No, it's just that i've given up on trying to solve issues that are utterly impossible to figure out, because you're basically just guessing what the issue could be, based on your experience.
In my job, i've learned that this does not pay - fixing an out-of-warranty machine for 185 CHF per hour is _not_ something a customer will pay for - replacing the machine is cheaper and gets you a new one with 3 years of warranty.
Of course there are still friends and family, but i've stopped building machines for them from parts since i've got out of my apprenticeship. They'll expect instant and free support for every issue they have, so my recommendation is usually to get a machine from a local shop where they can annoy someone else.
The same goes for many software issues - sure, if i have a strange issue on one of my machines, i'll usually spend a few hours on trying to resolve, just to satisfy my curiosity. The same also goes for servers at work.
But if i have a non-reproducible problem on a client machine, replacing it with a swap machine and a fresh OS image immediately fixes the users issue and costs less money.
Add to that that a lot of hardware has been replaced by laptops, where you can do very little in case of issues, since replacement parts are fuck expensive and maintenance manuals sometimes hard to come by, depending on the manufacturer.
Also, most of the client machines at work consist of very few components, and fixing out of warranty machines makes little sense - a new ThinkCentre M58 costs around 1000$ - getting a replacement mainboard for an old A51 or such costs around 200$, plus labour, and if you're unlucky the problem wasn't the board but the psu, cpu or memory, and you'll need to order more parts and invest more work.
But hey, maybe i'm just to negative about this. Maybe you can enlighten me how you can sort out these issues.
I just hope at some point people will decide that ECC should be mandatory for everything.
GPUs like ATIs HD5800 series already employ memory with ECC.
2GB sticks are now the norm, systems with 4GB or 6GB of RAM pretty standard. So ECC would make a lot of sense. But we still don't see it anywhere, even though by now all modern hardware is capable of it (though Intel disables it on the consumer badged versions).
So they won't get a replacement machine, but it's the same thing. Call up the manufacturer, have him replace everything, and then restore from their last stable backup.
Repairing hardware makes no sense anymore. Just swap in a new machine from the pool, so the user will be happy again, call the manufacturer to send someone onsite to replace the system board, redeploy the image, and put the machine back into the pool.
At home, i usually replace the machine before it has a chance to get old and flaky.
I'm sorry, educating 9-5ers is impossible. They're just there for the money and don't give a shit how much work they cause others that take their job seriously.
For those who still haven't understood an important distinction about pirates, i'll explain it again.
There are, let's call them, enthusiasts. Basically, people that enjoy working with their computer for some reason or the other. Some of these pirate software, in order to get the latest and greatest and spend more money on new hardware or something. These guys can easily circumvent WGA or the Vista/7 activation using a BIOS-Emulator or a modified BIOS. From time to time, these patches need to be renewed, so it can be a hassle, but it can work reasonably well. These guys are able to install MSE, and they're not those targeted by these Microsoft decisions.
And there are the real criminals - people that sell Windows PCs without licenses. Which, in my opinion, is much worse then the above. Some customers may be aware of the shady business they're getting into, but not all of them. And that's where WGA is targeting - to ensure that these people learn that they were victims of a crime.
They can use the TPM to prevent booting a non-sanctioned OS. They can use Windows AppLocker and Permissions from running non-sanctioned Apps and running all sanctioned apps without admin privileges.
So what you'll need is a local privilege escalation attack to gain admin privileges on Windows 7, and then start hacking the hardware from there. Not impossible, but a lot of work for a 400$ piece of shit.
With Bitlocker in TPM mode (which these machines might have - the normal ones sure don't), they'll have to wipe the OS first. And then they won't be able to use in on the school networks and have lost all programs - and will get their machine confiscated at the next lesson.
Yes, but it's easily possible to completely remove admin privileges form users, even if they have full control over the hardware.
For example, if you have a TPM and use Bitlocker, you'll have to wait for the next Windows privilege escelation flaw in order to gain admin privileges, which isn't as trivial as booting ntpasswd and creating a new local admin account.
(Also, there are attacks against Bitlocker in TPM-only mode which include reading the RAM of the machine - they're even more difficult to do, and wouldn't be something a 12 year old could pull of)
But as someone higher up said - putting the "unhackable" adjective on this seems like a typical marketing/manager decision - while it is possible to get such a system up to a very rational level of security, where most of the kids using the machines won't be able to run any third party software on it, it's impossible to avoid that it will be possible to gain administrative privileges on one of these machines - sooner or later.
Slashdot Mirror
It gets recycled by SWICO http://www.swicorecycling.ch/.
The cost for that is included into the price of buying a new device.
Ah well, unfortunately i'm not old money and can't afford a year without a job.
No, it's just that i've given up on trying to solve issues that are utterly impossible to figure out, because you're basically just guessing what the issue could be, based on your experience.
In my job, i've learned that this does not pay - fixing an out-of-warranty machine for 185 CHF per hour is _not_ something a customer will pay for - replacing the machine is cheaper and gets you a new one with 3 years of warranty.
Of course there are still friends and family, but i've stopped building machines for them from parts since i've got out of my apprenticeship. They'll expect instant and free support for every issue they have, so my recommendation is usually to get a machine from a local shop where they can annoy someone else.
The same goes for many software issues - sure, if i have a strange issue on one of my machines, i'll usually spend a few hours on trying to resolve, just to satisfy my curiosity. The same also goes for servers at work.
But if i have a non-reproducible problem on a client machine, replacing it with a swap machine and a fresh OS image immediately fixes the users issue and costs less money.
Add to that that a lot of hardware has been replaced by laptops, where you can do very little in case of issues, since replacement parts are fuck expensive and maintenance manuals sometimes hard to come by, depending on the manufacturer.
Also, most of the client machines at work consist of very few components, and fixing out of warranty machines makes little sense - a new ThinkCentre M58 costs around 1000$ - getting a replacement mainboard for an old A51 or such costs around 200$, plus labour, and if you're unlucky the problem wasn't the board but the psu, cpu or memory, and you'll need to order more parts and invest more work.
But hey, maybe i'm just to negative about this. Maybe you can enlighten me how you can sort out these issues.
I just hope at some point people will decide that ECC should be mandatory for everything.
GPUs like ATIs HD5800 series already employ memory with ECC.
2GB sticks are now the norm, systems with 4GB or 6GB of RAM pretty standard. So ECC would make a lot of sense. But we still don't see it anywhere, even though by now all modern hardware is capable of it (though Intel disables it on the consumer badged versions).
So they won't get a replacement machine, but it's the same thing. Call up the manufacturer, have him replace everything, and then restore from their last stable backup.
Furmark http://www.ozone3d.net/benchmarks/fur/
Is better suited for stressing your GPU, it's also free.
That's not an Online UPS, so it won't protect against all grid issues. And Online UPS are expensive and noisy.
For stability tests, i prefer IntelBurnTest over Prime95. Basically it just automates running LinPack.
Will test memory as well, and has a 64bit version available.
http://downloads.guru3d.com/IntelBurnTest-v2.3-download-2047.html
Repairing hardware makes no sense anymore. Just swap in a new machine from the pool, so the user will be happy again, call the manufacturer to send someone onsite to replace the system board, redeploy the image, and put the machine back into the pool.
At home, i usually replace the machine before it has a chance to get old and flaky.
XP Media Center more or less replaced XP Home at some point, because as far as i know, they cost the same, but Media Center has more functionality
Is that a good or a bad review?
My 10 year old HP LaserJet 4m works perfectly on Windows 7 x64, thank you.
AppLocker fixes this in properly managed environments.
But there is no way, for any OS, to fix "user willingly downloads malware and runs it".
I'm sorry, educating 9-5ers is impossible. They're just there for the money and don't give a shit how much work they cause others that take their job seriously.
I'm currently in the process of migrating from VSE 8.7 to Forefront Client Protection, the for-pay version of MSE.
VSE is quite bad, since they want to upsell you to their Total Protection garbage.
MSE uses the same scanning engine as Forefront Client Security v2 will be using.
As such, it's a very good product without all the bullshit consumer version of Symantec or McAfee AV bring.
For those who still haven't understood an important distinction about pirates, i'll explain it again.
There are, let's call them, enthusiasts. Basically, people that enjoy working with their computer for some reason or the other. Some of these pirate software, in order to get the latest and greatest and spend more money on new hardware or something. These guys can easily circumvent WGA or the Vista/7 activation using a BIOS-Emulator or a modified BIOS. From time to time, these patches need to be renewed, so it can be a hassle, but it can work reasonably well. These guys are able to install MSE, and they're not those targeted by these Microsoft decisions.
And there are the real criminals - people that sell Windows PCs without licenses. Which, in my opinion, is much worse then the above. Some customers may be aware of the shady business they're getting into, but not all of them. And that's where WGA is targeting - to ensure that these people learn that they were victims of a crime.
The same applies to good janitors and good construction workers.
Most IT work is like a janitor (Sysadmin) or a construction worker (programmer).
My Atom 330 / ION setup runs Windows 7 fast & gracefully.
Bitlocker will prevent the easy "just modify the hard drive", and the TPM will prevent "just swap out the hard drive".
They can use the TPM to prevent booting a non-sanctioned OS.
They can use Windows AppLocker and Permissions from running non-sanctioned Apps and running all sanctioned apps without admin privileges.
So what you'll need is a local privilege escalation attack to gain admin privileges on Windows 7, and then start hacking the hardware from there.
Not impossible, but a lot of work for a 400$ piece of shit.
Which the TPM then can reject...
I mean, they're purchasing netbooks and running Linux on them instead of the lighter weight FreeDOS?
Perhaps they value functionality and being current instead of using an old OS?
With Bitlocker in TPM mode (which these machines might have - the normal ones sure don't), they'll have to wipe the OS first. And then they won't be able to use in on the school networks and have lost all programs - and will get their machine confiscated at the next lesson.
Yes, but it's easily possible to completely remove admin privileges form users, even if they have full control over the hardware.
For example, if you have a TPM and use Bitlocker, you'll have to wait for the next Windows privilege escelation flaw in order to gain admin privileges, which isn't as trivial as booting ntpasswd and creating a new local admin account.
(Also, there are attacks against Bitlocker in TPM-only mode which include reading the RAM of the machine - they're even more difficult to do, and wouldn't be something a 12 year old could pull of)
But as someone higher up said - putting the "unhackable" adjective on this seems like a typical marketing/manager decision - while it is possible to get such a system up to a very rational level of security, where most of the kids using the machines won't be able to run any third party software on it, it's impossible to avoid that it will be possible to gain administrative privileges on one of these machines - sooner or later.