I would say that is money well spent. After having been around the net for more than a few years now I would say "a site with even less intelligent discourse than Slashdot" is actually evidence that MORE people are reading/responding.
Now, I agree the original statement here is probably a bit overboard and reactionary, but let us go ahead and examine the trends. Attempts to ban Gay marriage ("immoral behavior") *Check*, Ban gays from the military *check*, Ban porn from the internet *check*, Spy on citizens because they might be related to the boogey man *Check*, Toss citizens in secret prisons to 'interrogate' them without any real charges and identity screwups *Check*, Refusing to allow citizens to travel due to identity confusion on relations to the boogey man *Check again*.
No, we are not Iran, but we are running down that road at breakneck speeds. Both the right and the left have been doing bang up jobs of attempting to legislate morality at every turn and destroying our constitution when they see fit. Eminent domain, banning gay marriage, banning free speech (Free Speech Zones are an absolute admission of this one), controlling the press (FCC nipple fiasco anyone), warrantless searches (phone taps, email taps, and the TIPS program is dangerously close), giant government database to keep track of potential boogey men (TIA), no my friends, our constitution is all but dead. Oh, except for when people are called to testify like good ol Condy, whips out that constitution in a heartbeat and starts talking about how it would be constitutionally wrong if she testified. Bastards, hard to hide behind a shredded paper.
I'm sorry your right, everyone who has bought an XP computer in the last few years is going to rush out and buy another $500(cheapo) to $1500 (nice hardware) system to avoid the $250 windows double plus good upgrade and support tax. If you have ever had to talk to ANY of the major tech supports you will know how it works. The shit is scripted crap read by phone jockeys that barely speak english, not some real tech support. So when Mom n Pop call in and "Mike Abibidibib" says "It no work in the Windows XP, you must be upgrade to Windows Vista"...well thats the voice of truth to em, and its off to the store for a new purchase.
Wrong! The average use does care about stability, about not losing their turn paper, about their computer not running like poo because its filled with scumware, about not having passwords stole, bout not having their credit card numbers yanked. There are a great number of benefits that users DO care about that have nothing to do with the technologist end of things. The problem is MS markets the hell out of that with their super duper windows genuine advantage (see right there, where the turn some screwed up computer disabling mess into "advantage"). They convince users that they are super secure and each version is more better secure double plus good upgrade now for only $250!.
I bet some years ago you would have been in the camp that talked about how noone would ever have a need for a computer in their home. Wake up and smell the silicon, almost everyone has one or at least frequently uses one. I don't know much about (slashdot happy fun car analogy time!) cars but I sure as shit care if the car I am getting is going to blow up if rock hits the bumper, or if its wheels will fall off after the first 10,000 miles.
It is absolutely OK to use these words based on this crap. If they don't like it they will stop doing it. This "badge of pride" thing is bullshit. You want to find the most vocal and angry people about affirmative action? Well buddy, it ain't the white "nigger hating rednecks" that are the loudest. It is the successful black men and women who are the most outraged by it. People use these words with "intent" to cause pain because people react to it. If noone on the planet batted an eyelash at "faggot" or "nigger" inside of a few years noone would even remember the word. That simple, unless of coarse you happen to know every derogatory term for any minority group that has been used in the last 50 years, I would suggest you realize that when people quit getting offended by it, the people trying to offend quit using it.
As for your little emotional outburst at the end there, I would counter that you have not been murdered in cold blood so you have no room to talk. But wait, I'm irish, and we were discriminated against too! So I want my time to cry about it and get my handouts and sympathy. Welcome to reality, people hate people for all reasons. People get abused, beaten up, and murdered in cold blood for their haircuts and tennis shoes, so don't whine like being gay gives you an exclusive pass on that.
There are 3 sides here to this verbal nonsense. The abuser, the abused, and the people who just don't give a shit about the little melodramatic dance the abuser and abused do. I think anyone here that has been through high school can tell you that if you just ignore the jackasses they eventually will go find someone else who will react the way they want.
Funny that you would say the lottery you don't want to win. I have been saying that about this whole mess and most of its related insanity. The massive government spending on this "Fear the boogeyman" campaign and its associated lock downs is like trying to use the lottery as an investment strategy. People are more afraid of a terrorist attack then they are of dying in an alcohol related incident, yet in 2001 even using the higher figure body count for 9/11 you were still something like 5000% more likely to die in an alcohol related incident. They will imprison and interrogate people who they think were talking to someone who might be thinking about a terror attack (or frequently just grab the wrong guy because they had the same name, I mean they are all terrorists right?), shuttle them off to secret prisons and torture (err we mean interrogate) them, yet they can pull your ass over stinking of booze and the most that will happen is you lose your license for a while and spend the night in the drunk tank.
At that point it is highly dependent on how the technology works. If it really is just as simple as using man made circuits to replace biological circuits I doubt there is much room for that style of programming. However, knowing humanity, the technology will eventually be at that state, and I'm certain we will have a whole slew of problems of that nature. Luckily I imagine it will be terribly expensive technology and only the wealthy elite will be able to afford it. So again I doubt it will be that type of programming until it is widespread, but more of subtle political manipulations. That type of programming would be infinitely more valuable if it was used for subtle things and remained undetected. This paranoid fear of the boogeyman is killing me, yes its a real threat, but you are FAR more likely to be fucked by your own government than by some towel head with a bomb strapped to his chest.
Not that I disagree with the idea presented, but I suspect that you have already been programmed by the media to make the evil terrorist association. Fact of the matter is the US and Russia and I imagine China and quite possibly a few others have gone MUCH MUCH farther towards this end than any evil boogeyman terrorist organization. Look up some of the freak science shit the US and Russia were doing during the cold war. Makes strapping a bomb to your chest seem rather stone age.
That aside, I suspect it would be a terrible waste for any terrorist organization to even bother given that their prefered method of fighting frequently involves self detonation/destruction. (Slashdot Car Analogy Time!) Its like buying a Mercedes to go to the demolition derby, it just doesn't make sense.
Should be quartered and their parts left in the corners of the building as a reminder for everyone else who thinks they should do something like that. Unfortunately the "civilized" world doesn't like that much.
Personal mail IS just as much of a security risk as installing software. Let the users do non risky things, thats fine. But personal outside email is a huge damned risk, noone wants to believe it is, and I have actually bust people on this on networks that you can get sent to jail for screwing up. I'm not saying be draconian and horrible to users and not let them do anything, but personal mail is one of those things they had better not be doing. Its just too large of a vector for badness to come in. Do you control those mail servers? Are you able to scan the attachments? Are you able to disallow types of attachments? God forbid if you allow them to use outlook or some other such to access extermal mail, in that case you should be shot on sight. Webmail isn't quite as evil, but evil enough that it shouldn't be going on.
A good network manager's responsibility is not to the user. That's like saying an accountants responsibility is to the client when it isn't, the accountants responsibility is to the auditor. That is how you build trust, that is how you build stability, and that is how you build a reputation for being the best. Then the clients know you will keep them out of trouble by making sure there is no trouble, not by covering up some crap to try and hide it. A good network manager/security admin/whatever has a responsibility to the company, not the user. People say stupid shit like this, oooh poor users they are so downtrodden, but then are ready to execute people for losing thousands of social security numbers. Their security guy should have had much better policy, and enforced it much more clearly, and then generally the users go on their merry way without causing themselves or the company a world of hurt. Go try this attitude when you work on classified networks, or hospital networks, or any other network that has sensitive information and is subject to strict outside policy. I promise you don't want to be the guy in the crosshairs when something goes wrong on your watch.
Well allowing SSH out is kinda sketchy. I wouldn't allow SSH out except for specific approved machines/reasons. Primarily because you can tunnel all forms of nasty in and out of the network with it and nothing can peek in on the data to see what is going on.
VPN maybe if the host network is setup to allow it, but I think probably the best solution (in terms of reliability at least) is to get bluetooth in on the action. Get a cellphone, pay the extra $10/month or whatever it is for unlimited net usage, and hook up the laptop via bluetooth (beats the hell out of those cellular modem things that cost so damned much). Sadly my phone is too old, but my supervisor does that with his while traveling and he says it works great. Lets you dodge all of the security issues involved in trying to get a foreign laptop onto the network.
As far as you being the owner of the network and allowing guest access to others visiting I think the first thing to do would be to corral the visiting machines off in their own VLAN and have it be treated as an external network by all your stuff. Sure they may be able to use your pipe to the world (again, push em through your firewall/proxy), but at least your stuff will treat them like the potentially dirty foreigners they are:).
Because I assume you don't understand the problem. Reading webpages at work is generally safe to do providing you have a good proxy and filtering to weed out the darker corners. I frequently read the news and slashdot and other sites during downtime at work. I don't visit popup ridden exploit havens like myspace or do webmail allowing a whole vector of nastiness in and the good proxy filtering stops the others from doing the same. The first thing I do with keys to the kingdom is break them up so noone has all the keys to the kingdom because its poor security to have one guy that can do everything. I have no problem with people surfing the web or otherwise finding entertainment (local IPTV) and such to make the day go by. Games can even be ok in some circumstances so long as they are legit and aren't interfering with mission stuff. But people start putting cracked games on the network and you have to drop the hammer. Unless of coarse you can read ASM and prescreen every crack to make sure it doesn't do anything but allow illegal use of software, but then you have that pesky illegal use of software thing...so bzzt wrong. Users running email servers on the corporate network and allowing outbound 25 is beyond stupid and any "security" guy that would allow that should be fired along with the people doing it.
IT narrowmindedness? Sure, whatever, I am so sick of users justifying the most insane bullshit on the network and then crying about the IT department being enforcing such harsh restrictions. Go buy your own internet access and expose your home network to whatever you want, not mine. Then on top of this its the IT departments fault when the secretary has installed 18 random mouse cursors and other malware crap and her computer runs like shit. While doing contract work I almost watched a woman get fired on the spot for that crap because they kept having to call my company in and send me out to bill them for something like $70/hr to come and fix this womans PC. Finally the boss asked me what it was and I told him she has all this garbage installed and every time I remove it she puts it back on and then I have to come back out and fix it. So...she was costing her company hundreds of dollars in support because she just HAD to have the puppy theme for IE and all the puppy cursors.
Further, since I have frequently worked on secure networks, if I catch you doing something stupid you are likely to get reprimanded and depending on the level of stupid fired, if higher up the chain catches you, or something bad happens due to your nonsense...you are looking at fired or jail. So in fact when dealing with sensitive networks that is the method because it isn't fun and games, its business, and the corporate network doesn't exist for your amusement. There is plenty you can do to kill time with a solid network with good policy, that doesn't involve installing a bunch of BS, or allowing IM/Email/etc. Unless you haven't been watching the news, data exfiltration is a major issue, and most problems are inside jobs.
I seriously don't understand this IT narrowmindedness crap that keeps coming up. Users expect their IT department to protect them. They follow the logic of "if I can do it then I must be allowed to do it and it must be ok" A good IT department lays down solid policy and enforces it. Security is everyones business, but its the IT departments job. You can bet your ass the first time something goes wrong the IT department is going to be answering alot of questions about "why didn't you have something in place to prevent this".
Exposing your network to user stupidity has nothing to do with morale. People cry this morale bullshit when trying to justify poor policy or poor behavior when its just a failure to do their job or take security seriously. We have had IPTV on the network for ages, you can watch any number of TV channels fed through the network. Live TV, and not sucking down precious internet bandwidth. But people will still bitch and moan about wanting streaming media so they can watch whatever stupid clips they find on myspace that have driveby malware installs and other such exploits and then when a good admin blocks myspace people like you will cry about how aweful and draconian it is to protect your network from threats when the users want to expose millions of dollars of equipment to risk.
I invite you to go deal with a melissa "virus" type cleanup, not even really a virus, user must interact with it and it still spread like wildfire and caused millions in damages on just the few networks I supported at the time. (In fact almost watched a guy get fired on that one too for causing the loss of 2GB of marketing images). Even better, go deal with a real virus that can spread on its own because some dumb bastard clicked on cool_mp3.scr from his webmail that he shouldn't have been using. A real outbreak costs an insane amount to contain and most of the time it could have been prevented by good policy and enforcing that policy.
My responsibility is to the security of the network, not the whim of the user.
I seriously hope you are being sarcastic. If I ran across a firewall admin on any corporate network allowing outbound 25 from anything but the corporate email servers I would suggest canning their asses in a heartbeat. It is just stupid on so many levels. First of all checking personal email from work should be on the top 10 things of "you aren't allowed to use the corporate network for this", beyond that, outbound 25 has precious little to do with that anyways, unless they are running an email server on the corporate network in which case that should be #0 on the list since #1 assumes that your employees aren't stupid enough to use your corporate resources to run personal servers, either way a good firing would fix that in a hurry. Honestly, since most corporate networks these days are using exchange boxes, they shouldn't even really be allowing outbound 25 from ANYTHING on the internal network. A good admin will have a secured relay be it part of the firewall or a sun box or something other than allowing the win/exchange boxes from talking directly to the net.
You can argue morale issues until you are blue in the face, network security should trump that in 99% of those cases. The enterprise network exists for the sole benefit of the enterprise. Personal email, instant messages, myspace, what the hell ever, has a risk that FAR outweighs any potential benefit. If your employees can't leave their email/myspace/im friends for 8hrs a day you should probably find employees who can. There is plenty of websurfing around that doesn't involve grotesque breeches of security to keep people entertained while they are being productive. If the company is paying you so little that you can't afford your own internet access you should probably find a new job.
Hey, I'm as pissed off as the next guy about corporate ethics these days, but you are right on the damned money on this. Do you think anyone here on slashdot would give a rats ass if the story WAS about how McDonald's fired its highest paid employees?
Having come from a 'wonderful' day of shopping at CompUSA I just would like to quote a certain Simpson's character with "HA HA". Seriously I have NEVER been into a megachain computer store that didn't come with pushy and uninformed sales people. If they even had the slightest clue about what the hell they were selling they would probably have a better job elsewhere. I'm sorry but a trained monkey working for banana's can tell grandma that she needs the uber deluxe megafast hyperthreaded super flatscreen wireless whatnot to send email to her kids. In fact, any time I had to go into one of these pits as a kid to buy something (hey, megachains do tend to run really nice specials from time to time) I would make it a point to spend that extra time between sales pitch and the sales rep running off to grab paperwork to inform the customer of what was really going on and what they really needed. I can't go in there looking for a specific item without them trying to upsell me some bullshit, despite my insistance that item X is what I want because X, Y and Z don't freaking work, they do more than I need, or just cost too damned much, and frequently refusing to answer where the hell item X is without pressuring me into 20 questions about why I should buy something else.
The only part of the "American Dream" this even remotely relates do is that part that drives people to buy lottery tickets, or to refinance homes for.25% better rates, or any number of other moronic free lunch chasing behaviors that are largely related to piss poor math skills. The sad truth is that the American Dream has been replaced by a bunch of bastards that just want to be lazy and get handouts while spending themselves into stupid debts on credit. Do some freaking work and quit spending on credit and the economy will be in MUCH better shape. Easy credit has destroyed our market becuase people are willing to pay insane prices for bullshit because they just swipe some plastic and they get what they want.
Standing up to the DoJ in our current times of paranoia isn't exactly a hot idea either but it turned out well for them. And everyone is referencing their actions with the judge finally killing COPA so that is quite a bit of positive PR.
You seem to be under the confused idea that our congress critters actually do their job in a fashion that has ANYTHING at all to do with how they are supposed to be doing it. Now, I think your point is rock freaking solid if I believed for a second any one of our congress critters actually paid a bit of attention to that. The problem is, basically EVERY other action they have taken in the last decade or two have almost run completely counter to what the constitution says. Thankfully every so often we get folks in the judiciary branch with testicles large enough to start striking this crap down as unconstitutional.
I think your right in that it isn't some sinister desire to ignore human rights. (discounting the current executive branch). I think more than anything its "Whateva, I do what I want!" (again, unfortunately more prevalent than ever in our current executive branch). This stuff is actually the heart of the problem with the speed limit laws and drinking age laws among other things. The federal government can't force the states to uphold those laws, what they do is draim money out of that state in federal taxes and then refuse to give any of that money back unless they comply with the laws. So they always find their sheisty ways of doing that end run around the constitution anyways.
Not in America. Blind eye = surprise lawsuit potential. If they are ignoring you they can exert undue influence and it becomes a waiting game of WHEN they will file not if (when being when you quit playing ball with their back room demands). In our legal system it would allow them to set a precedent if they win.
Wow...so here we go yet again. Honorary degree's for people worthless in their field. Bill Gates is an excellent marketeer, monopolist, and theif. He is trash in IT. He makes the most innane "predictions" and MS products are constantly playing catchup in terms of innovation (well, maybe not catchup, so much as embrace, extend, extinguish).
Let us not forget...Bush got his from Yale. Ahh...Once again excellent business and legislative skills have earned him a pretty ticket. Well, if you count absolute contempt and disregard for the law. War, wiretaps, refusal to answer to any kind of subpoenas and the like. Ahh...
These colleges seem to be getting more and more worthless and just sucking in big name people to prop their notoriety up. Fact is people are getting excellent educations in the real world and non brand name colleges.
Not that I really disagree with much of any of what you said. I think the Hot Coffee nonsense is a tad different, because not only should it have not been on the disc in the first place, those asshats tried to blame it all on the eeeevil hackers putting it there. They knew full well what they were doing and should be slapped around. Now on the flip side Oblivion should never have been bothered with since their 'evil sex stuff' was entirely user created and was not actually put there the same way Hot Coffee was.
Beyond that, as much as I hate to say it, Strom was kinda right. Not sure where you live, but in the more populated areas this gangsta thug rap shit HAS done alot of damage. While the rock star debauchery can also be pointed at, it doesn't really involve the whole murder, take what you want,and other completely ignorant style nonsense that the rap/hip hop culture promotes. (There are some good rap/hip hop artists around that are terribly talented that are capable of complex rhymes using large words, but they don't generally get much promotion)
And they said video games would ruin us! I mean its not like a bunch of our generation sit around in dark rooms with flashing lights eating 'power pills' listening to techno music right?:) Let us not forget the mushrooms make you big, and the bad mushrooms can kill you! All in all its the parents responsibility to..well...be freaking parents. But the flip side to that coin is it would be terribly hard to properly raise a child if hardcore pornography was glorified in every style of media. (I still think its utterly moronic that we are so quick to fly off the handle about a nipple, or someone dropping the F-bomb, but gross ammounts of violence is completely ignored)
I would guess that it would be a pretty stupid reason to buy YouTube. I imagine the reasons for buying YouTube go far beyond just wanting to be a target for a lawsuit. However, it may have been seen as a bonus possible outcome. "If we buy this, someone might decide to go sue happy on us, and then we can likely crush that nonsense, make a big public showing of the ordeal, and secure our business that drove us to buy YouTube from future assault".
Nothing at all like the Marilyn Manson thing who so many people are convinced is the anti-christ. He has even admitted to doing these things for that very purpose and fan and foe alike refuse to believe it.
It has been my experience that the fires frequently come from IGNORING the network engineer and management "improving" the network anyways. I was working at a university that had a very large flat class B network. They used some bizarre system of manual DHCP to manage IPs. You logged into a mainframe, entered a bunch of info about the computer, took a serial numbered sticker, entered the sticker number, the mainframe gave you the IP, and then you configured the computer with that IP and put the serial numbered sticker on it. Now of coarse they had hundreds of printers, and printers tend to make alot of noise on a network. So someone up top read about this VLAN thing that would magically solve all their problems. Now, I had been suggesting subnetting to clean up the network and using DHCP to make it a little more sane but NOOOOOO they didn't wanna hear that, they wanted the magical VLAN solution. So not knowing much about it I got some whitepapers on VLANs and read...first thing I learned...you must subnet! So I showed them, they again didn't want to hear it. In the end I got to work through a 4 day weekend because they thought it would be a good idea to implement without a clue and they brought the ENTIRE university network to its knees.
Slashdot Mirror
I would say that is money well spent. After having been around the net for more than a few years now I would say "a site with even less intelligent discourse than Slashdot" is actually evidence that MORE people are reading/responding.
Now, I agree the original statement here is probably a bit overboard and reactionary, but let us go ahead and examine the trends. Attempts to ban Gay marriage ("immoral behavior") *Check*, Ban gays from the military *check*, Ban porn from the internet *check*, Spy on citizens because they might be related to the boogey man *Check*, Toss citizens in secret prisons to 'interrogate' them without any real charges and identity screwups *Check*, Refusing to allow citizens to travel due to identity confusion on relations to the boogey man *Check again*.
No, we are not Iran, but we are running down that road at breakneck speeds. Both the right and the left have been doing bang up jobs of attempting to legislate morality at every turn and destroying our constitution when they see fit. Eminent domain, banning gay marriage, banning free speech (Free Speech Zones are an absolute admission of this one), controlling the press (FCC nipple fiasco anyone), warrantless searches (phone taps, email taps, and the TIPS program is dangerously close), giant government database to keep track of potential boogey men (TIA), no my friends, our constitution is all but dead. Oh, except for when people are called to testify like good ol Condy, whips out that constitution in a heartbeat and starts talking about how it would be constitutionally wrong if she testified. Bastards, hard to hide behind a shredded paper.
I'm sorry your right, everyone who has bought an XP computer in the last few years is going to rush out and buy another $500(cheapo) to $1500 (nice hardware) system to avoid the $250 windows double plus good upgrade and support tax. If you have ever had to talk to ANY of the major tech supports you will know how it works. The shit is scripted crap read by phone jockeys that barely speak english, not some real tech support. So when Mom n Pop call in and "Mike Abibidibib" says "It no work in the Windows XP, you must be upgrade to Windows Vista"...well thats the voice of truth to em, and its off to the store for a new purchase.
Does the FSM count?
Wrong! The average use does care about stability, about not losing their turn paper, about their computer not running like poo because its filled with scumware, about not having passwords stole, bout not having their credit card numbers yanked. There are a great number of benefits that users DO care about that have nothing to do with the technologist end of things. The problem is MS markets the hell out of that with their super duper windows genuine advantage (see right there, where the turn some screwed up computer disabling mess into "advantage"). They convince users that they are super secure and each version is more better secure double plus good upgrade now for only $250!.
I bet some years ago you would have been in the camp that talked about how noone would ever have a need for a computer in their home. Wake up and smell the silicon, almost everyone has one or at least frequently uses one. I don't know much about (slashdot happy fun car analogy time!) cars but I sure as shit care if the car I am getting is going to blow up if rock hits the bumper, or if its wheels will fall off after the first 10,000 miles.
It is absolutely OK to use these words based on this crap. If they don't like it they will stop doing it. This "badge of pride" thing is bullshit. You want to find the most vocal and angry people about affirmative action? Well buddy, it ain't the white "nigger hating rednecks" that are the loudest. It is the successful black men and women who are the most outraged by it. People use these words with "intent" to cause pain because people react to it. If noone on the planet batted an eyelash at "faggot" or "nigger" inside of a few years noone would even remember the word. That simple, unless of coarse you happen to know every derogatory term for any minority group that has been used in the last 50 years, I would suggest you realize that when people quit getting offended by it, the people trying to offend quit using it.
As for your little emotional outburst at the end there, I would counter that you have not been murdered in cold blood so you have no room to talk. But wait, I'm irish, and we were discriminated against too! So I want my time to cry about it and get my handouts and sympathy. Welcome to reality, people hate people for all reasons. People get abused, beaten up, and murdered in cold blood for their haircuts and tennis shoes, so don't whine like being gay gives you an exclusive pass on that.
There are 3 sides here to this verbal nonsense. The abuser, the abused, and the people who just don't give a shit about the little melodramatic dance the abuser and abused do. I think anyone here that has been through high school can tell you that if you just ignore the jackasses they eventually will go find someone else who will react the way they want.
Funny that you would say the lottery you don't want to win. I have been saying that about this whole mess and most of its related insanity. The massive government spending on this "Fear the boogeyman" campaign and its associated lock downs is like trying to use the lottery as an investment strategy. People are more afraid of a terrorist attack then they are of dying in an alcohol related incident, yet in 2001 even using the higher figure body count for 9/11 you were still something like 5000% more likely to die in an alcohol related incident. They will imprison and interrogate people who they think were talking to someone who might be thinking about a terror attack (or frequently just grab the wrong guy because they had the same name, I mean they are all terrorists right?), shuttle them off to secret prisons and torture (err we mean interrogate) them, yet they can pull your ass over stinking of booze and the most that will happen is you lose your license for a while and spend the night in the drunk tank.
At that point it is highly dependent on how the technology works. If it really is just as simple as using man made circuits to replace biological circuits I doubt there is much room for that style of programming. However, knowing humanity, the technology will eventually be at that state, and I'm certain we will have a whole slew of problems of that nature. Luckily I imagine it will be terribly expensive technology and only the wealthy elite will be able to afford it. So again I doubt it will be that type of programming until it is widespread, but more of subtle political manipulations. That type of programming would be infinitely more valuable if it was used for subtle things and remained undetected. This paranoid fear of the boogeyman is killing me, yes its a real threat, but you are FAR more likely to be fucked by your own government than by some towel head with a bomb strapped to his chest.
Not that I disagree with the idea presented, but I suspect that you have already been programmed by the media to make the evil terrorist association. Fact of the matter is the US and Russia and I imagine China and quite possibly a few others have gone MUCH MUCH farther towards this end than any evil boogeyman terrorist organization. Look up some of the freak science shit the US and Russia were doing during the cold war. Makes strapping a bomb to your chest seem rather stone age.
That aside, I suspect it would be a terrible waste for any terrorist organization to even bother given that their prefered method of fighting frequently involves self detonation/destruction. (Slashdot Car Analogy Time!) Its like buying a Mercedes to go to the demolition derby, it just doesn't make sense.
Should be quartered and their parts left in the corners of the building as a reminder for everyone else who thinks they should do something like that. Unfortunately the "civilized" world doesn't like that much.
Personal mail IS just as much of a security risk as installing software. Let the users do non risky things, thats fine. But personal outside email is a huge damned risk, noone wants to believe it is, and I have actually bust people on this on networks that you can get sent to jail for screwing up. I'm not saying be draconian and horrible to users and not let them do anything, but personal mail is one of those things they had better not be doing. Its just too large of a vector for badness to come in. Do you control those mail servers? Are you able to scan the attachments? Are you able to disallow types of attachments? God forbid if you allow them to use outlook or some other such to access extermal mail, in that case you should be shot on sight. Webmail isn't quite as evil, but evil enough that it shouldn't be going on.
A good network manager's responsibility is not to the user. That's like saying an accountants responsibility is to the client when it isn't, the accountants responsibility is to the auditor. That is how you build trust, that is how you build stability, and that is how you build a reputation for being the best. Then the clients know you will keep them out of trouble by making sure there is no trouble, not by covering up some crap to try and hide it. A good network manager/security admin/whatever has a responsibility to the company, not the user. People say stupid shit like this, oooh poor users they are so downtrodden, but then are ready to execute people for losing thousands of social security numbers. Their security guy should have had much better policy, and enforced it much more clearly, and then generally the users go on their merry way without causing themselves or the company a world of hurt. Go try this attitude when you work on classified networks, or hospital networks, or any other network that has sensitive information and is subject to strict outside policy. I promise you don't want to be the guy in the crosshairs when something goes wrong on your watch.
Well allowing SSH out is kinda sketchy. I wouldn't allow SSH out except for specific approved machines/reasons. Primarily because you can tunnel all forms of nasty in and out of the network with it and nothing can peek in on the data to see what is going on.
:).
VPN maybe if the host network is setup to allow it, but I think probably the best solution (in terms of reliability at least) is to get bluetooth in on the action. Get a cellphone, pay the extra $10/month or whatever it is for unlimited net usage, and hook up the laptop via bluetooth (beats the hell out of those cellular modem things that cost so damned much). Sadly my phone is too old, but my supervisor does that with his while traveling and he says it works great. Lets you dodge all of the security issues involved in trying to get a foreign laptop onto the network.
As far as you being the owner of the network and allowing guest access to others visiting I think the first thing to do would be to corral the visiting machines off in their own VLAN and have it be treated as an external network by all your stuff. Sure they may be able to use your pipe to the world (again, push em through your firewall/proxy), but at least your stuff will treat them like the potentially dirty foreigners they are
Because I assume you don't understand the problem. Reading webpages at work is generally safe to do providing you have a good proxy and filtering to weed out the darker corners. I frequently read the news and slashdot and other sites during downtime at work. I don't visit popup ridden exploit havens like myspace or do webmail allowing a whole vector of nastiness in and the good proxy filtering stops the others from doing the same. The first thing I do with keys to the kingdom is break them up so noone has all the keys to the kingdom because its poor security to have one guy that can do everything. I have no problem with people surfing the web or otherwise finding entertainment (local IPTV) and such to make the day go by. Games can even be ok in some circumstances so long as they are legit and aren't interfering with mission stuff. But people start putting cracked games on the network and you have to drop the hammer. Unless of coarse you can read ASM and prescreen every crack to make sure it doesn't do anything but allow illegal use of software, but then you have that pesky illegal use of software thing...so bzzt wrong. Users running email servers on the corporate network and allowing outbound 25 is beyond stupid and any "security" guy that would allow that should be fired along with the people doing it.
:)
Oh and yes, I am posting from home
IT narrowmindedness? Sure, whatever, I am so sick of users justifying the most insane bullshit on the network and then crying about the IT department being enforcing such harsh restrictions. Go buy your own internet access and expose your home network to whatever you want, not mine. Then on top of this its the IT departments fault when the secretary has installed 18 random mouse cursors and other malware crap and her computer runs like shit. While doing contract work I almost watched a woman get fired on the spot for that crap because they kept having to call my company in and send me out to bill them for something like $70/hr to come and fix this womans PC. Finally the boss asked me what it was and I told him she has all this garbage installed and every time I remove it she puts it back on and then I have to come back out and fix it. So...she was costing her company hundreds of dollars in support because she just HAD to have the puppy theme for IE and all the puppy cursors.
Further, since I have frequently worked on secure networks, if I catch you doing something stupid you are likely to get reprimanded and depending on the level of stupid fired, if higher up the chain catches you, or something bad happens due to your nonsense...you are looking at fired or jail. So in fact when dealing with sensitive networks that is the method because it isn't fun and games, its business, and the corporate network doesn't exist for your amusement. There is plenty you can do to kill time with a solid network with good policy, that doesn't involve installing a bunch of BS, or allowing IM/Email/etc. Unless you haven't been watching the news, data exfiltration is a major issue, and most problems are inside jobs.
I seriously don't understand this IT narrowmindedness crap that keeps coming up. Users expect their IT department to protect them. They follow the logic of "if I can do it then I must be allowed to do it and it must be ok" A good IT department lays down solid policy and enforces it. Security is everyones business, but its the IT departments job. You can bet your ass the first time something goes wrong the IT department is going to be answering alot of questions about "why didn't you have something in place to prevent this".
Exposing your network to user stupidity has nothing to do with morale. People cry this morale bullshit when trying to justify poor policy or poor behavior when its just a failure to do their job or take security seriously. We have had IPTV on the network for ages, you can watch any number of TV channels fed through the network. Live TV, and not sucking down precious internet bandwidth. But people will still bitch and moan about wanting streaming media so they can watch whatever stupid clips they find on myspace that have driveby malware installs and other such exploits and then when a good admin blocks myspace people like you will cry about how aweful and draconian it is to protect your network from threats when the users want to expose millions of dollars of equipment to risk.
I invite you to go deal with a melissa "virus" type cleanup, not even really a virus, user must interact with it and it still spread like wildfire and caused millions in damages on just the few networks I supported at the time. (In fact almost watched a guy get fired on that one too for causing the loss of 2GB of marketing images). Even better, go deal with a real virus that can spread on its own because some dumb bastard clicked on cool_mp3.scr from his webmail that he shouldn't have been using. A real outbreak costs an insane amount to contain and most of the time it could have been prevented by good policy and enforcing that policy.
My responsibility is to the security of the network, not the whim of the user.
I seriously hope you are being sarcastic. If I ran across a firewall admin on any corporate network allowing outbound 25 from anything but the corporate email servers I would suggest canning their asses in a heartbeat. It is just stupid on so many levels. First of all checking personal email from work should be on the top 10 things of "you aren't allowed to use the corporate network for this", beyond that, outbound 25 has precious little to do with that anyways, unless they are running an email server on the corporate network in which case that should be #0 on the list since #1 assumes that your employees aren't stupid enough to use your corporate resources to run personal servers, either way a good firing would fix that in a hurry. Honestly, since most corporate networks these days are using exchange boxes, they shouldn't even really be allowing outbound 25 from ANYTHING on the internal network. A good admin will have a secured relay be it part of the firewall or a sun box or something other than allowing the win/exchange boxes from talking directly to the net.
You can argue morale issues until you are blue in the face, network security should trump that in 99% of those cases. The enterprise network exists for the sole benefit of the enterprise. Personal email, instant messages, myspace, what the hell ever, has a risk that FAR outweighs any potential benefit. If your employees can't leave their email/myspace/im friends for 8hrs a day you should probably find employees who can. There is plenty of websurfing around that doesn't involve grotesque breeches of security to keep people entertained while they are being productive. If the company is paying you so little that you can't afford your own internet access you should probably find a new job.
Hey, I'm as pissed off as the next guy about corporate ethics these days, but you are right on the damned money on this. Do you think anyone here on slashdot would give a rats ass if the story WAS about how McDonald's fired its highest paid employees?
.25% better rates, or any number of other moronic free lunch chasing behaviors that are largely related to piss poor math skills. The sad truth is that the American Dream has been replaced by a bunch of bastards that just want to be lazy and get handouts while spending themselves into stupid debts on credit. Do some freaking work and quit spending on credit and the economy will be in MUCH better shape. Easy credit has destroyed our market becuase people are willing to pay insane prices for bullshit because they just swipe some plastic and they get what they want.
Having come from a 'wonderful' day of shopping at CompUSA I just would like to quote a certain Simpson's character with "HA HA". Seriously I have NEVER been into a megachain computer store that didn't come with pushy and uninformed sales people. If they even had the slightest clue about what the hell they were selling they would probably have a better job elsewhere. I'm sorry but a trained monkey working for banana's can tell grandma that she needs the uber deluxe megafast hyperthreaded super flatscreen wireless whatnot to send email to her kids. In fact, any time I had to go into one of these pits as a kid to buy something (hey, megachains do tend to run really nice specials from time to time) I would make it a point to spend that extra time between sales pitch and the sales rep running off to grab paperwork to inform the customer of what was really going on and what they really needed. I can't go in there looking for a specific item without them trying to upsell me some bullshit, despite my insistance that item X is what I want because X, Y and Z don't freaking work, they do more than I need, or just cost too damned much, and frequently refusing to answer where the hell item X is without pressuring me into 20 questions about why I should buy something else.
The only part of the "American Dream" this even remotely relates do is that part that drives people to buy lottery tickets, or to refinance homes for
Never said it was a good plan. :)
Standing up to the DoJ in our current times of paranoia isn't exactly a hot idea either but it turned out well for them. And everyone is referencing their actions with the judge finally killing COPA so that is quite a bit of positive PR.
You seem to be under the confused idea that our congress critters actually do their job in a fashion that has ANYTHING at all to do with how they are supposed to be doing it. Now, I think your point is rock freaking solid if I believed for a second any one of our congress critters actually paid a bit of attention to that. The problem is, basically EVERY other action they have taken in the last decade or two have almost run completely counter to what the constitution says. Thankfully every so often we get folks in the judiciary branch with testicles large enough to start striking this crap down as unconstitutional.
I think your right in that it isn't some sinister desire to ignore human rights. (discounting the current executive branch). I think more than anything its "Whateva, I do what I want!" (again, unfortunately more prevalent than ever in our current executive branch). This stuff is actually the heart of the problem with the speed limit laws and drinking age laws among other things. The federal government can't force the states to uphold those laws, what they do is draim money out of that state in federal taxes and then refuse to give any of that money back unless they comply with the laws. So they always find their sheisty ways of doing that end run around the constitution anyways.
Unzip
Not in America. Blind eye = surprise lawsuit potential. If they are ignoring you they can exert undue influence and it becomes a waiting game of WHEN they will file not if (when being when you quit playing ball with their back room demands). In our legal system it would allow them to set a precedent if they win.
Wow...so here we go yet again. Honorary degree's for people worthless in their field. Bill Gates is an excellent marketeer, monopolist, and theif. He is trash in IT. He makes the most innane "predictions" and MS products are constantly playing catchup in terms of innovation (well, maybe not catchup, so much as embrace, extend, extinguish).
Let us not forget...Bush got his from Yale. Ahh...Once again excellent business and legislative skills have earned him a pretty ticket. Well, if you count absolute contempt and disregard for the law. War, wiretaps, refusal to answer to any kind of subpoenas and the like. Ahh...
These colleges seem to be getting more and more worthless and just sucking in big name people to prop their notoriety up. Fact is people are getting excellent educations in the real world and non brand name colleges.
Not that I really disagree with much of any of what you said. I think the Hot Coffee nonsense is a tad different, because not only should it have not been on the disc in the first place, those asshats tried to blame it all on the eeeevil hackers putting it there. They knew full well what they were doing and should be slapped around. Now on the flip side Oblivion should never have been bothered with since their 'evil sex stuff' was entirely user created and was not actually put there the same way Hot Coffee was.
:) Let us not forget the mushrooms make you big, and the bad mushrooms can kill you! All in all its the parents responsibility to..well...be freaking parents. But the flip side to that coin is it would be terribly hard to properly raise a child if hardcore pornography was glorified in every style of media. (I still think its utterly moronic that we are so quick to fly off the handle about a nipple, or someone dropping the F-bomb, but gross ammounts of violence is completely ignored)
Beyond that, as much as I hate to say it, Strom was kinda right. Not sure where you live, but in the more populated areas this gangsta thug rap shit HAS done alot of damage. While the rock star debauchery can also be pointed at, it doesn't really involve the whole murder, take what you want,and other completely ignorant style nonsense that the rap/hip hop culture promotes. (There are some good rap/hip hop artists around that are terribly talented that are capable of complex rhymes using large words, but they don't generally get much promotion)
And they said video games would ruin us! I mean its not like a bunch of our generation sit around in dark rooms with flashing lights eating 'power pills' listening to techno music right?
I would guess that it would be a pretty stupid reason to buy YouTube. I imagine the reasons for buying YouTube go far beyond just wanting to be a target for a lawsuit. However, it may have been seen as a bonus possible outcome. "If we buy this, someone might decide to go sue happy on us, and then we can likely crush that nonsense, make a big public showing of the ordeal, and secure our business that drove us to buy YouTube from future assault".
Nothing at all like the Marilyn Manson thing who so many people are convinced is the anti-christ. He has even admitted to doing these things for that very purpose and fan and foe alike refuse to believe it.
It has been my experience that the fires frequently come from IGNORING the network engineer and management "improving" the network anyways. I was working at a university that had a very large flat class B network. They used some bizarre system of manual DHCP to manage IPs. You logged into a mainframe, entered a bunch of info about the computer, took a serial numbered sticker, entered the sticker number, the mainframe gave you the IP, and then you configured the computer with that IP and put the serial numbered sticker on it. Now of coarse they had hundreds of printers, and printers tend to make alot of noise on a network. So someone up top read about this VLAN thing that would magically solve all their problems. Now, I had been suggesting subnetting to clean up the network and using DHCP to make it a little more sane but NOOOOOO they didn't wanna hear that, they wanted the magical VLAN solution. So not knowing much about it I got some whitepapers on VLANs and read...first thing I learned...you must subnet! So I showed them, they again didn't want to hear it. In the end I got to work through a 4 day weekend because they thought it would be a good idea to implement without a clue and they brought the ENTIRE university network to its knees.