" Actually, for RAID 5 you'd need a minimum of 3 drives."
Yes. And for RAID 1 (mirroring) you only need two, which I believe is what the person meant when suggesting "a decent motherboard will come with a RAID IDE controller, so you could easily just grab a pair of 250 WD caviars"
It's the nature of customer service to be asked to provide infinite knowledge and support with little or know reliable input from the customer. And its the nature of the customer to always want more and never feel completely satisfied. End users will never have a good technical understanding of the problems they encounter nor will they know how to communicate that as more than their frustration.
Take auto repair centers. Cars have been around for over a century now, and yet the average schmoe who brings a car in with a problem usually describes it as "there's this noise" or "its just runs funny". And even the most competent mechanics have to put up with the "end user" who feels cheated simply because he/she doesn't have a clue what the mechanic actually did.
The technology may change, but the nature of the people using it and needing support never will.
The best support techs I know are those that have good listening and analytical skills. "People skills". Not necessarily the most knowledgeable people, but the ones that can listen to the end user, break the problem down into concrete areas, and if unable to fix it can at least escalate and communicate the problem properly to those who can.
The comment previously about the Bicycle Repairman skit on Monty Python made a good point.
As there is no way to construe any of what they did as appropriate.
BUT . . . felony? c'mon. Even _IF_ they had "hacked" (and I use that lightly here since it sounds like they simply elevated local privileges and did nothing to the network, servers, or corporate data) a suspension, detention, etc would more than suffice.
This is at best an issue between the school and the children's parents. The police don't need to be involved.
For many managers and higher-ups, a resume that shows knowledge of only one platform tends to make people think a candidate lacks iniative. With the exposure available for different platforms, basic systems administration is a commodity skillset these days.
The fact is, unless you've lived under a rock, you've at least _USED_ Windows. And if you're a competent Windows administrator, you've at least _TINKERED_ with Linux or Mac OS. Put that on your resume, not as your focal point, but at least mention it.
Do you need to be equally competent at optimizing Windows as you are at recompiling and tweaking Solaris drivers? Doubtful. But if you're presented with a Windows server that feeds data to or receives data from your Unix environment, you should at least know how to troubleshoot ODBC, network settings, account information, etc. At the very least you should be able to grill the Windows admin that's helping you with knowledgeable and competent questions.
Considering the vast differences in each platforms application suites and management tools (.NET, PHP, Java, IIS, Apache, MS SQL, Oracle, blah blah) no one can expect a jack-of-all-trades in that area. But for basic OS administration, if you don't have some cross-skilling going on, be assured there's someone else out there that does.
And like any smart business person, upon seeing that ad revenue from traditional means is not working, new means should be explored.
aka Google's AdSense.
Or, yes, charge for subscriptions. some sites already do a hybrid of ad-laden content-light versions and ad-free, in-depth subscription versions (salon.com).
funny, doubleclick.net was the first site added to my AdBlock filter, and was an entry in my local HOSTS file for years before that.
I don't have a problem with online ads in general. its the ones that dance over the page (or otherwise obscure the content), redirect, resize, rely on large flash or java apps, or try and download code to my machine that prompted me to block.
a simple banner or inline image is fine and doesn't prompt me to block.
Advertisers should realize a lot of what they're complaining about is in response to their own activities to be more intrusive and obnoxious.
Anyone who assumes otherwise is a fool. Even at a small shop we monitored email for keywords and logged all AIM and Yahoo IM traffic leaving the network. This annoyed a lot of people, but those were mostly people who used their work-issued laptop as their only computer (for home and work) which is foolish to do anyhow (if you were to be fired or to quit, do you really want the company to have a laptop full of your browsing history and personal documents?)
Privacy concern, yea, but it IS the corporate's network and their computer.
Of course, I regularly PGP encrypt personal emails and tunnel all web/im traffic over an SSH tunnel to a proxy at my home so I suppose it's a little hypocritical to say I don't care;-)
I guess my point is, I would never keep personal information on a work machine, and I see anyone who does as doing an inherently foolish thing.
Given the amount of high quality open-source emulation programs, these homebrew apps have a great head start. No, I'm not knocking the talent of the authors, I'm merely pointing out this is a benefit of having code open-sourced. Even if one doesn't take that code as a basis for their project, they have a great guide to use for reference/study.
Assuming network access requires agreement to a TOS, lobby to make virus protection a requirement of the TOS.
I'd also recommend lobbying to have the organization purchase a site license for a popular AV product.
Any violations should be treated with a port being downed. When the person complains, hand them the CD (or install it for them, or hand them a CD-based scanner that you burn with the latest definitions and performs a full scan as an "autorun.inf" activation). Up their port after they sign a form attesting that they have taken steps to alleviate the problem.
If they're still infected when you turn up the port, down it again.
Sometimes the solution is a policy one and not a technical one.
I've about 15G of emails now dating back to the early 90s, all stored in a locally-installed Cyrus IMAP server (maildir format, technically). Never used AOL's mail or free webmails so that was never a concern of mine.
For you or I, no it's not so hard. But walk around any user area for a company with more than one or two passwords for systems. You will see a high proportion of people with stickies or such with passwords scrawled on them, or you'll find people using the same password for each system, or combinations of easily-guessable items such as birthdays.
At my last company, our CEO used his son's name as his password. Each time he had to change it he'd just increment a number at the end. And when we made the requirements for passwords more stringent, he had himself exempted because it was "too much".
Sure, stealing a wallet may temporarily give someone access to a smart-card account (until that card is deactivated and thats assuming there's no secondary authentication like a password or RSA-ID number), but its much more secure to require a physical device for authentication than to rely on "bob/bob1" as the only thing between a miscreant and your sensitive corporate data.
Not sure what you're talking about exactly, but Mac OS X, Windows 2000, and Windows XP can be set up to forgo "normal" login by instead inserting a smart card into a reader. The card is tied to a user ID, and its presence is (or can be depending on configuration) used in lieu of a password.
I know this because we set up one of our offices this way. In fact, if the card is removed from the reader, the workstation automatically locks. No passwords for the users to remember, no chance of passwords on stickies, no one complaining every 30 days that they can't remember what they just changed their password to, and no chance of a username/password being taken by someone else and used to log in.
Single logons is actually more secure, simply because of people's laziness. If a person has to log into each system with a different ID/PASS, invariably when you walk by their desk you'll see Post-IT notes with all their IDs and passwords on it.
I still see that, even under single sign-on, but far less.
The real answer is to get rid of passwords all together. tie all the systems into a single authentication service based around either biometrics or smart cards. You're just trying to verify the person's identity anyway, not testing their memory skills.
Placing a computer in your child's room is not a mistake. Giving unfettered access to the internet to young children is. A child of four-to-twelve I think should have restricted access to the internet, with it starting out by allowing access to only certain approved sites (a four-year would be thrilled surfing Barney's website, and doesn't need access to much else). A twelve-year old should have access to a lot more (news sites, etc).
But by the time a person reaches their adolescent years, you should start relaxing the harness quite a bit.
Restricting a person from surfing does nothing but make them surf more secretively or from other locations (friends' houses). And, adolescents need their feeling of privacy. I'm not saying free roam of porn sites, but the quick closing of a window can be as innocent as trying to keep you from reading an IM to a friend about how unfair you are;-)
There are technical things you can do if you're truly suspicious of your child. Things like having a firewall that can log URLs and do "content filtering". Sonicwall Firewall Appliances (www.sonicwall.com) can do this and can email you a logfile of all URLs surfed to. You can restrict "adult" sites, which will probably block a lot of legitamate sites as well, but is probably a lot more preferrable to your child than the feeling of you over their shoulder all the time.
In the end tho, it does come down to trust. When a person has reached 15, they have independent thought and desires that you may not agree with. While I agree it's your job to keep them safe and to try to steer them on a path you want, you do have to be willing to loosen the reigns and take a step back. A 15 year old surfing porn is natural. If it wasn't a dirty website it'd be a Playboy under the mattress or a movie stashed somewhere else.
Just keep an eye on things, but try not to be overbearing about it.
wants something for nothing and not concerned with legality.
only partially kidding. this is the same type of attitude taken when people discuss mp3's and artists' rights over their content.
the simple fact is you can never be completely indepentant. even if you get your own t1/t3/etc you're still receiving that connection from a provider who is, in the US and a lot of other countries, bound by certain laws and must comply with court orders.
and if you're hosting with someone, don't you think they deserve to charge you for your utilization of their pipe? or should an ISP go bankrupt to support your mp3/warez site?
I set up junkbuster on a linux box that my home and work PC proxy through. Rarely do I see an ad anymore (Even on slashdot) and when I do, I just add a filter for it to the blockfile.
Besides, Salon is too biased anyway. They take any oportunity to slam Clinton or endorse someone else. Actually, that's typical american journalism isn't it.
At the end of the article is the line "Having somebody who can screw around with my operating system would make me very, very nervous,"
Uhm, 95% of the engineering staff at my company could write you a shitload of DLL's, "screwing around" with the OS. We have a contract to get a lot of the Windows source code. In essense, we could just as effectively "screw around" with Windows . . . that arguement is another example of someone without a clue making a judgement on technical aspects. He should, instead, take his IT department's advice instead of decreeing somehting, that is why IT exists.
Come on, now. What's Microsoft going to do, let them? They may not have a legal foot to stand on in shutting th eproject down, but all MS has to do is change their API's and not tell anyone. I garantee the next version of Office after OW is release will say, "Microsoft Office requires Microsoft Windows to run . .." just as Win31 did during the DOS wars.
While I am against censorship, if I am responsible for running a network with limited resources I think it's perfectly appropriate to block applications and content that degrade performance. If I'm a company or university or whatever paying for this network so that it can provide access for certain purposes, such as access to corporate applications and files, then any threat to that functionality needs to be dealt with. Simply saying "I want my MP3" is not good enough reason to oppose bandwith management. I don't think these devices should be implemented at an ISP level, though, as that would be like the phone company blocking all personal calls, but within a corporate or university network it's perfectly appropriate. The network is in place for the company, not the schlepp in the cube sucking down porn and music.
Slashdot Mirror
" Actually, for RAID 5 you'd need a minimum of 3 drives."
Yes. And for RAID 1 (mirroring) you only need two, which I believe is what the person meant when suggesting "a decent motherboard will come with a RAID IDE controller, so you could easily just grab a pair of 250 WD caviars"
It's the nature of customer service to be asked to provide infinite knowledge and support with little or know reliable input from the customer. And its the nature of the customer to always want more and never feel completely satisfied. End users will never have a good technical understanding of the problems they encounter nor will they know how to communicate that as more than their frustration.
Take auto repair centers. Cars have been around for over a century now, and yet the average schmoe who brings a car in with a problem usually describes it as "there's this noise" or "its just runs funny". And even the most competent mechanics have to put up with the "end user" who feels cheated simply because he/she doesn't have a clue what the mechanic actually did.
The technology may change, but the nature of the people using it and needing support never will.
The best support techs I know are those that have good listening and analytical skills. "People skills". Not necessarily the most knowledgeable people, but the ones that can listen to the end user, break the problem down into concrete areas, and if unable to fix it can at least escalate and communicate the problem properly to those who can.
The comment previously about the Bicycle Repairman skit on Monty Python made a good point.
As there is no way to construe any of what they did as appropriate.
BUT . . . felony? c'mon. Even _IF_ they had "hacked" (and I use that lightly here since it sounds like they simply elevated local privileges and did nothing to the network, servers, or corporate data) a suspension, detention, etc would more than suffice.
This is at best an issue between the school and the children's parents. The police don't need to be involved.
For many managers and higher-ups, a resume that shows knowledge of only one platform tends to make people think a candidate lacks iniative. With the exposure available for different platforms, basic systems administration is a commodity skillset these days.
The fact is, unless you've lived under a rock, you've at least _USED_ Windows. And if you're a competent Windows administrator, you've at least _TINKERED_ with Linux or Mac OS. Put that on your resume, not as your focal point, but at least mention it.
Do you need to be equally competent at optimizing Windows as you are at recompiling and tweaking Solaris drivers? Doubtful. But if you're presented with a Windows server that feeds data to or receives data from your Unix environment, you should at least know how to troubleshoot ODBC, network settings, account information, etc. At the very least you should be able to grill the Windows admin that's helping you with knowledgeable and competent questions.
Considering the vast differences in each platforms application suites and management tools (.NET, PHP, Java, IIS, Apache, MS SQL, Oracle, blah blah) no one can expect a jack-of-all-trades in that area. But for basic OS administration, if you don't have some cross-skilling going on, be assured there's someone else out there that does.
"We don't necessarily have issues with open source"
Of course they don't. Why pay for R&D when you can funnel that money into lawsuits and just use someone else's work.
And like any smart business person, upon seeing that ad revenue from traditional means is not working, new means should be explored.
aka Google's AdSense.
Or, yes, charge for subscriptions. some sites already do a hybrid of ad-laden content-light versions and ad-free, in-depth subscription versions (salon.com).
Whining about market force doesn't alter it.
funny, doubleclick.net was the first site added to my AdBlock filter, and was an entry in my local HOSTS file for years before that.
I don't have a problem with online ads in general. its the ones that dance over the page (or otherwise obscure the content), redirect, resize, rely on large flash or java apps, or try and download code to my machine that prompted me to block.
a simple banner or inline image is fine and doesn't prompt me to block.
Advertisers should realize a lot of what they're complaining about is in response to their own activities to be more intrusive and obnoxious.
Anyone who assumes otherwise is a fool. Even at a small shop we monitored email for keywords and logged all AIM and Yahoo IM traffic leaving the network. This annoyed a lot of people, but those were mostly people who used their work-issued laptop as their only computer (for home and work) which is foolish to do anyhow (if you were to be fired or to quit, do you really want the company to have a laptop full of your browsing history and personal documents?)
;-)
Privacy concern, yea, but it IS the corporate's network and their computer.
Of course, I regularly PGP encrypt personal emails and tunnel all web/im traffic over an SSH tunnel to a proxy at my home so I suppose it's a little hypocritical to say I don't care
I guess my point is, I would never keep personal information on a work machine, and I see anyone who does as doing an inherently foolish thing.
Given the amount of high quality open-source emulation programs, these homebrew apps have a great head start. No, I'm not knocking the talent of the authors, I'm merely pointing out this is a benefit of having code open-sourced. Even if one doesn't take that code as a basis for their project, they have a great guide to use for reference/study.
Assuming network access requires agreement to a TOS, lobby to make virus protection a requirement of the TOS.
I'd also recommend lobbying to have the organization purchase a site license for a popular AV product.
Any violations should be treated with a port being downed. When the person complains, hand them the CD (or install it for them, or hand them a CD-based scanner that you burn with the latest definitions and performs a full scan as an "autorun.inf" activation). Up their port after they sign a form attesting that they have taken steps to alleviate the problem.
If they're still infected when you turn up the port, down it again.
Sometimes the solution is a policy one and not a technical one.
I've about 15G of emails now dating back to the early 90s, all stored in a locally-installed Cyrus IMAP server (maildir format, technically). Never used AOL's mail or free webmails so that was never a concern of mine.
For you or I, no it's not so hard. But walk around any user area for a company with more than one or two passwords for systems. You will see a high proportion of people with stickies or such with passwords scrawled on them, or you'll find people using the same password for each system, or combinations of easily-guessable items such as birthdays.
At my last company, our CEO used his son's name as his password. Each time he had to change it he'd just increment a number at the end. And when we made the requirements for passwords more stringent, he had himself exempted because it was "too much".
Sure, stealing a wallet may temporarily give someone access to a smart-card account (until that card is deactivated and thats assuming there's no secondary authentication like a password or RSA-ID number), but its much more secure to require a physical device for authentication than to rely on "bob/bob1" as the only thing between a miscreant and your sensitive corporate data.
well, duh
;-)
and if it were biometrics, what if someone cut off your finger?
Not sure what you're talking about exactly, but Mac OS X, Windows 2000, and Windows XP can be set up to forgo "normal" login by instead inserting a smart card into a reader. The card is tied to a user ID, and its presence is (or can be depending on configuration) used in lieu of a password.
I know this because we set up one of our offices this way. In fact, if the card is removed from the reader, the workstation automatically locks. No passwords for the users to remember, no chance of passwords on stickies, no one complaining every 30 days that they can't remember what they just changed their password to, and no chance of a username/password being taken by someone else and used to log in.
Single logons is actually more secure, simply because of people's laziness. If a person has to log into each system with a different ID/PASS, invariably when you walk by their desk you'll see Post-IT notes with all their IDs and passwords on it.
I still see that, even under single sign-on, but far less.
The real answer is to get rid of passwords all together. tie all the systems into a single authentication service based around either biometrics or smart cards. You're just trying to verify the person's identity anyway, not testing their memory skills.
Placing a computer in your child's room is not a mistake. Giving unfettered access to the internet to young children is. A child of four-to-twelve I think should have restricted access to the internet, with it starting out by allowing access to only certain approved sites (a four-year would be thrilled surfing Barney's website, and doesn't need access to much else). A twelve-year old should have access to a lot more (news sites, etc).
;-)
But by the time a person reaches their adolescent years, you should start relaxing the harness quite a bit.
Restricting a person from surfing does nothing but make them surf more secretively or from other locations (friends' houses). And, adolescents need their feeling of privacy. I'm not saying free roam of porn sites, but the quick closing of a window can be as innocent as trying to keep you from reading an IM to a friend about how unfair you are
There are technical things you can do if you're truly suspicious of your child. Things like having a firewall that can log URLs and do "content filtering". Sonicwall Firewall Appliances (www.sonicwall.com) can do this and can email you a logfile of all URLs surfed to. You can restrict "adult" sites, which will probably block a lot of legitamate sites as well, but is probably a lot more preferrable to your child than the feeling of you over their shoulder all the time.
In the end tho, it does come down to trust. When a person has reached 15, they have independent thought and desires that you may not agree with. While I agree it's your job to keep them safe and to try to steer them on a path you want, you do have to be willing to loosen the reigns and take a step back. A 15 year old surfing porn is natural. If it wasn't a dirty website it'd be a Playboy under the mattress or a movie stashed somewhere else.
Just keep an eye on things, but try not to be overbearing about it.
wants something for nothing and not concerned with legality.
only partially kidding. this is the same type of attitude taken when people discuss mp3's and artists' rights over their content.
the simple fact is you can never be completely indepentant. even if you get your own t1/t3/etc you're still receiving that connection from a provider who is, in the US and a lot of other countries, bound by certain laws and must comply with court orders.
and if you're hosting with someone, don't you think they deserve to charge you for your utilization of their pipe? or should an ISP go bankrupt to support your mp3/warez site?
nice comment, except for the lame open source plug at the end. anyone can innovate, open or closed.
Obviously, the person who wrote this article doesn't realize how easy it is to rip a DVD . . .
I set up junkbuster on a linux box that my home and work PC proxy through. Rarely do I see an ad anymore (Even on slashdot) and when I do, I just add a filter for it to the blockfile. Besides, Salon is too biased anyway. They take any oportunity to slam Clinton or endorse someone else. Actually, that's typical american journalism isn't it.
At the end of the article is the line "Having somebody who can screw around with my operating system would make me very, very nervous," Uhm, 95% of the engineering staff at my company could write you a shitload of DLL's, "screwing around" with the OS. We have a contract to get a lot of the Windows source code. In essense, we could just as effectively "screw around" with Windows . . . that arguement is another example of someone without a clue making a judgement on technical aspects. He should, instead, take his IT department's advice instead of decreeing somehting, that is why IT exists.
Come on, now. What's Microsoft going to do, let them? They may not have a legal foot to stand on in shutting th eproject down, but all MS has to do is change their API's and not tell anyone. I garantee the next version of Office after OW is release will say, "Microsoft Office requires Microsoft Windows to run . . ." just as Win31 did during the DOS wars.
While I am against censorship, if I am responsible for running a network with limited resources I think it's perfectly appropriate to block applications and content that degrade performance. If I'm a company or university or whatever paying for this network so that it can provide access for certain purposes, such as access to corporate applications and files, then any threat to that functionality needs to be dealt with. Simply saying "I want my MP3" is not good enough reason to oppose bandwith management. I don't think these devices should be implemented at an ISP level, though, as that would be like the phone company blocking all personal calls, but within a corporate or university network it's perfectly appropriate. The network is in place for the company, not the schlepp in the cube sucking down porn and music.