You'd think so, but in my experience, that hasn't been the case. The company that I work for basically uses a "block everything and open up what is needed" policy, and our IT department consists of five people. One works exclusively on our billing software. Two are desktop support, and two of us are network admins. These questions pretty much exclusively come to me, and it's not overwhelming -- not even close. Granted, it's a fairly small company -- just a couple hundred employees -- but still, the unblocking requests are maybe one or two a month once you've tweaked the filters for the first couple of weeks.
If you are going to ultimately be transfering the data from your home connection.. why not just do it from home...
1) Download at work to take advantage of (presumably -- not true in my case, however) faster bandwidth at work.
2) Transfer to USB thumb drive (much faster than even a fast Internet connection).
3) Take home and upload to your home PC
4) ???
5) Profit!
All of what you say is true, and if the employer's concern is whether or not the employees are actually, you know, working (as opposed to arguing with others here on/., lol), then you raise several valid points. However, from OP's question, it seems like (s)he is more interested in making sure the business doesn't get hit with file sharing lawsuits when employees are goofing off on-line rather than making sure the employees aren't goofing off on-line in the first place. Although, to be fair, towards the end of the post, (s)he did start asking more "...and while we're at it, if we could see how much time employees are wasting on-line, that would be great" kind of questions, so I could be completely wrong.
Anyway, on to OP's question. For filtering HTTP traffic, you can use a Squid proxy server with squidGuard or Dan's Guardian (we use squidGuard where I work) along with a firewall rule to allow HTTP from the proxy server, but to redirect all other HTTP traffic to the proxy. It's not difficult to tack on some reporting tools to Squid -- in fact, I would expect that there are already some open source tools available, although I haven't looked for any. If you want to restrict other protocols, you could consider port-based firewall rules and only allow protocols for which there is a verified business need. Again, we do this where I work with a Linux-based firewall that uses an open source tool called Firehol to generate iptables rules, which makes filtering stupid-simple. You create two lines that say something to the effect of...:
client "<allowed-protocol-1 allowed-protocol-2...allowed-protocol-n" allow
client all reject
for example:
client "http dns smtp pop3" allow
client all reject
...and that's it. You have now explicitly allowed just a select few protocols and nothing else. It's still not foolproof -- since this is port-based filtering, you're hosed if someone is running some kind of file sharing service on an allowed port -- but in NZ, is it necessary to actually block all P2P activity, or do you just need to show that you've taken reasonable precautions to prevent P2P activity? If the first, you're hosed. You can't prevent every possible way of infringing, no matter how hard you try. In that case, just shut off your Internet connection. If the second, this should probably be good enough.
Please excuse what may be a silly question (IANAL, nor do I play one on/.), but what would that mean for an appeal to a higher court (SCOTUS, I believe, but I could easily be mistaken)?
If you are running a *Nix-based OS, there are some cool things you can do with rsync and hard-links to backup your machines. I have personally used this method, and have resurrected dead machines to new, bare metal in about an hour (depending upon how much data there is, of course). You can tunnel rsync through SSH to solve the security problem across the Internet, and you could write the data to encrypted volumes on the backup drives, if you want to make sure the data stays secure.
If you are running Windows, you won't be able to bring back the OS and installed programs if the hardware dies, but you can still use Cygwin and rsync to backup your data, at least.
Settle in behind a truck. Problem solved. The idiots that jump from lane to lane know trucks are "slow" (even though they are somewhat, the drivers try to not slow down if possible and are usually in the easy flowing lane) despite the fact they end up at the same place at the same ramp light a lot of times. Then you can make whatever gap you want, don't have to brake as hard (because the truck just plowed through whomever it was and can't stop as fast as you can), AND you can get slightly better gas mileage from the slipstream sometimes.
Sweet -- that may be one of the most intelligent suggestions in this entire thread:)
Consider going the speed limit for a while...
I just wish people would actually reach the speed limit where I live. While my tendency might be to go about 5-10 MPH faster than the posted limit, I just suck it up when I'm behind someone who is doing the posted limit. I understand that others are trying to obey the law, so I can handle that. What pisses me off is when you've got some yahoo blocking traffic at 10 MPH or more below the speed limit when there's absolutely no weather or road condition that requires such a low speed. Since I've usually got far more to do than time in which to do it, wasting time behind slow, inconsiderate drivers is excruciating for me...but maybe I should just switch to decaff:)
Oh I am not saying that I like the TSA system at all.
I understood that from your earlier post, no argument there.
But to answer your question is that they can do it because it is legal. A law was passed and it has not be repealed.
Here, however, I take dispute. Congress can pass any laws they want, but that doesn't make them legal. I'm splitting hairs a bit here, but it's an important distinction. If Congress were to pass a law saying that no one could say anything negative about President Obama, that law would be illegal because the 1st Amendment to the Constitution says that the government cannot pass laws prohibiting free speech. Likewise, the 4th Amendment says that the government cannot conduct an unreasonable* search without probable cause. Consequently, the law that Congress passed is not legal, regardless of whether or not it has been repealed.
*"unreasonable" is the key, of course. I've argued the point here many, many times, so I don't feel like elaborating again. If you want to know why I maintain the airport searches are unreasonable, read my comment history.
The solution is to find people to vote into office that will repeal it.
Well, that's one way. The other is to get it overturned by the Supreme Court. Unfortunately, that's frequently a long process, and in the meantime, TSA is busy abusing innocent travelers in our airports and giving the U.S. an even worse reputation overseas (sigh...) It's a disgrace that we have abandoned our principles so readily, and I am deeply ashamed of what my country has become in the last decade.
IANAL, but my understanding is that it's easy not to incriminate yourself if you haven't been arrested, because if you haven't been arrested you have the right to get up and leave.
Except that TSA says that once you enter the security screening area, you cannot leave without completing the screening process, and there's a $10,000 fine if you do. AFAIK, they have yet to make good on that threat, but if you look on Google, you will find stories that range from merely being escorted out of the airport to actually being arrested when people have elected to discontinue the security screening anyway.
Agreed, but the vehicle *can* decelerate at a rate much greater than what brakes alone could normally do. BTDT. Fortunately, the cop who investigated the accident agreed that the other guy primarily to blame, although he did cite me for "exceeding safe speeds for conditions" (it was winter, and I was already going 10mph slower than the posted speed limit, ).
That's when you "accidentally" downshift from 5th to 3rd and then sue the police department for their irresponsible actions. I actually did accidentally (honest!) miss 4th and hit 2nd when a dude on a Harley was riding my backside in traffic one day. He wasn't at all happy, but fortunately he was able to avoid me.
I'd also like to see an inexpensive, automated vehicle surveillance camera system. It would help cut down on aggressive driving when someone knows that their idiotic behavior is being captured and streamed to some distant server for possible use in court if not uploading to Youtube's Idiot Driver of the Day contest. Many's the time I've needed such a device. May have to set something up myself, hmm.
Check out Daily Roads Voyager on the Android market. If you've got an iPhone or other smart phone, there's probably an equivalent.
So you're telling me that you are just fine driving at 15 mph slower than prevailing traffic because people keep pulling into your safety cushion ahead of you? It's not always about competition; quite honestly, I couldn't care less if you pass me. In fact, I kind of like having a "front door". However, if you keep letting people in ahead of you because you have a large space cushion, you will inevitably end up driving slower than the flow of traffic. And if you are driving slower than the flow of traffic, you will have all the other drivers behind you (who are now pissed off at you because you are going so slow) passing and pulling in ahead of you...making the problem worse.
So, yeah. Driving with 8 feet between you and the car ahead at 50mph on a 40mile commute is stupid. But driving significantly slower than traffic around you because you are trying to keep enough space to land a Super Cub between you and the car ahead is stupid, too. There's a middle ground, and it can sometimes force you to drive closer than maybe you'd like. Most of the time, that's fine because there's a better than even chance that you won't need to panic stop in traffic. But when you find that you are in such a situation, you'd better stack the odds in your favor by having an "out" if you do have to stop, and by paying more attention than usual to what's going on around you.
This is something that concerns me. I try to drive safely and considerately, and consequently, when I'm not either actively passing someone or approaching an on-ramp where traffic will be merging into the right-hand lane from an intersecting road, I stay in the right hand lane so that faster traffic can get past me. However, I seem to be the exception rather than the rule. I cannot count how many times I have cruised down the highway behind some complete freaking moron who is pacing the car to his right at 5-10mph below the speed limit on a beautiful, clear, summer day, despite the 50 miles of open highway ahead of him and the line of traffic stacking up behind him. Consequently, yes, I sometimes look like I am "weaving" in and out of traffic because when I get a chance to get around the aforementioned moron, I will -- even if it means passing in the right hand lane because Clueless absolutely refuses to move to the "slow lane" on the right. And when I reach the line of traffic in the RH lane ahead, I'll move left again to pass them, then move back to the RH lane so others who want to go even faster can get past me. Am I being unsafe? Not intentionally, and I'd argue that my actions are safer than the idiot who is holding back -- and pissing off -- traffic behind him in the left lane.
Problem is, the two second rule only works when you assume the guy ahead of you will decelerate to a stop. However, if he runs into a stationary object, you're screwed if you are only two seconds behind him. At 55 MPH, you are traveling ~81 feet per second, which means a two second following distance puts you ~162 feet behind the car ahead of you. A commonly quoted statistic is that it takes about three tenths of a second to react to stimuli -- for example, brake lights on the car ahead of you. So that means you have 1.7 seconds to stop if you see the car ahead of you has suddenly come to a full and complete stop, for example, if they impacted a stopped car ahead of them. That leaves you with just over 137 feet to stop before you hit them. To decelerate from ~81 fps to 0 fps in 1.7 seconds, you will need to decelerate at 47.5 fpsps. Just to be clear, a 1G deceleration is only 32 fpsps. That means in order to be able to come to a complete stop in 1.7 seconds, you need to decelerate at roughly 1.5g. That's some mighty impressive braking performance. I doubt most cars on the road can get even close to that level of braking performance, even with new tires on a perfect road (and the roads where I live are far from perfect).
And verily, dost thou thinketh he wouldst fare much the same in yon olden days when King James' manner of speaking wast most proper? Forsooth, I thinketh not.
I took a course that discussed personality profiles a little while back, and -- according to this class, at least -- the "creative" types tend to get really excited about a project, work on it for a little while, lose interest and abandon it in favor of the next project that comes to mind. This is a pretty good description of me, as my wife is fond of reminding me. I have a million things that I've started, gotten bored with and abandoned. A friend of mine once commented that techies seem to be borderline ADD; this theory could explain why. Whether you like Google or not, you have to admit they are pretty creative. If they have a culture that is lead by the creative, ADD types, you would kind of expect them to display this type of behaviour. The solution to this problem is to hire analytical/admin types who will drive the projects to completion rather than abandoning them when they get the next creative spark.
I'll admit that it's kind of a PITA when you start playing with something Google offers only to find it's about to be discontinued. On the other hand, I can see it from Google's point of view, too. They are an innovative company. When they come up with an idea that they think has potential (for example, App Inventor), they release it to see if it takes off. You can't blame them, though, for deciding to pull the projects that didn't see enough interest to be worth maintaining. While I don't know if the data supports this interpretation of App Inventor's demise, I seem to recall it getting pretty thoroughly dismissed here on/.
And you don't have a choice to remain silent since you are not under arrest.
Ummm...I'm not sure that's how it works. IIRC, the 5th Amendment says that the government cannot (well...legally, anyway) compel me to incriminate myself. Whether or not I have been arrested yet, forcing me to answer that I am a terrorist (assuming it's true) would still be incriminating myself. Just because the Miranda rule says that the police have to advise you of your right to remain silent when you are arrested doesn't necessarily mean that you only have that right when you have actually been arrested. Any actual lawyers care to chime in on this?
Don't you just love the "land of the free"!
Well, I did when it actually kind of was...now, not so much.
Everything you said is true, but that doesn't negate my point: an ad hominem argument is not a logical proof. If you want to dispute what Ms. Alkon said, that is not the way to do it.
Furthermore, your argument begs the question: if I have to prove that the TSO actually did commit either a rape or a sexual assault, why doesn't TSA likewise have to prove probable cause before conducting such a necessarily invasive search*? As you said, we are supposed to have protections under the law, no?
*Whether Ms. Alkon exaggerated her claims or not, you have to admit that having a stranger publicly "pat down" one's crotch at an airport is pretty frigging invasive.
Thanks for the advice -- I'll keep it in mind if I see another mobo with a blow cap:) IIRC, I tried using a 30W soldering iron with desoldering braid and a spring-loaded solder sucker like you described and another 30W (I think...) soldering iron with a rubber bulb solder sucker attached (Radio Shack used to sell them; don't know if they still do).
Slashdot Mirror
You'd think so, but in my experience, that hasn't been the case. The company that I work for basically uses a "block everything and open up what is needed" policy, and our IT department consists of five people. One works exclusively on our billing software. Two are desktop support, and two of us are network admins. These questions pretty much exclusively come to me, and it's not overwhelming -- not even close. Granted, it's a fairly small company -- just a couple hundred employees -- but still, the unblocking requests are maybe one or two a month once you've tweaked the filters for the first couple of weeks.
If you are going to ultimately be transfering the data from your home connection.. why not just do it from home...
1) Download at work to take advantage of (presumably -- not true in my case, however) faster bandwidth at work.
2) Transfer to USB thumb drive (much faster than even a fast Internet connection).
3) Take home and upload to your home PC
4) ???
5) Profit!
Anyway, on to OP's question. For filtering HTTP traffic, you can use a Squid proxy server with squidGuard or Dan's Guardian (we use squidGuard where I work) along with a firewall rule to allow HTTP from the proxy server, but to redirect all other HTTP traffic to the proxy. It's not difficult to tack on some reporting tools to Squid -- in fact, I would expect that there are already some open source tools available, although I haven't looked for any. If you want to restrict other protocols, you could consider port-based firewall rules and only allow protocols for which there is a verified business need. Again, we do this where I work with a Linux-based firewall that uses an open source tool called Firehol to generate iptables rules, which makes filtering stupid-simple. You create two lines that say something to the effect of...:
client "<allowed-protocol-1 allowed-protocol-2...allowed-protocol-n" allow
client all reject
for example:
client "http dns smtp pop3" allow
client all reject
Please excuse what may be a silly question (IANAL, nor do I play one on /.), but what would that mean for an appeal to a higher court (SCOTUS, I believe, but I could easily be mistaken)?
If you are running a *Nix-based OS, there are some cool things you can do with rsync and hard-links to backup your machines. I have personally used this method, and have resurrected dead machines to new, bare metal in about an hour (depending upon how much data there is, of course). You can tunnel rsync through SSH to solve the security problem across the Internet, and you could write the data to encrypted volumes on the backup drives, if you want to make sure the data stays secure.
If you are running Windows, you won't be able to bring back the OS and installed programs if the hardware dies, but you can still use Cygwin and rsync to backup your data, at least.
Settle in behind a truck. Problem solved. The idiots that jump from lane to lane know trucks are "slow" (even though they are somewhat, the drivers try to not slow down if possible and are usually in the easy flowing lane) despite the fact they end up at the same place at the same ramp light a lot of times. Then you can make whatever gap you want, don't have to brake as hard (because the truck just plowed through whomever it was and can't stop as fast as you can), AND you can get slightly better gas mileage from the slipstream sometimes.
Sweet -- that may be one of the most intelligent suggestions in this entire thread :)
Consider going the speed limit for a while...
I just wish people would actually reach the speed limit where I live. While my tendency might be to go about 5-10 MPH faster than the posted limit, I just suck it up when I'm behind someone who is doing the posted limit. I understand that others are trying to obey the law, so I can handle that. What pisses me off is when you've got some yahoo blocking traffic at 10 MPH or more below the speed limit when there's absolutely no weather or road condition that requires such a low speed. Since I've usually got far more to do than time in which to do it, wasting time behind slow, inconsiderate drivers is excruciating for me...but maybe I should just switch to decaff :)
Oh I am not saying that I like the TSA system at all.
I understood that from your earlier post, no argument there.
But to answer your question is that they can do it because it is legal. A law was passed and it has not be repealed.
Here, however, I take dispute. Congress can pass any laws they want, but that doesn't make them legal. I'm splitting hairs a bit here, but it's an important distinction. If Congress were to pass a law saying that no one could say anything negative about President Obama, that law would be illegal because the 1st Amendment to the Constitution says that the government cannot pass laws prohibiting free speech. Likewise, the 4th Amendment says that the government cannot conduct an unreasonable* search without probable cause. Consequently, the law that Congress passed is not legal, regardless of whether or not it has been repealed.
*"unreasonable" is the key, of course. I've argued the point here many, many times, so I don't feel like elaborating again. If you want to know why I maintain the airport searches are unreasonable, read my comment history.
The solution is to find people to vote into office that will repeal it.
Well, that's one way. The other is to get it overturned by the Supreme Court. Unfortunately, that's frequently a long process, and in the meantime, TSA is busy abusing innocent travelers in our airports and giving the U.S. an even worse reputation overseas (sigh...) It's a disgrace that we have abandoned our principles so readily, and I am deeply ashamed of what my country has become in the last decade.
IANAL, but my understanding is that it's easy not to incriminate yourself if you haven't been arrested, because if you haven't been arrested you have the right to get up and leave.
Except that TSA says that once you enter the security screening area, you cannot leave without completing the screening process, and there's a $10,000 fine if you do. AFAIK, they have yet to make good on that threat, but if you look on Google, you will find stories that range from merely being escorted out of the airport to actually being arrested when people have elected to discontinue the security screening anyway.
Agreed, but the vehicle *can* decelerate at a rate much greater than what brakes alone could normally do. BTDT. Fortunately, the cop who investigated the accident agreed that the other guy primarily to blame, although he did cite me for "exceeding safe speeds for conditions" (it was winter, and I was already going 10mph slower than the posted speed limit, ).
That's when you "accidentally" downshift from 5th to 3rd and then sue the police department for their irresponsible actions. I actually did accidentally (honest!) miss 4th and hit 2nd when a dude on a Harley was riding my backside in traffic one day. He wasn't at all happy, but fortunately he was able to avoid me.
Sure. I'd be glad to do that when I'm stuck behind the jerk in front of me. It's not always that simple, moron.
I'd also like to see an inexpensive, automated vehicle surveillance camera system. It would help cut down on aggressive driving when someone knows that their idiotic behavior is being captured and streamed to some distant server for possible use in court if not uploading to Youtube's Idiot Driver of the Day contest. Many's the time I've needed such a device. May have to set something up myself, hmm.
Check out Daily Roads Voyager on the Android market. If you've got an iPhone or other smart phone, there's probably an equivalent.
Pretty please???
2. Piss off everyone behind you
Yep. And at that point, they pass you, pull into the space ahead of you, and make the entire situation even worse. Rinse, repeat, do not profit!!!
And, No, it is not arguable more dangerous than flying down the road at 50mph with 8 feet off someone's bumper. Don't even go there.
Sorry, I don't take orders from random slashbots, even if they really really don't want me to tell them how horribly mistaken they are. Nice try.
That was very well said. :thumb_up:
So you're telling me that you are just fine driving at 15 mph slower than prevailing traffic because people keep pulling into your safety cushion ahead of you? It's not always about competition; quite honestly, I couldn't care less if you pass me. In fact, I kind of like having a "front door". However, if you keep letting people in ahead of you because you have a large space cushion, you will inevitably end up driving slower than the flow of traffic. And if you are driving slower than the flow of traffic, you will have all the other drivers behind you (who are now pissed off at you because you are going so slow) passing and pulling in ahead of you...making the problem worse.
So, yeah. Driving with 8 feet between you and the car ahead at 50mph on a 40mile commute is stupid. But driving significantly slower than traffic around you because you are trying to keep enough space to land a Super Cub between you and the car ahead is stupid, too. There's a middle ground, and it can sometimes force you to drive closer than maybe you'd like. Most of the time, that's fine because there's a better than even chance that you won't need to panic stop in traffic. But when you find that you are in such a situation, you'd better stack the odds in your favor by having an "out" if you do have to stop, and by paying more attention than usual to what's going on around you.
This is something that concerns me. I try to drive safely and considerately, and consequently, when I'm not either actively passing someone or approaching an on-ramp where traffic will be merging into the right-hand lane from an intersecting road, I stay in the right hand lane so that faster traffic can get past me. However, I seem to be the exception rather than the rule. I cannot count how many times I have cruised down the highway behind some complete freaking moron who is pacing the car to his right at 5-10mph below the speed limit on a beautiful, clear, summer day, despite the 50 miles of open highway ahead of him and the line of traffic stacking up behind him. Consequently, yes, I sometimes look like I am "weaving" in and out of traffic because when I get a chance to get around the aforementioned moron, I will -- even if it means passing in the right hand lane because Clueless absolutely refuses to move to the "slow lane" on the right. And when I reach the line of traffic in the RH lane ahead, I'll move left again to pass them, then move back to the RH lane so others who want to go even faster can get past me. Am I being unsafe? Not intentionally, and I'd argue that my actions are safer than the idiot who is holding back -- and pissing off -- traffic behind him in the left lane.
Problem is, the two second rule only works when you assume the guy ahead of you will decelerate to a stop. However, if he runs into a stationary object, you're screwed if you are only two seconds behind him. At 55 MPH, you are traveling ~81 feet per second, which means a two second following distance puts you ~162 feet behind the car ahead of you. A commonly quoted statistic is that it takes about three tenths of a second to react to stimuli -- for example, brake lights on the car ahead of you. So that means you have 1.7 seconds to stop if you see the car ahead of you has suddenly come to a full and complete stop, for example, if they impacted a stopped car ahead of them. That leaves you with just over 137 feet to stop before you hit them. To decelerate from ~81 fps to 0 fps in 1.7 seconds, you will need to decelerate at 47.5 fpsps. Just to be clear, a 1G deceleration is only 32 fpsps. That means in order to be able to come to a complete stop in 1.7 seconds, you need to decelerate at roughly 1.5g . That's some mighty impressive braking performance. I doubt most cars on the road can get even close to that level of braking performance, even with new tires on a perfect road (and the roads where I live are far from perfect).
And verily, dost thou thinketh he wouldst fare much the same in yon olden days when King James' manner of speaking wast most proper? Forsooth, I thinketh not.
Solo doesn't count.
Yes, but no.
I took a course that discussed personality profiles a little while back, and -- according to this class, at least -- the "creative" types tend to get really excited about a project, work on it for a little while, lose interest and abandon it in favor of the next project that comes to mind. This is a pretty good description of me, as my wife is fond of reminding me. I have a million things that I've started, gotten bored with and abandoned. A friend of mine once commented that techies seem to be borderline ADD; this theory could explain why. Whether you like Google or not, you have to admit they are pretty creative. If they have a culture that is lead by the creative, ADD types, you would kind of expect them to display this type of behaviour. The solution to this problem is to hire analytical/admin types who will drive the projects to completion rather than abandoning them when they get the next creative spark.
I'll admit that it's kind of a PITA when you start playing with something Google offers only to find it's about to be discontinued. On the other hand, I can see it from Google's point of view, too. They are an innovative company. When they come up with an idea that they think has potential (for example, App Inventor), they release it to see if it takes off. You can't blame them, though, for deciding to pull the projects that didn't see enough interest to be worth maintaining. While I don't know if the data supports this interpretation of App Inventor's demise, I seem to recall it getting pretty thoroughly dismissed here on /.
And you don't have a choice to remain silent since you are not under arrest.
Ummm...I'm not sure that's how it works. IIRC, the 5th Amendment says that the government cannot (well...legally, anyway) compel me to incriminate myself. Whether or not I have been arrested yet, forcing me to answer that I am a terrorist (assuming it's true) would still be incriminating myself. Just because the Miranda rule says that the police have to advise you of your right to remain silent when you are arrested doesn't necessarily mean that you only have that right when you have actually been arrested. Any actual lawyers care to chime in on this?
Don't you just love the "land of the free"!
Well, I did when it actually kind of was...now, not so much.
Everything you said is true, but that doesn't negate my point: an ad hominem argument is not a logical proof. If you want to dispute what Ms. Alkon said, that is not the way to do it.
Furthermore, your argument begs the question: if I have to prove that the TSO actually did commit either a rape or a sexual assault, why doesn't TSA likewise have to prove probable cause before conducting such a necessarily invasive search*? As you said, we are supposed to have protections under the law, no?
*Whether Ms. Alkon exaggerated her claims or not, you have to admit that having a stranger publicly "pat down" one's crotch at an airport is pretty frigging invasive.
Thanks for the advice -- I'll keep it in mind if I see another mobo with a blow cap :) IIRC, I tried using a 30W soldering iron with desoldering braid and a spring-loaded solder sucker like you described and another 30W (I think...) soldering iron with a rubber bulb solder sucker attached (Radio Shack used to sell them; don't know if they still do).