They'd be paying German programmers if that was important to them. Otherwise they'd outsource it to India like every other large organization. The article mentions that the IT department was somewhere in the neighborhood of 300 employees. Employees are trainable. It doesn't matter if they are running Linux, Windows, Unix or OSX. Their systems required trained administrators.
To all the OSS zealots, where is the cost savings on labor? Where is the meme that it takes more labor resources to manage Windows servers? Is Munich going to downsize their IT department once they're done with their Linux migration? Or are they going to find themselves living in the real world and realize that x number and y number of applications requires z number of staff to support?
I wonder how much of the "cost savings" on software licenses is being consumed by developer hours recreating functionality.
...and then pay in house developers to reproduce all of the functionality that your proprietary system was providing. As the OP said, there is no such thing as a free lunch.
Did you read the article? It mentioned a lot of VBA macros that had to be converted into a similar system that managed templates, automation, etc. In other words, the functionality had to be re-created.
A lot of reliable sources (like the Wall Street Journal) seem to be under the belief that the Chinese aren't going to blink and that they will let Google go. The Journal had an article the other day about a couple Google businesses that will remain in China.
Look at it this way. If a huge foreign company went to the United States government and said, "We don't like your imperialist policies in the Middle East. We're taking our toys and going home. When we do that, your people are going to see you for the imperalist dogs that you are!" Do you think the US government would really give two shits? Why should the Chinese behave any differently? They have one of the largest, untapped markets in the world. The Chinese have one of the highest saving rates in the world. The Chinese have control over their currency in a way that gives them unfair advantage in international trade. To say that they're holding most of the cards would be an understatement.
The only card Google could play would be to pressure the US government to inact trade barriers on Chinese exports (US imports from China). That won't happen. Our country would suffer greatly without access to inexpensive Chinese goods, and the Chinese would suffer from a crash in their manufacturing. On a five year time line, I think the Chinese could foster domestic consumption faster than the United States could rebuild manufacturing in the US, or reallocate it to other markets (Mexico, Vietnam, etc)
Too bad the Chinese have kung fu and a few millenia of practice in martial warfare. Google has... a bunch of nerds in Silicon Valley hyped up on caffeine.
Why would an SD card come anywhere near a PC during the manufacturing process? Aren't they fabricated in large batches, not unlike RAM or CPUs? The only part of the process that I would think might involve a PC would be the formating at the end. Yet it seems like they'd have a dedicated hardware device that formats multiple chips at a time.
So really, you and I aren't even going to get into the ballpark on what the numbers really were. Just keep commuting to work, eating junk food, watching televised karaoke, and jacking off in safety while the "professionals" continue to perpetuate history's mess.
You missed one major point. The CIA isn't doing the radicalizing. They are providing a forum for others who are radical to espouse their views. To make a physical world analogy, it would be like the CIA setting up a "Jihadi Mosque" and hiding cameras and microphones in it. Then they open the doors and see who shows up, who they talk to, and what they talk about.
If anything I'd encourage them to expand the program. I'd encourage them to bring in linguists and psychologists and people with backgrounds in developing memes to counter the memes spread by the radicalizers.
As complex as the problem of radical jihad seems, it comes down to basic human interactions. There is a large group of disenfrancised individuals who don't see any way of getting a better life. Someone comes along and promises them and their families a better if they are willing to do X, Y and Z. At the deepest level it isn't much different than the way American schools indoctrinate students into capitalism, the American dream, college, a house, a wife, and two point five kids. The methods are different. One is suicide bombings and AK-47s, the other is debt slavery and consumerism. The underlying meta-message is the same though. "If you do this, our collective society and way of life will be better off."
I'm going to rehash an argument that I used a few months ago when there was a news story about the FBI running a similar operation to monitor and prosecute criminals involved in credit card fraud. In that case, a few people argued that the FBI was aiding the badguys by giving them a forum to swap their k0d3z in. They completely ignored the fact that the bad guys would do it any way. If they weren't using the FBI forum, they'd be using another, unmonitored forum to trade the exact same information.
The same situation is going on with this CIA jihadist "honey pot". The jihadists are going to use the internet to discuss what they want to discuss. Our government has two choices. They can either facilitate the information exchange and by doing so, tap into it.. or they can attempt to take down the sites where the discussions are taking place. In the former case they gain useful intelligence. In the latter case they end up playing whack-a-mole and are constantly one step behind the bad guys.
The biggest challenge that the government faces in the "War on Terror" (and for the record, I'm against it. However I do realize the inescapability of it at the current time.) is gathering good intelligence. There simply aren't enough American citizens, or people friendly to the American government who have the necessary linguistic skills and social connections to infiltrate "terrorist" networks. Given the lack of human resources necessary to engage "the enemy" with, the government needs to come up with other ways to monitor what is going on. The honey pot that was just taken down was one of those monitoring tools.
Whoever authorized the take down of the site should be stripped of authority and questioned. They obviously aren't playing for the right team.
Think about it. If you're continuously doing updates to your systems it's business as usual. If you have to roll out the latest windows to over 2000 desktops every 10 years that's going to cost you a lot of downtime and productivity loss.
I had to undo a bunch of moderation to chime in here. You're only experiencing down time and "productivity loss" if you don't know what you're doing. It doesn't matter if you're rolling out to 2 desktops or 2000 desktops. You create one image and then push it out. Most people do it over the weekend. Most people wait until they have a stable image before rolling it out.
Now if you have IT guys straight out of college with no real world experience you might run into some problems. But as long as you have a realistic time window for your OS rollout, it is a pretty painless process. If you wanted to get really aggressive and take chances, you could just image the base OS image with hardware drivers and rely on something like Systems Center or even Group Policy (if you're really masochistic and like rolling your own packages) to install all of your apps.
Another reason is that if you got to convert 2000 desktops to the latest OS, a lot of the business apps are probably going to have problems. Constant rolling updates have the some problem however you don't get 10+ apps not working all at the same time
Given your hypothetical "every 10 years" desktop OS refresh, if you can't plan 10 years ahead to get your business apps ready for the OS that you're going to be 'forced' to roll out then you have no business managing systems (Windows or otherwise).
To give you an idea of how I'm moving my users from XP to Win7, right now there are two workstations in the organization running Win7. Between those two workstations are 98% of the applications that the organization uses (the other apps are on Terminal Servers). Most of the apps work, a couple don't. As departments find room in their budgets for new workstations, we roll out Win7 if they aren't using apps with compatability problems. Over the course of the next two years, all of the workstations will be running Win7.
It isn't like I'm going to wake up one morning and decide, "I know... I'll go roll out Win7 today." Like any IT project, there is a process to follow.
I'm surprised that the anti-virus vendors haven't cried foul and run screaming to the FTC over "monopoly" issues. I am using MSE at home and use Symantec Endpoint Protection at work. I appreciate the management functionality that Symantec provides. Their Exchange plug-in works well too. I find that it often times catches malicious files that make it through Postini.
If I hadn't just rolled out the latest version of Symantec onto the network I'd probably strongly consider Forefront. If it is like MSE but with better management and deployment tools, it is probably a decent product. I'd be willing to bet that it probably less expensive than Symantec.
I had consciously relax my eyes during Avatar to watch it. By relaxing I mean taking the wide view and using the peripheral vision. Attempting to force my focus really messed me up too.
Hassle comes down to perception. I torrent and my g/f and friends use my Windows 7 box and I don't have any problems with it. I setup Linux but it was too much of a headache. With Windows 7 and a standard user account, it's pretty hard for your average ignorant user to screw up the computer too badly. As soon as they try to do anything that involves installing software or changing system settings, they are prompted for credentials.
If you're ranting about XP, keep on keeping on. It is a PITA. That meme still works. Hell, even Windows 7 is a hassle because once again Microsoft moved everything around.
It is also hard to manage a department when dealing with substandard employees. What ends up happening is that the department has to work around the substandard employee. They will eventually get terminated after a number of write ups and poor performance reviews but it takes a significant amount of time. Even then the union will go to bat for them and drag out an already long process.
the cost to the state will be more than $55/hour including benefits...
Maybe yes, maybe no. If $30 of that $55 per hour is spent on wages, that comes out to an average of $60,000 a year. That's pretty typical for your average, entry to junior level IT job. At $30 an hour, that leaves $25 per hour for benefits, or $1000 per week / $4000 per month. Looking at it in those terms, $55/hour doesn't seem to be that low of a number.
The fact remains that unionized government employees are paid 10-20% higher then private sector counterparts
Do you have any supporting documentation for that claim? All of the State workers that I know went to work for the state for two reasons. The first is job security. The second is the benefit package. In California state workers make considerably less on an hourly/salary basis than their private sector counterparts.
I think that the "blame the user" analogy is falling apart in the face of reality. A couple of years ago you could blame the user for downloading something stupid and then executing it. These days I see a fair number of legimiate websites that are compromised. The website will be hosting an iFrame exploit or a Javascript exploit, or something similar. The user will get hit by a browser vulnerability that doesn't require any interaction on their part. The good news is that there do not seem to be enough functional zero-day exploits for malware writers to spread them around willie nillie. They are using them in targeted attacks like Aurora. The compromised websites end up hosting older code that is more likely to be recognized by scanners.
Just the other day a friend of mine was telling me about an infection he had to clean up. A guy he was working for does work with hydraulics. That guy had visited a website of a vendor who sells hydraulic products. The website had a Flash video demo that showed off some of the new products. That Flash video was compromised and was exploiting a Flash vulnerability. The end result was the end user ended up with AntiVirus 2010 or whatever the current favorite malware is.
The owner of the business doesn't know crap about web development. He hired a web developer to develop his site. The web developer probably doesn't know crap about hosting content, he just recommended a hosting provider. The hosting provider dropped the ball. The user doesn't have any control over the hosting provider or the web developer, he just wants to buy some hydraulics. His OS (Windows) was secure, but his application (Flash) wasn't. It isn't like he was browsing porn and downloaded JackMeOff.exe.
Doing further research I came across another article that mentioned "testing" of the Aurora botnet had begun around July of last year. The command and control architecture and methods were picked up back then. They weren't anything new. Google announced the breach in January. That's a six month gap between when the initial testing occured and was recognized, and when Google acknowledged they had a problem.
I'm not completely surprised that Google got hit. They might be suffering from some institution hubris and buying into their own marketing about being "the best" at everything. We use Postini as our primary anti-spam mechanism. All in all they do a great job and out perform the in house solution that we were using a couple of years ago. Despite doing well, there are still some virii that slip through their net and get caught by the AV (Symantec) we're running on our Exchange server. When emails slip through the cracks, I use Postini's reporting mechanisms to make them aware of the problem. I have yet to have problems with the same exploit continuing after I make Postini aware of it.
Security has evolved from something that can be handled in house, to something that requires significant dedicated resources. Most organizations can't afford that cost and end up outsourcing it. There are some IT functions that I don't want to give up. Anti-spam and security aren't on the list. Despite my own personal interest in computer security stretching back to the early 1990s, I can't adequately address the constantly changing threatscape in addition to handling the rest of the requirements of my job.
To make a weak car analogy, I can't ever be 100% certain that when I get in my car that I will make it to my destination safely. I know how to operate my vehicle. It is in good shape. I wear my seatbelt. I use my turn signals. I look over my shoulder and check my mirrors when changing lanes. Despite all of that, accidents happen. I've been t-boned before because someone ran a red light. It sucks but it comes with the territory. Computer security is similar. I keep up to date on patches. I have multiple products to address different attack vectors. Some of those products overlap in functionality to provide some sembelance of redundancy. Sooner or later, something will slip through the cracks. I haven't dealt with a compromised server in close to a decade (that includes going back to the Slammer worm, Code Red and all that other mid-decade nonsense that hit most Microsoft shops). I haven't dealt with any compromised workstations on my network(s) for about five years. A lot of that I'm sure has to do with the industries I work with. They aren't huge targets so nobody is crafting exploits specifically for them.
FWIW - I'm not a Websense employee. We just use their products as part of a multi-layered defensive strategy. They had mitigation mechanisms in place a week before Google, Adobe, et al acknowledged that they had been compromised.
Obviously Websense isn't a magic bullet. They wouldn't have prevented the initial infection. All they did was notice the infection after the fact and then worked to contain the spread.
Having an international "smart phone" plan is an expensive idea. I work for a company where my users travel internationally. We are with AT&T and everyone has a Blackberry. The bill for an unlimited data plan, plus international calling / roaming / etc. is often $200-300+ a month (depending on countries visited, amount of long distance voice used, etc.)
Asking for an international smartphone plan that fits a college budget is kind of like asking how to go out into the rain and not get wet.
It's great to know not to use IE if you're supporting yourself and your parents. It's a completely different world when you're supporting an entire organization.
Oh, I see. Remote, 3d accelerated gaming. Color me skeptical. In the business world they are having problems getting 20+ people on 8+ core terminal servers. Those people are only running business apps that while potentially processor intensive while running queries, don't have nearly the overhead that a typical FPS has. I'd like to see some internal documents from the company about how many people they are planning to cram on each server, and what the specs on those servers are. Is there even a decent virtualization solution for 3d video cards?
Slashdot Mirror
What happens when you want to say... paste a spreadsheet into your document?
They'd be paying German programmers if that was important to them. Otherwise they'd outsource it to India like every other large organization. The article mentions that the IT department was somewhere in the neighborhood of 300 employees. Employees are trainable. It doesn't matter if they are running Linux, Windows, Unix or OSX. Their systems required trained administrators.
To all the OSS zealots, where is the cost savings on labor? Where is the meme that it takes more labor resources to manage Windows servers? Is Munich going to downsize their IT department once they're done with their Linux migration? Or are they going to find themselves living in the real world and realize that x number and y number of applications requires z number of staff to support?
I wonder how much of the "cost savings" on software licenses is being consumed by developer hours recreating functionality.
...and then pay in house developers to reproduce all of the functionality that your proprietary system was providing. As the OP said, there is no such thing as a free lunch.
Did you read the article? It mentioned a lot of VBA macros that had to be converted into a similar system that managed templates, automation, etc. In other words, the functionality had to be re-created.
A lot of reliable sources (like the Wall Street Journal) seem to be under the belief that the Chinese aren't going to blink and that they will let Google go. The Journal had an article the other day about a couple Google businesses that will remain in China.
Look at it this way. If a huge foreign company went to the United States government and said, "We don't like your imperialist policies in the Middle East. We're taking our toys and going home. When we do that, your people are going to see you for the imperalist dogs that you are!" Do you think the US government would really give two shits? Why should the Chinese behave any differently? They have one of the largest, untapped markets in the world. The Chinese have one of the highest saving rates in the world. The Chinese have control over their currency in a way that gives them unfair advantage in international trade. To say that they're holding most of the cards would be an understatement.
The only card Google could play would be to pressure the US government to inact trade barriers on Chinese exports (US imports from China). That won't happen. Our country would suffer greatly without access to inexpensive Chinese goods, and the Chinese would suffer from a crash in their manufacturing. On a five year time line, I think the Chinese could foster domestic consumption faster than the United States could rebuild manufacturing in the US, or reallocate it to other markets (Mexico, Vietnam, etc)
Too bad the Chinese have kung fu and a few millenia of practice in martial warfare. Google has... a bunch of nerds in Silicon Valley hyped up on caffeine.
Why would an SD card come anywhere near a PC during the manufacturing process? Aren't they fabricated in large batches, not unlike RAM or CPUs? The only part of the process that I would think might involve a PC would be the formating at the end. Yet it seems like they'd have a dedicated hardware device that formats multiple chips at a time.
I like that acronym. I will be sure to incorporate it into any future rants on the subject.
So really, you and I aren't even going to get into the ballpark on what the numbers really were. Just keep commuting to work, eating junk food, watching televised karaoke, and jacking off in safety while the "professionals" continue to perpetuate history's mess.
Fixed that for you.
You missed one major point. The CIA isn't doing the radicalizing. They are providing a forum for others who are radical to espouse their views. To make a physical world analogy, it would be like the CIA setting up a "Jihadi Mosque" and hiding cameras and microphones in it. Then they open the doors and see who shows up, who they talk to, and what they talk about.
If anything I'd encourage them to expand the program. I'd encourage them to bring in linguists and psychologists and people with backgrounds in developing memes to counter the memes spread by the radicalizers.
As complex as the problem of radical jihad seems, it comes down to basic human interactions. There is a large group of disenfrancised individuals who don't see any way of getting a better life. Someone comes along and promises them and their families a better if they are willing to do X, Y and Z. At the deepest level it isn't much different than the way American schools indoctrinate students into capitalism, the American dream, college, a house, a wife, and two point five kids. The methods are different. One is suicide bombings and AK-47s, the other is debt slavery and consumerism. The underlying meta-message is the same though. "If you do this, our collective society and way of life will be better off."
I'm going to rehash an argument that I used a few months ago when there was a news story about the FBI running a similar operation to monitor and prosecute criminals involved in credit card fraud. In that case, a few people argued that the FBI was aiding the badguys by giving them a forum to swap their k0d3z in. They completely ignored the fact that the bad guys would do it any way. If they weren't using the FBI forum, they'd be using another, unmonitored forum to trade the exact same information.
The same situation is going on with this CIA jihadist "honey pot". The jihadists are going to use the internet to discuss what they want to discuss. Our government has two choices. They can either facilitate the information exchange and by doing so, tap into it.. or they can attempt to take down the sites where the discussions are taking place. In the former case they gain useful intelligence. In the latter case they end up playing whack-a-mole and are constantly one step behind the bad guys.
The biggest challenge that the government faces in the "War on Terror" (and for the record, I'm against it. However I do realize the inescapability of it at the current time.) is gathering good intelligence. There simply aren't enough American citizens, or people friendly to the American government who have the necessary linguistic skills and social connections to infiltrate "terrorist" networks. Given the lack of human resources necessary to engage "the enemy" with, the government needs to come up with other ways to monitor what is going on. The honey pot that was just taken down was one of those monitoring tools.
Whoever authorized the take down of the site should be stripped of authority and questioned. They obviously aren't playing for the right team.
Think about it. If you're continuously doing updates to your systems it's business as usual. If you have to roll out the latest windows to over 2000 desktops every 10 years that's going to cost you a lot of downtime and productivity loss.
I had to undo a bunch of moderation to chime in here. You're only experiencing down time and "productivity loss" if you don't know what you're doing. It doesn't matter if you're rolling out to 2 desktops or 2000 desktops. You create one image and then push it out. Most people do it over the weekend. Most people wait until they have a stable image before rolling it out.
Now if you have IT guys straight out of college with no real world experience you might run into some problems. But as long as you have a realistic time window for your OS rollout, it is a pretty painless process. If you wanted to get really aggressive and take chances, you could just image the base OS image with hardware drivers and rely on something like Systems Center or even Group Policy (if you're really masochistic and like rolling your own packages) to install all of your apps.
Another reason is that if you got to convert 2000 desktops to the latest OS, a lot of the business apps are probably going to have problems. Constant rolling updates have the some problem however you don't get 10+ apps not working all at the same time
Given your hypothetical "every 10 years" desktop OS refresh, if you can't plan 10 years ahead to get your business apps ready for the OS that you're going to be 'forced' to roll out then you have no business managing systems (Windows or otherwise).
To give you an idea of how I'm moving my users from XP to Win7, right now there are two workstations in the organization running Win7. Between those two workstations are 98% of the applications that the organization uses (the other apps are on Terminal Servers). Most of the apps work, a couple don't. As departments find room in their budgets for new workstations, we roll out Win7 if they aren't using apps with compatability problems. Over the course of the next two years, all of the workstations will be running Win7.
It isn't like I'm going to wake up one morning and decide, "I know... I'll go roll out Win7 today." Like any IT project, there is a process to follow.
I'm surprised that the anti-virus vendors haven't cried foul and run screaming to the FTC over "monopoly" issues. I am using MSE at home and use Symantec Endpoint Protection at work. I appreciate the management functionality that Symantec provides. Their Exchange plug-in works well too. I find that it often times catches malicious files that make it through Postini.
If I hadn't just rolled out the latest version of Symantec onto the network I'd probably strongly consider Forefront. If it is like MSE but with better management and deployment tools, it is probably a decent product. I'd be willing to bet that it probably less expensive than Symantec.
I had consciously relax my eyes during Avatar to watch it. By relaxing I mean taking the wide view and using the peripheral vision. Attempting to force my focus really messed me up too.
Hassle comes down to perception. I torrent and my g/f and friends use my Windows 7 box and I don't have any problems with it. I setup Linux but it was too much of a headache. With Windows 7 and a standard user account, it's pretty hard for your average ignorant user to screw up the computer too badly. As soon as they try to do anything that involves installing software or changing system settings, they are prompted for credentials.
If you're ranting about XP, keep on keeping on. It is a PITA. That meme still works. Hell, even Windows 7 is a hassle because once again Microsoft moved everything around.
It is also hard to manage a department when dealing with substandard employees. What ends up happening is that the department has to work around the substandard employee. They will eventually get terminated after a number of write ups and poor performance reviews but it takes a significant amount of time. Even then the union will go to bat for them and drag out an already long process.
the cost to the state will be more than $55/hour including benefits...
Maybe yes, maybe no. If $30 of that $55 per hour is spent on wages, that comes out to an average of $60,000 a year. That's pretty typical for your average, entry to junior level IT job. At $30 an hour, that leaves $25 per hour for benefits, or $1000 per week / $4000 per month. Looking at it in those terms, $55/hour doesn't seem to be that low of a number.
The fact remains that unionized government employees are paid 10-20% higher then private sector counterparts
Do you have any supporting documentation for that claim? All of the State workers that I know went to work for the state for two reasons. The first is job security. The second is the benefit package. In California state workers make considerably less on an hourly/salary basis than their private sector counterparts.
I think that the "blame the user" analogy is falling apart in the face of reality. A couple of years ago you could blame the user for downloading something stupid and then executing it. These days I see a fair number of legimiate websites that are compromised. The website will be hosting an iFrame exploit or a Javascript exploit, or something similar. The user will get hit by a browser vulnerability that doesn't require any interaction on their part. The good news is that there do not seem to be enough functional zero-day exploits for malware writers to spread them around willie nillie. They are using them in targeted attacks like Aurora. The compromised websites end up hosting older code that is more likely to be recognized by scanners.
Just the other day a friend of mine was telling me about an infection he had to clean up. A guy he was working for does work with hydraulics. That guy had visited a website of a vendor who sells hydraulic products. The website had a Flash video demo that showed off some of the new products. That Flash video was compromised and was exploiting a Flash vulnerability. The end result was the end user ended up with AntiVirus 2010 or whatever the current favorite malware is.
The owner of the business doesn't know crap about web development. He hired a web developer to develop his site. The web developer probably doesn't know crap about hosting content, he just recommended a hosting provider. The hosting provider dropped the ball. The user doesn't have any control over the hosting provider or the web developer, he just wants to buy some hydraulics. His OS (Windows) was secure, but his application (Flash) wasn't. It isn't like he was browsing porn and downloaded JackMeOff.exe.
Doing further research I came across another article that mentioned "testing" of the Aurora botnet had begun around July of last year. The command and control architecture and methods were picked up back then. They weren't anything new. Google announced the breach in January. That's a six month gap between when the initial testing occured and was recognized, and when Google acknowledged they had a problem.
http://www.zdnetasia.com/news/security/0,39044215,62061573,00.htm
I'm not completely surprised that Google got hit. They might be suffering from some institution hubris and buying into their own marketing about being "the best" at everything. We use Postini as our primary anti-spam mechanism. All in all they do a great job and out perform the in house solution that we were using a couple of years ago. Despite doing well, there are still some virii that slip through their net and get caught by the AV (Symantec) we're running on our Exchange server. When emails slip through the cracks, I use Postini's reporting mechanisms to make them aware of the problem. I have yet to have problems with the same exploit continuing after I make Postini aware of it.
Security has evolved from something that can be handled in house, to something that requires significant dedicated resources. Most organizations can't afford that cost and end up outsourcing it. There are some IT functions that I don't want to give up. Anti-spam and security aren't on the list. Despite my own personal interest in computer security stretching back to the early 1990s, I can't adequately address the constantly changing threatscape in addition to handling the rest of the requirements of my job.
To make a weak car analogy, I can't ever be 100% certain that when I get in my car that I will make it to my destination safely. I know how to operate my vehicle. It is in good shape. I wear my seatbelt. I use my turn signals. I look over my shoulder and check my mirrors when changing lanes. Despite all of that, accidents happen. I've been t-boned before because someone ran a red light. It sucks but it comes with the territory. Computer security is similar. I keep up to date on patches. I have multiple products to address different attack vectors. Some of those products overlap in functionality to provide some sembelance of redundancy. Sooner or later, something will slip through the cracks. I haven't dealt with a compromised server in close to a decade (that includes going back to the Slammer worm, Code Red and all that other mid-decade nonsense that hit most Microsoft shops). I haven't dealt with any compromised workstations on my network(s) for about five years. A lot of that I'm sure has to do with the industries I work with. They aren't huge targets so nobody is crafting exploits specifically for them.
It didn't go completely undetected.
http://community.websense.com/blogs/websense-features/archive/2010/01/21/security-bulletin-aurora-internet-explorer-zero-day-attack.aspx
FWIW - I'm not a Websense employee. We just use their products as part of a multi-layered defensive strategy. They had mitigation mechanisms in place a week before Google, Adobe, et al acknowledged that they had been compromised.
Obviously Websense isn't a magic bullet. They wouldn't have prevented the initial infection. All they did was notice the infection after the fact and then worked to contain the spread.
Having an international "smart phone" plan is an expensive idea. I work for a company where my users travel internationally. We are with AT&T and everyone has a Blackberry. The bill for an unlimited data plan, plus international calling / roaming / etc. is often $200-300+ a month (depending on countries visited, amount of long distance voice used, etc.)
Asking for an international smartphone plan that fits a college budget is kind of like asking how to go out into the rain and not get wet.
What organization do you support? What apps are your users using? When was the last time an IE exploit caused problems for your organization?
It's really easy to throw around the word "should". What's the reality of your day to day situation?
It's great to know not to use IE if you're supporting yourself and your parents. It's a completely different world when you're supporting an entire organization.
Oh, I see. Remote, 3d accelerated gaming. Color me skeptical. In the business world they are having problems getting 20+ people on 8+ core terminal servers. Those people are only running business apps that while potentially processor intensive while running queries, don't have nearly the overhead that a typical FPS has. I'd like to see some internal documents from the company about how many people they are planning to cram on each server, and what the specs on those servers are. Is there even a decent virtualization solution for 3d video cards?
I'm probably missing something here, but why would I want to pay $15 for the privledge of buying software from OnLive?