Seagate's a huge firm, and this guy was hired for a job that didn't exist but they were hoping that his presence would put them in a position whereby it would.
Whether or not they knew that was illegal in Minnesota, they're unlikely to openly announce within the company that they're hiring people for nonexistent jobs - and they're hardly going to ask their HR department in that office to hire someone for a job that may never exist. In which case, their HR department isn't going to turn around and say "Er.... that might not be such a good idea."
"So, Mr. Vaidyanathan, I see you live in Minnessota now. How do you feel about relocating for this new role?" "I don't have a problem with it, but there's a good chance I'll have to fly back fairly regularly - possibly at short notice - over the course of the next year or two." "Really? Why's that?" "I'm suing my former employer".
The difference here is, that man was highly qualified and working in a field where I don't imagine you can drum up employment simply by wandering from house to house asking if anyone needs their lawn mowing.
He now has a CV (okay, resume, seeing as he's in the US) which shows he moved for this job and was promptly made redundant. Now, for a lot of HR people that's going to be a red flag - and they'll use it to disqualify him from future jobs.
I'm not sure that's sufficient grounds to argue that Seagate have effectively ended his career - I've never yet got a job through the formal HR process - but I'm not familiar with his field. Clearly Mr. Vaidyanathan thinks it is, and has managed to find a lawyer who can persuade a jury likewise.
The HR department filters out all the replies from honest people who don't have 5 years of experience of.NET then when someone with a clue gets hold of the CV prior to interview, they immediately disqualify the applicant for being a liar.
Three months later the position still hasn't been filled and management are wondering where all the "highly qualified" staff are and why they're not applying.
That's pretty frightening. I would think this would be a pain in the ass to discover, and you'd end up replacing motherboards on servers/workstations trying to figure out why they kept crashing. I mean, who would flash their network card as a troubleshooting step?
I see you've never contacted Dell technical support.
You're absolutely right. I've got a Canon EOS 400D but I don't have the time to get familiar enough to get the best out of it - TBH, the last SLR I seriously used was a 35mm film camera some years ago. I'm seriously out of practise.
My wife has a Panasonic compact with a 10x optical zoom. You can't specify the aperture or shutter speed - the most you've got is about 20 auto scenery modes. She neither know nor cares about aperture sizes, shutter speeds, depth of field or ISO speed.
Has anyone here had experience tuning Postgres on Linux versus Solaris/ZFS ? We're not a huge shop, 8 people running large data-warehouse type applications. We run on a shoestring and don't have a bunch of money to throw at the problem and would be very grateful for any ideas on how to make our database run with comparable performance on Linux. I'm hoping that I'm missing something obvious.
What have you done so far and how are you using Postgres? Mostly reads, mostly writes or some combination of the two? Postgres as it ships is notorious for slow configuration, and many Linux distributions are consistently one major version behind the curve (which is a little annoying as much of the focus of the Postgres people for some time has been improving performance).
Why have 1000 cores when you can have 1 MILLION CORES, (all running applications that can barely take advantage of 1 or 2)
Your computer only runs 1 application at a time?
No, but it certainly doesn't run 1000 applications at a time. And even if it did, I want my application to finish more quickly. If it's using 98% of the available CPU time on one core, it won't get dramatically quicker if the other 2% is farmed out to other processors.
As we all know, the solution is to rewrite my application so it lends itself to multi-processing more efficiently. Great if you're working with a problem which has a multi-processor-friendly solution (which may not currently be the solution currently implemented for whatever reason), not so great if it doesn't.
Thing is, the legal system sees itself as an independent arbiter of disputes - which, indeed, is its purpose in civil cases. It's not meant to be the hired thug for some big company. (We'll let the fact that this is frequently exactly what corporates use the legal system for slide...)
Therefore, as far as the system is concerned, writing a letter containing legal threats is broadly equivalent to writing a letter saying "I think you've done this thing, and I'm happy to take this to an independent arbiter and we'll see what he says. If you'd rather avoid all the hassle that's likely to entail, we may be able to reach some agreement".
This means it's very difficult to argue that a legal threat constitutes blackmail or extortion.
One assumes there comes a point where if a solicitor's (UK term equivalent to "lawyer") entire business plan is based around sending out letters that begin "In our opinion..." - while making a statement that cannot possibly be the opinion of a qualified solicitor because there's no evidence to favour that opinion and plenty of evidence against it - it becomes an issue.
Of course, what TFS doesn't say is that solicitors are essentially self-regulating - the SRA is just another bunch of solicitors.
I administer a network which is heterogenous on desktop and server. We run Linux and Windows, and there is the odd OS X system in there for good measure. I will tell you two things:
1. It can be done. Linux, Windows and OS X can all authenticate against an LDAP backend (if you've already got AD, use this), and if you've had the foresight to buy peripherals with wide support (eg. Postscript printers), it's quite possible. If you need centralised management on top of authentication, your best bet is probably group policies with AD, OSes which don't support group policies to authenticate against AD and then pick up their configuration some other way which you may have to cook up yourself - at least in part.
2. Unless you already have a number of good, solid reasons for this which have been discussed and agreed with the business, you probably do not want to do it. Why not? Because the most important, overriding concern you must always have in your mind as a sysadmin is "The Systems must Work"; it follows that anything which may break this is a Very Bad Thing Indeed. You're making a very big change which will almost certainly break that in a number of ways, so unless you've got some serious improvements in mind which necessitate this (and I cannot for the life of me imagine what they'd be - most companies probably don't consider their licensing costs to be a big deal), you are letting yourself in for a world of pain.
Why do I say that? Most Linux distributions (and I include Ubuntu here) are simply not designed to be used on a number of centrally-managed desktops and you'll spend a lot of time getting the configuration just so. It can be done, but the out-of-the-box configuration contains all sorts of stupid things - mostly small things that would be a one-liner and would have no impact on the distribution to fix but haven't been done because so few people are using it in this way - that you'll feel like you spend most of your life fixing tiny idiocies only for another to crop up a few days later. Obviously you can cook up your own scripts which will help hugely, but even then there's a lot you'll have to consider. How will you deal with laptops that only appear on the main network occasionally? Or a desktop PC that was shutdown for a week while someone was on holiday? Wake on LAN is seldom perfectly reliable. Will your scripts account for the risk that such a system might run version 1 of the script, miss three versions then run version 5? How will you deal with people who want to be able to install their own software? Will you give them sudo rights? sudo can be configured to work with LDAP groups, but again it's not an OOTB configuration, you'll have to write your own config files and roll them out.
There's a lot to consider. Don't mistake what you would find interesting for what the business would find interesting.
Thing is, there are still companies that are as near as dammit 100% Microsoft shops (or at least are for anything that matters) - though they're becoming a lot thinner on the ground than they were five years ago.
There are also quite a few companies that *think* they're 100% Microsoft shops. (These are the companies where technology isn't core to their business, and the management think that if they're running Windows on their desktop PC, everything else must be Windows as well - after all, you can't get a computer from IBM to talk to one from Fujitsu now[1], can you?). Well and good if you're selling your phone to management at such companies.
But I don't think that's what Microsoft aim to do. The iPhone was probably the first smartphone with real consumer appeal, and if you walk into any UK phone store today you'll see that 80% of the phones they're really pushing are, to a greater or lesser extent, smartphones. Plain old mobile phones without all the smart functionality are being pushed almost exclusively onto Pay as you Go customers and those on a very low budget - two years from now, I reckon a non-smartphone will be as easy to find on the high street as a non-cameraphone is today. My guess is that Microsoft want a piece of that market.
[1] Note for younger/.'ers : Way back in the mists of time, interoperability between computer systems was almost unheard of. You bought the computer from Company X, who also sold you a bunch of other peripherals which connected using proprietary interfaces. Even if you could somehow hook the tape drive from one manufacturer's computer up to another, you'd likely have a hell of a job getting useful data out of it. If you had any sort of networking, it also was proprietary. Standards? What are they?
- this would walk all over the protection offered by ASLR and DEP because it wouldn't need to be injected into another running process.
Having said all that, I never for one minute believed the death of XP would mean the end of malware. It's become a full-blown industry in its own right these days, and a lot of money is involved. Those who do it aren't going to let a bunch of acronyms that make their job a little harder until such time as they've put whatever functionality they need to work around it into a library any more than burglars all gave up and started going straight with the advent of modern locks.
First thing you learn when you get out of your mother's basement is that a large chunk of security is risk assessment.
Okay, so a bug has been found in (obscure library). What systems have that library installed? Do they need it installed in the first place? What services do those systems carry? How much risk is the business exposed to by this bug? Can we make a quick, painless configuration change rather than upgrade a library and go through our entire testing process to check it doesn't break anything - a long, painful and arduous process?
More often than not, by the time you've gone through all those questions you find that actually, the bug isn't as bad as all that and you can more-or-less immunise yourself to any impact it may have without having to install the patch. This is why it's really big news when something big (like the Debian SSH debacle a couple of years ago) is found.
Word is that a lot of modern malware is starting to check the OS and not do anything that would trigger a UAC alert under Vista or Win7.
Which makes a lot of sense - AFAIK you can still establish a TCP connection and ship out the contents of the user's home directory with little fear of detection.
Most modern systems have a concept of statutory laws that you can't sign away no matter who you are or what you sign, and this is precisely the sort of thing that would come under such law.
About the only time you can sign a bit of paper which says "I accept that I'm doing something risky and may get killed doing it" is if you join the armed forces.
Because it has nothing to do with security and everything to do with the appearance of security. The two are often quite different, and should not be confused.
If our politicians wanted security, they'd canvass the opinion of the worlds' experts. If they want political appearance of security, they will do what they think looks good.
The worlds' experts have almost universally said "Everything being done is a waste of time - obvious knee-jerk reactions are pointless"; the world's politicians have without fail carried out the obvious knee-jerk reaction whenever something bad happens.
Dealing with the details of laws is her job. She knows as well as you or I how ridiculous that law is and how stupid it is that it is implemented by a guy that cannot deviate from a script that could almost be replaced by a robot. She's getting angry about something we should all be angry about and she knows that things are done differently in her country (perhaps just as stupid, but in different ways).
What on Earth are you talking about? She is a UK politician who was flying to the US. However, the aerosol was taken off her in Heathrow airport
Then you should see some of the phishing emails that have been doing the rounds over the last 18 months- 2 years. The phishers have really upped their game.
I'm making a huge generalisation here, but as far as the better phishing scams go - well, gone are the spelling mistakes, gone is the poor-quality logo attached to the email, gone is the demand that you email them through a hotmail address and gone is the "From:" address being something obviously unrelated to the company that's contacting you. In some cases, they're not even phishing for bank details. They're phishing for ebay, paypal and even facebook details as part of a wider scam.
I can well imagine someone falling for many of them - someone who would see straight through a Nigerian 419 or a poor-quality "enter you're login details ok plz" email. Email needs public key cryptography to become widely adopted, but right now very few web-based providers offer decent support for it - and desktop application support is almost as bad. Where the application supports it, it makes such a pigs' ear of the interface that nobody but the uber-geek would go near it.
As far as any sufficiently large business is concerned, nothing is illegal until such time as you have been taken to court and exhausted all the appeal avenues you're prepared to follow.
Slashdot Mirror
Actually, it's probably an ENUM. Which would mean it could have 65,535 possible values.
Source:
http://dev.mysql.com/doc/refman/5.0/en/enum.html
Doesn't surprise me that much.
Seagate's a huge firm, and this guy was hired for a job that didn't exist but they were hoping that his presence would put them in a position whereby it would.
Whether or not they knew that was illegal in Minnesota, they're unlikely to openly announce within the company that they're hiring people for nonexistent jobs - and they're hardly going to ask their HR department in that office to hire someone for a job that may never exist. In which case, their HR department isn't going to turn around and say "Er.... that might not be such a good idea."
I can just imagine the interview.
"So, Mr. Vaidyanathan, I see you live in Minnessota now. How do you feel about relocating for this new role?"
"I don't have a problem with it, but there's a good chance I'll have to fly back fairly regularly - possibly at short notice - over the course of the next year or two."
"Really? Why's that?"
"I'm suing my former employer".
The difference here is, that man was highly qualified and working in a field where I don't imagine you can drum up employment simply by wandering from house to house asking if anyone needs their lawn mowing.
He now has a CV (okay, resume, seeing as he's in the US) which shows he moved for this job and was promptly made redundant. Now, for a lot of HR people that's going to be a red flag - and they'll use it to disqualify him from future jobs.
I'm not sure that's sufficient grounds to argue that Seagate have effectively ended his career - I've never yet got a job through the formal HR process - but I'm not familiar with his field. Clearly Mr. Vaidyanathan thinks it is, and has managed to find a lawyer who can persuade a jury likewise.
The HR department filters out all the replies from honest people who don't have 5 years of experience of .NET then when someone with a clue gets hold of the CV prior to interview, they immediately disqualify the applicant for being a liar.
Three months later the position still hasn't been filled and management are wondering where all the "highly qualified" staff are and why they're not applying.
Social networks don't tend to work very well when hardly anyone's on them. The clue's in the name.
That's pretty frightening. I would think this would be a pain in the ass to discover, and you'd end up replacing motherboards on servers/workstations trying to figure out why they kept crashing. I mean, who would flash their network card as a troubleshooting step?
I see you've never contacted Dell technical support.
You're absolutely right. I've got a Canon EOS 400D but I don't have the time to get familiar enough to get the best out of it - TBH, the last SLR I seriously used was a 35mm film camera some years ago. I'm seriously out of practise.
My wife has a Panasonic compact with a 10x optical zoom. You can't specify the aperture or shutter speed - the most you've got is about 20 auto scenery modes. She neither know nor cares about aperture sizes, shutter speeds, depth of field or ISO speed.
Guess who consistently gets the better photos.
Has anyone here had experience tuning Postgres on Linux versus Solaris/ZFS ? We're not a huge shop, 8 people running large data-warehouse type applications. We run on a shoestring and don't have a bunch of money to throw at the problem and would be very grateful for any ideas on how to make our database run with comparable performance on Linux. I'm hoping that I'm missing something obvious.
What have you done so far and how are you using Postgres? Mostly reads, mostly writes or some combination of the two? Postgres as it ships is notorious for slow configuration, and many Linux distributions are consistently one major version behind the curve (which is a little annoying as much of the focus of the Postgres people for some time has been improving performance).
Why have 1000 cores when you can have 1 MILLION CORES, (all running applications that can barely take advantage of 1 or 2)
Your computer only runs 1 application at a time?
No, but it certainly doesn't run 1000 applications at a time. And even if it did, I want my application to finish more quickly. If it's using 98% of the available CPU time on one core, it won't get dramatically quicker if the other 2% is farmed out to other processors.
As we all know, the solution is to rewrite my application so it lends itself to multi-processing more efficiently. Great if you're working with a problem which has a multi-processor-friendly solution (which may not currently be the solution currently implemented for whatever reason), not so great if it doesn't.
Thing is, the legal system sees itself as an independent arbiter of disputes - which, indeed, is its purpose in civil cases. It's not meant to be the hired thug for some big company. (We'll let the fact that this is frequently exactly what corporates use the legal system for slide...)
Therefore, as far as the system is concerned, writing a letter containing legal threats is broadly equivalent to writing a letter saying "I think you've done this thing, and I'm happy to take this to an independent arbiter and we'll see what he says. If you'd rather avoid all the hassle that's likely to entail, we may be able to reach some agreement".
This means it's very difficult to argue that a legal threat constitutes blackmail or extortion.
One assumes there comes a point where if a solicitor's (UK term equivalent to "lawyer") entire business plan is based around sending out letters that begin "In our opinion..." - while making a statement that cannot possibly be the opinion of a qualified solicitor because there's no evidence to favour that opinion and plenty of evidence against it - it becomes an issue.
Of course, what TFS doesn't say is that solicitors are essentially self-regulating - the SRA is just another bunch of solicitors.
IIRC, microcode updates are typically packaged as part of BIOS updates.
Tell me, how many PCs - as a percentage of those sold - get their BIOS regularly updated?
I administer a network which is heterogenous on desktop and server. We run Linux and Windows, and there is the odd OS X system in there for good measure. I will tell you two things:
1. It can be done. Linux, Windows and OS X can all authenticate against an LDAP backend (if you've already got AD, use this), and if you've had the foresight to buy peripherals with wide support (eg. Postscript printers), it's quite possible. If you need centralised management on top of authentication, your best bet is probably group policies with AD, OSes which don't support group policies to authenticate against AD and then pick up their configuration some other way which you may have to cook up yourself - at least in part.
2. Unless you already have a number of good, solid reasons for this which have been discussed and agreed with the business, you probably do not want to do it. Why not? Because the most important, overriding concern you must always have in your mind as a sysadmin is "The Systems must Work"; it follows that anything which may break this is a Very Bad Thing Indeed. You're making a very big change which will almost certainly break that in a number of ways, so unless you've got some serious improvements in mind which necessitate this (and I cannot for the life of me imagine what they'd be - most companies probably don't consider their licensing costs to be a big deal), you are letting yourself in for a world of pain.
Why do I say that? Most Linux distributions (and I include Ubuntu here) are simply not designed to be used on a number of centrally-managed desktops and you'll spend a lot of time getting the configuration just so. It can be done, but the out-of-the-box configuration contains all sorts of stupid things - mostly small things that would be a one-liner and would have no impact on the distribution to fix but haven't been done because so few people are using it in this way - that you'll feel like you spend most of your life fixing tiny idiocies only for another to crop up a few days later. Obviously you can cook up your own scripts which will help hugely, but even then there's a lot you'll have to consider. How will you deal with laptops that only appear on the main network occasionally? Or a desktop PC that was shutdown for a week while someone was on holiday? Wake on LAN is seldom perfectly reliable. Will your scripts account for the risk that such a system might run version 1 of the script, miss three versions then run version 5? How will you deal with people who want to be able to install their own software? Will you give them sudo rights? sudo can be configured to work with LDAP groups, but again it's not an OOTB configuration, you'll have to write your own config files and roll them out.
There's a lot to consider. Don't mistake what you would find interesting for what the business would find interesting.
Can you guys go from carrier to carrier and keep your number? Easy in the EU (though I don't think you can cross national borders and do that).
Not really, IME the exact same rules regarding liquids apply regardless of where you're flying from or to with remarkable consistency.
Thing is, there are still companies that are as near as dammit 100% Microsoft shops (or at least are for anything that matters) - though they're becoming a lot thinner on the ground than they were five years ago.
There are also quite a few companies that *think* they're 100% Microsoft shops. (These are the companies where technology isn't core to their business, and the management think that if they're running Windows on their desktop PC, everything else must be Windows as well - after all, you can't get a computer from IBM to talk to one from Fujitsu now[1], can you?). Well and good if you're selling your phone to management at such companies.
But I don't think that's what Microsoft aim to do. The iPhone was probably the first smartphone with real consumer appeal, and if you walk into any UK phone store today you'll see that 80% of the phones they're really pushing are, to a greater or lesser extent, smartphones. Plain old mobile phones without all the smart functionality are being pushed almost exclusively onto Pay as you Go customers and those on a very low budget - two years from now, I reckon a non-smartphone will be as easy to find on the high street as a non-cameraphone is today. My guess is that Microsoft want a piece of that market.
[1] Note for younger /.'ers : Way back in the mists of time, interoperability between computer systems was almost unheard of. You bought the computer from Company X, who also sold you a bunch of other peripherals which connected using proprietary interfaces. Even if you could somehow hook the tape drive from one manufacturer's computer up to another, you'd likely have a hell of a job getting useful data out of it. If you had any sort of networking, it also was proprietary. Standards? What are they?
It's rumour, take it with as much or as little salt as you think it needs. But a quick google for malware UAC shows:
http://www.zdnet.com/blog/security/windows-7s-default-uac-bypassed-by-8-out-of-10-malware-samples/4825
http://www.theregister.co.uk/2009/02/04/windows_uac_flaw/
And IIRC there was a piece of malware that was signed using a genuine, valid certificate that was issued to Realtek. Looks like I do RC:
http://news.softpedia.com/news/Signed-Malware-Used-Valid-Realtek-Certificate-147942.shtml
- this would walk all over the protection offered by ASLR and DEP because it wouldn't need to be injected into another running process.
Having said all that, I never for one minute believed the death of XP would mean the end of malware. It's become a full-blown industry in its own right these days, and a lot of money is involved. Those who do it aren't going to let a bunch of acronyms that make their job a little harder until such time as they've put whatever functionality they need to work around it into a library any more than burglars all gave up and started going straight with the advent of modern locks.
First thing you learn when you get out of your mother's basement is that a large chunk of security is risk assessment.
Okay, so a bug has been found in (obscure library). What systems have that library installed? Do they need it installed in the first place? What services do those systems carry? How much risk is the business exposed to by this bug? Can we make a quick, painless configuration change rather than upgrade a library and go through our entire testing process to check it doesn't break anything - a long, painful and arduous process?
More often than not, by the time you've gone through all those questions you find that actually, the bug isn't as bad as all that and you can more-or-less immunise yourself to any impact it may have without having to install the patch. This is why it's really big news when something big (like the Debian SSH debacle a couple of years ago) is found.
Word is that a lot of modern malware is starting to check the OS and not do anything that would trigger a UAC alert under Vista or Win7.
Which makes a lot of sense - AFAIK you can still establish a TCP connection and ship out the contents of the user's home directory with little fear of detection.
Most modern systems have a concept of statutory laws that you can't sign away no matter who you are or what you sign, and this is precisely the sort of thing that would come under such law.
About the only time you can sign a bit of paper which says "I accept that I'm doing something risky and may get killed doing it" is if you join the armed forces.
(Disclaimer: IANAL).
Because it has nothing to do with security and everything to do with the appearance of security. The two are often quite different, and should not be confused.
If our politicians wanted security, they'd canvass the opinion of the worlds' experts. If they want political appearance of security, they will do what they think looks good.
The worlds' experts have almost universally said "Everything being done is a waste of time - obvious knee-jerk reactions are pointless"; the world's politicians have without fail carried out the obvious knee-jerk reaction whenever something bad happens.
Dealing with the details of laws is her job. She knows as well as you or I how ridiculous that law is and how stupid it is that it is implemented by a guy that cannot deviate from a script that could almost be replaced by a robot. She's getting angry about something we should all be angry about and she knows that things are done differently in her country (perhaps just as stupid, but in different ways).
What on Earth are you talking about? She is a UK politician who was flying to the US. However, the aerosol was taken off her in Heathrow airport
Then you should see some of the phishing emails that have been doing the rounds over the last 18 months- 2 years. The phishers have really upped their game.
I'm making a huge generalisation here, but as far as the better phishing scams go - well, gone are the spelling mistakes, gone is the poor-quality logo attached to the email, gone is the demand that you email them through a hotmail address and gone is the "From:" address being something obviously unrelated to the company that's contacting you. In some cases, they're not even phishing for bank details. They're phishing for ebay, paypal and even facebook details as part of a wider scam.
I can well imagine someone falling for many of them - someone who would see straight through a Nigerian 419 or a poor-quality "enter you're login details ok plz" email. Email needs public key cryptography to become widely adopted, but right now very few web-based providers offer decent support for it - and desktop application support is almost as bad. Where the application supports it, it makes such a pigs' ear of the interface that nobody but the uber-geek would go near it.
As far as any sufficiently large business is concerned, nothing is illegal until such time as you have been taken to court and exhausted all the appeal avenues you're prepared to follow.