the market - but they don't want to do that and have a bunch of instructions show up on the Internet a week later for "How to turn your Samsung Galaxy Tab 10W (RRP: £299) into an Android tablet (RRP: £399)".
Systems that limit the password to, say, 13 characters bug the crap out of me, because I often chose passwords that are longer.
IME the great majority of password limitations arise because of a very particular set of circumstances:
1. A system is set up. For whatever reason, it doesn't let you have passwords with more than 13 characters. 2. The head of IT reads an article concerning this system. This article notes that because of the way passwords are stored, the most secure password contains 8-13 characters. Before long, a policy is dictated stating that passwords must contain 8-13 characters for security reasons. 3. A new system is brought in that integrates with the system in 1. This new system has issues with punctuation characters in passwords - it won't authenticate if your password contains any punctuation. So the policy gets an update. New passwords are purely alphanumeric, no punctuation. 4. The head of IT moves on. 5. The authentication is moved away from the system set up in (1); the new system doesn't have the 8-13 character issue. But the policy stays in place - nobody actually knows why it was brought in but it specifically says "for security reasons" so there must have been a good reason. 6. The system in (3) is retired. None of the remaining systems suffer from the punctuation issue. 7. Repeat steps 2-6 until you have a list of policies that effectively mean the dictionary of potential passwords that humans are likely to choose has about 100 combinations.
Underlying technology? Nope, modern versions of Windows originated with the NT kernel. You tear the GUI out of Windows as it stands right now, you don't get a DOS prompt, you get something that doesn't boot.
The DOS command line you see in Windows operates as a wholly separate process, cmd.exe, and it has no special power that isn't available to other applications.
User interface? More likely Microsoft would have it boot directly to a PowerShell prompt. Much more sophisticated than a DOS prompt.
Pretty sure recent versions of Exchange have complete PowerShell support.
Whether or not there are many people out there with sufficient experience to do so is another matter altogether. As others have alluded, a lot of Windows admins have essentially zero scripting ability.
Tell us, how is NAT a bad thing? So far you've just sneered at it -- from my perspective, it solves the problem it's meant to. And I can't even begin to tell you the number of large corporations I've worked at with computers all addressed within these [wikipedia.org] ranges. Not having them routable to the rest of the planet is actually a useful thing.
It breaks quite a few protocols and requires a more sophisticated firewall (specifically, it requires an Application Layer Gateway or ALG built into the firewall) to attempt to un-break them. FTP, IPSec and SIP immediately spring to mind. FTP ALG support is built into more-or-less every gateway and works pretty well, so it's not something you'd notice.
IPSec support is built into virtually everything but you do get the odd one or two where it's either misconfigured or not terribly interoperable - the net result is usually your CEO is in a fancy hotel somewhere and starts shouting rather loudly at the help desk that his VPN doesn't work.
SIP is rather more of a PITA - it's still an interop nightmare with ALGs that try to get clever and SIP client/server combinations that work just fine without such an ALG and indeed get broken if you turn it on.
Slashdot Mirror
Same thing happened to my gran.
It's like being forced to watch an extremely bad car crash in slow motion - so slow it takes place over the course of years rather than seconds. You know what's happening from quite early on in the process, you've got a pretty good idea of how it's going to pan out in the end, you can tell from the pace at which things progress that the end may be some time away and you're powerless to stop it.
Nobody's suggesting putting apt-get on phones; simply the concept. The obvious way to apply this on a smartphone is to allow as many app stores as you like and it's down to the user to decide which one(s) they want to use; the official one does effectively operate as a walled garden but there's no reason you can't install apps independently of the app store - or for that matter from someone else's app store.
Which does solve the malware problem while retaining freedom, but I rather suspect it gives Google such a massive advantage (they've already got an app store, all they need to do is remove the known malware, institute a review process for new apps and they're done) that nobody else would bother setting one up.
Month 9: "New research suggests that including punctuation marks in your password can make it 43% harder to guess!"
BRILLIANT. From now on, all passwords must be at least 8 characters long, no greater than 15 characters long, consist of letters, numbers and punctuation, not appear in any dictionary even if common number/letter substitutions are accounted for, must not contain the same character repeated more than twice, must not contain sequential letters or numbers, will be checked against the phone number we have on record for you to ensure it's not that, must change every 30 days and you can't use the same password twice in a year! We'll keep records of your last 12 passwords to enforce this!
Month 10: "Security experts say onerous password rules can make systems less secure!"
OK. From now on, all password rules are eliminated!
Month 11: "Are your users using passwords that are too short?"
EEKS! PANIC! From now all, all passwords must be at least 8 characters long!
Happy?
They're even worse than that.
Granted, I gave an extreme example - but the thing is a dictionary attack is fantastically easy to defend against. So much so that many half-decent authentication schemes have protection against that baked right into them and turned on by default - get your password wrong too many times in a row and you get locked out.
I would dearly love to know exactly how many security breaches in the real world come from password brute-forcing (either through trying to login with every conceivable password or obtaining a list of hashes). I'm prepared to bet that in a significant percentage of cases, serious security breaches come from one of a handful of sources. Sources like:
- People whose unencrypted data (be it on CD, laptop, USB stick or whatever) gets stolen.
- Malware that grabs passwords.
- Corrupt employees/contractors.
You can not expect everything to be secure. You have to pick and choose your battles. Workers must have some freedoms. Most of the stuff they do should be easy. Difficulty should be reserved for where it is really needed. I hate seeing a system that has 54 character passwords that are reset every 28 days and must include lower case, uppercase, numbers and punctuation so that a call taker can log into the system to take calls. That is stupid shit.
You're not talking about security, you're talking about policies that are thrown together piecemeal in the form of a constantly-updated list of "Things that have been described as insecure in the latest issue of "IT Security for - and written by - PHBs Magazine"". You know how it goes:
Month 1: "Are your users using passwords that are too short?"
EEKS! PANIC! From now all, all passwords must be at least 8 characters long!
Month 2: "Are your users using easily guessable passwords?"
PANIC! From now on, all passwords must be at least 8 characters long and consist of letters and numbers!
Month 3: "Are your users using passwords that are too long? Yes, it's possible. Read our article..."
SHIT! SHIT! SHIT! From now on, all passwords must be at least 8 characters long, no greater than 15 characters long and consist of letters and numbers!
Month 4: "Do you change your passwords often enough?"
PANIC! From now on, all passwords must be at least 8 characters long, no greater than 15 characters long and consist of letters and numbers, and must change every 30 days!
Month 5: "Are your users abusing your policy by typing in the same password every time they're prompted to change it? Read our exclusive report...."
ACTION STATIONS! From now on, all passwords must be at least 8 characters long, no greater than 15 characters long and consist of letters and numbers, must change every 30 days and you can't use the same password twice in a year! We'll keep records of your last 12 passwords to enforce this!
Month 6: "Are you secure against dictionary attacks? Read our article about this SHOCKING new attack method!"
AAARGH! Right, from now on, all passwords must be at least 8 characters long, no greater than 15 characters long, consist of letters and numbers, not appear in any dictionary even if common number/letter substitutions are accounted for, must change every 30 days and you can't use the same password twice in a year! We'll keep records of your last 12 passwords to enforce this!
Month 7: "Did you know? 70% of people use a simple password like 'aaaaaaaaa' or '1234567890123' (not particularly surprising if you've been following everything we've said) Turn to page 12 for our exclusive report!"
DAMN! From now on, all passwords must be at least 8 characters long, no greater than 15 characters long, consist of letters and numbers, not appear in any dictionary even if common number/letter substitutions are accounted for, must not contain the same character repeated more than twice, must not contain sequential letters or numbers, must change every 30 days and you can't use the same password twice in a year! We'll keep records of your last 12 passwords to enforce this!
Month 8: "New research suggests 30% of people use their own telephone number as a password!"
OH NO YOU DON'T! From now on, all passwords must be at least 8 characters long, no greater than 15 characters long, consist of letters and numbers, not appear in any dictionary even if common number/letter substitutions are accounted for, must not contain the same character repeated more than twice, must not contain sequential letters or numbers, will be checked against the phone number we have on record for you to ensure it's not that, must change every 30 days and you can't use the same password twice in a year! We'll keep records of your last 12 passwords to enforce this!
I think you've got the idea by now....
OK, so I understand from other posts that Extremadura has historically done a good job of supporting Linux. Whatever. I still can't shake the feeling - particularly given past experience with other big migration projects - that this is a ploy to get a better price from Microsoft.
Not, I would say, a particularly PC view, and doubtless one that will get you modded troll quicker than a quick thing. But I would temper your view with a rather more - shall we say diplomatic? - way of putting things.
Some views are fundamentally incompatible and unless both parties are prepared to compromise, conflict will ultimately result. Full stop, end of conversation. Get together people who feel strongly enough to kill to make their point and give them the means to do so, you probably shouldn't be too surprised when they do. There's no way of getting around this, and to pretend there is is probably the most damaging thing extreme political correctness has ever achieved.
In this case, the conflict is between very conservative Muslims who happen to be in charge of a country and the West, but it could just as easily be between animal liberation people and drugs testing labs.
So? It supports plain old Dolby Digital; the last time I had more than two speakers plugged into it was about 2006/2007.
To be honest, it didn't seem to make much difference when I did. Maybe it's more noticeable if you watch a lot of action movies, but I was mildly surprised at how few things on DVD really seem to take full advantage of having the extra channels available even if they are mastered in Dolby Digital.
Amps generally last longer than that. Mine pre-dates HDMI.
It's a PITA if you want to run the sound through a separate home cinema amp.
There's no "will be" about it, you have no idea how many budget storage providers I've looked at where the service they offer is mathematically impossible with current disk drive prices - they're generally oversubscribing themselves by an enormous amount to make ends meet.
A cloud provider going away is very much like a hard drive failing.
Except we are told that it's considerably less likely because operating a reliable service is their core business and hence should be something they're very good at.
Tape has terrible random access speed but any half-decent LTO tape drive can move data as fast as - if not faster than - most hard disks.
This guy was probably weak and lacked the capacity to handle a crisis of this magnitude.
You don't think having the capacity to handle a crisis is a necessary trait in a ship captain?
No. Every time there's a textbook story on slashdot, someone posts this nonsense about "kickbacks." Every time I see it, I post a reply and ask for evidence. None is ever forthcoming.
It's endemic and comes up whenever a decision involving a significant amount of money is involved.
Thing is, I've seen all sorts of sales tricks. I've seen "Structure your conversation so you're talking to the customer like they already bought the product". I've seen "Pay a referral fee to anyone who recommends someone come to you". I've seen "Throw in a special offer that on closer inspection isn't all that special". I've seen "Make an opening offer that's really good, who cares if you just break even; sell the customer more stuff later because it's a lot easier to sell to an existing customer". I've seen "Get this totally unrelated valuable product when you spend £thousands. Please note that the totally unrelated product will still appear on your invoice and we won't deliver it to a different address so you personally will have to pretty openly defraud your employer if you want to keep it for yourself. We've nailed our computer system so your account manager can't override this, so please don't embarrass him by asking him to".
The closest I've ever seen to a kickback is "take the client out to lunch and pick up the tab". Yet the way /. talks about it, anyone would think that every big purchase involves invoicing 20% extra and paying it back to the man who placed the order in a brown paper bag containing unmarked, non-sequential notes. Cobblers.
I thought one of the fundamental aspects of modern empirical science is that, unlike a religion, it is ALWAYS open to revision and dispute.
It's open to revision and dispute provided those proposing revisions or disputing the evidence can bring falsifiable hypotheses or credible evidence of their own to the table. Or for that matter if those disputing can demonstrate how existing evidence is flawed - which becomes more difficult as a hypothesis develops into an accepted theory because the amount of evidence that needs overturning becomes impossibly large.
It's not open to adopting a different stance simply because a group of people have decided they don't like the findings.
There is only one way to deal with this sort of customer abuse (and that's what it is).
Make it substantially less painful for the person on the other end to refund you. And if that means letters to the CEO, phone calls every 10 minutes, walking into the store and supergluing your hand to the counter - so be it.
Wasn't something similar touted for Windows 7? (Or was it Vista?) And Win2K, now I think of it.
Broadly speaking, it is true. NTFS:
- Is the default filesystem for Windows. Count every Windows PC and yes it probably is the most widely used.
- Advanced/Feature rich: NTFS has an enormous number of features. For some reason best known only to the FSM these are seldom used outside of Windows itself - userland software seldom scratches the surface.
I don't think they fear Linux geeks. I think they are terminally afraid average people could realize how bad and how far behind Windows actually is in comparison to the alternatives.
You keep telling yourself that.
Microsoft is, I concede, many years behind Linux in a number of features. Unfortunately, only about 2% of people on the planet care about 98% of those features.
There are features where Windows is probably 10-15 years ahead of Linux. These are features that 98% of people on the planet do care about.
I have heard an alternate theory - one that I quite like (but it remains to be seen whether it'll play out).
Subsidies.
Seriously, Microsoft is all-but unknown in the mobile phone & tablet marketplace - and the total failure of anyone to produce a tablet comparable in build quality and specs to the iPad for a significantly cheaper price - puts Microsoft at a severe disadvantage. They get involved with some cheap nasty Chinese OEM, they wind up with their product being synonymous with cheap nasty tablets. They get involved with someone like Samsung, the product works out at exactly the same price as an iPad or a top Android tablet but without the benefit of a large app store or a brand that's well respected in that marketplace. By subsidising the tablets, Microsoft could make a dent in the market - but they don't want to do that and have a bunch of instructions show up on the Internet a week later for "How to turn your Samsung Galaxy Tab 10W (RRP: £299) into an Android tablet (RRP: £399)".
Systems that limit the password to, say, 13 characters bug the crap out of me, because I often chose passwords that are longer.
IME the great majority of password limitations arise because of a very particular set of circumstances:
1. A system is set up. For whatever reason, it doesn't let you have passwords with more than 13 characters.
2. The head of IT reads an article concerning this system. This article notes that because of the way passwords are stored, the most secure password contains 8-13 characters. Before long, a policy is dictated stating that passwords must contain 8-13 characters for security reasons.
3. A new system is brought in that integrates with the system in 1. This new system has issues with punctuation characters in passwords - it won't authenticate if your password contains any punctuation. So the policy gets an update. New passwords are purely alphanumeric, no punctuation.
4. The head of IT moves on.
5. The authentication is moved away from the system set up in (1); the new system doesn't have the 8-13 character issue. But the policy stays in place - nobody actually knows why it was brought in but it specifically says "for security reasons" so there must have been a good reason.
6. The system in (3) is retired. None of the remaining systems suffer from the punctuation issue.
7. Repeat steps 2-6 until you have a list of policies that effectively mean the dictionary of potential passwords that humans are likely to choose has about 100 combinations.
Not in any sense of the word.
Underlying technology? Nope, modern versions of Windows originated with the NT kernel. You tear the GUI out of Windows as it stands right now, you don't get a DOS prompt, you get something that doesn't boot.
The DOS command line you see in Windows operates as a wholly separate process, cmd.exe, and it has no special power that isn't available to other applications.
User interface? More likely Microsoft would have it boot directly to a PowerShell prompt. Much more sophisticated than a DOS prompt.
Pretty sure recent versions of Exchange have complete PowerShell support.
Whether or not there are many people out there with sufficient experience to do so is another matter altogether. As others have alluded, a lot of Windows admins have essentially zero scripting ability.
Tell us, how is NAT a bad thing? So far you've just sneered at it -- from my perspective, it solves the problem it's meant to. And I can't even begin to tell you the number of large corporations I've worked at with computers all addressed within these [wikipedia.org] ranges. Not having them routable to the rest of the planet is actually a useful thing.
It breaks quite a few protocols and requires a more sophisticated firewall (specifically, it requires an Application Layer Gateway or ALG built into the firewall) to attempt to un-break them. FTP, IPSec and SIP immediately spring to mind. FTP ALG support is built into more-or-less every gateway and works pretty well, so it's not something you'd notice.
IPSec support is built into virtually everything but you do get the odd one or two where it's either misconfigured or not terribly interoperable - the net result is usually your CEO is in a fancy hotel somewhere and starts shouting rather loudly at the help desk that his VPN doesn't work.
SIP is rather more of a PITA - it's still an interop nightmare with ALGs that try to get clever and SIP client/server combinations that work just fine without such an ALG and indeed get broken if you turn it on.