Posts by myxiplx

Gaaah, glossy screens

The photo on the last page sums up why I would never buy one of these laptops. What is with the manufacturers current obsession in using screens that are absolutely unworkable in daily use?

Viral marketing anybody?

Genius idea, that's the coolest calculator I've ever seen :-)

Just don't get it upside down

I wonder if the second version was developed after just such a mistake. Ouch!

VMware works like this

I don't see the problem if you're selling servers this way - VMware reports overall CPU speed as the sum of all cores, so advertising in this way is ideal if you're selling to that market.

MS + Virtualisation = Fail

A while ago I created a table comparing the different MS licences for Windows Server for use when we virtualised our network.

Despite their support for virtualisation in their licences, it wasn't the enterprise or datacenter edition that worked out best. The artificial restrictions included with the licences, combined with the extreme price of the datacenter edition meant that the standard version worked out both cheaper and more flexible.

The enterprise edition looked great on paper, until you realised that that five licences included have to be run on the same piece of hardware. And that means can't live migrate or load balance the enterprise edition (you're in breach of the licence as soon as you move one server on its own).

So ironically you have to buy the standard edition if you want to use enterprise level virtualisation features.

Well and truly buggered

Just to update you all on this, I finally received the reply from my other half over the weekend... an email she sent at 10am on the 25th arrived to gmail at 9:45pm on the 29th.

That's four and a half days to deliver outbound email.

"briefly delayed" eh?

under 50, I wish

We've got just over 100 desktops, but over 117 applications. And that's without counting the various free utilities we have scattered around the place, nor the software running on the servers.

If I were to audit the lot, I reckon there's easily 150 separate applications in regular use here. Hell, even ignoring firewall software, there are already 6 just for email:

Exchange Server

Blackberry Server

Mimesweeper anti-spam appliance

GFI Mail Essentials

Outlook XP

Outlook 2003

... and that's not even counting the fact that one of our directors just bought a windows mobile phone, so we now need the management tools for that.

All I can say is thank god for group policy.

Citrix XenClient anybody?

Sounds just like it, take a look here:

http://www.citrix.com/English/ps2/products/feature.asp?contentID=1685500

and here

http://community.citrix.com/display/xd/Independence

One standard corporate image, streamed down to laptops. Citrix ensures it's fully encrypted on the client side, so there are no concerns if a laptop is lost or stolen, and you get to run two virtual machines on each laptop. So you can have a secure corporate setup, and another version for home use.

I'm with Sophos on this one

To copy the comment I just pasted on the MS site:

Basically, if we upgrade from XP to Vista, we can't do a straight upgrade, we also need to buy MED-V, which comes as part of MDOP, and learn how to use that to configure two sets of windows, with two sets of security updates, and two sets of anti-virus.

I'm sorry, but even with MDOP I can see where Sophos are coming from - that sounds like an admin nightmare, and a huge amount of work. Also, while I've only had a quick browse, I can't find any details on how to buy MDOP yet, and I have a sneaking suspicion it isn't going to be free.

The bigger problem is that Microsoft have marketed the XP mode as being a great solution. What's been gloseed over is the fact that this hidden virtual PC is going to be full of vulnerabilities unless secured. Most users are just going to run programs, they are going to have no idea that they have a virtual machine running in the background.

Those hidden, unpatched virtual machines are going to be seen as low hanging fruit by the malware guys. Unless Vista defaults to automatically patching them, with the Vista security center warning if the Virtual machine has no AV or needs security patches, then yes, this is going to be a concern.

Doesn't solve the problem

The thing is, closing these guys down, or even causing them problems doesn't solve the problem. In fact, the way they were doing business makes them sound like one of the most reputable companies out there.

If your mobile number is on their list, then your number is already out there and being offered for sale by data collection agencies.

The real problem is that anybody can collect your number and sell it on, and you have absolutely zero control over who is or is not allowed to buy and use that to contact you. Do not call lists are absolutely no use unless advertisers choose to abide by the rules, and with no easy way to identify offenders, it's very hard to punish the crooks out there.

What is really needed is an official do not call list, and for the phone companies to create a quick and easy way to log offending calls.

If I'm ex-directory and on the 'do not call' list, it should be a few seconds work from my mobile phone to report the last call as an illegal unsolicited call. The phone companies have all the information on where the call comes from, so should be in a position to immediately inform the relevant authorities. Any volume of complaints against any one company should result in a freezing of their account while the matter is looked into, with large fines if necessary.

Christ, no way I'm using Orange

If their IT guys don't even have the sense to lock down the call center machines (which are about as standardised as you can get), nor to update them beyond IE6.

If the users have enough internet access and privileges to download and install Firefox, just think how many viruses and keyloggers are on that network, harvesting all of our details.

$30? And the rest...

I'd love to buy the full commercial version... if Sun would just let me.

I'm using the open source edition at the moment, but would jump at the chance to buy the full version if I could. However, if you look at Sun's licencing page, while they do offer a $30 version, that's for a minimum quantity of 50.

I want 2-3 licences max, and while I would gladly pay $90 for them there's no way on earth I'm paying $1,500.

Trusting the users

Any fool knows that as soon as you give users the *option* to turn things off they will. If you're in charge of encrypting your corporate laptops, turn on full disk encryption and ensure that it's done in such a way that the user has no way to disable it.

@jrb - why now?

I see it as google enjoying a laugh at Microsofts expense. MS have been very public in the amount of money they are throwing at online services, and are aggressively targetting google.

What google have done is let them quietly dig away, and then just as Microsoft announce their massive achievement, google have poitned out to the world just how big a hole Microsoft have dug for themselves. Google's approach is fundamentally more efficient and scalable, and it means Microsoft for the foreseeable future are going to have to spend a lot more money than google to provide equivalent services.

Genius move by google, MS are going to be spitting feathers over this and it's going to take them years to catch up, by which time I'm sure google will have moved the goalposts again.

Bloody good idea

Taken to the extreme, you don't want even a plain card for this - after all, you don't know what information is being requested any more.

What you want is a touch screen device (like a mobile phone) that you can register as being your own, with a security 'PIN' that's required for any kind of proof of identity.

Any request would follow these basic steps:

- You identify yourself to the service provider (cash machine, shop, doorman, etc), by showing your phone (integrated RFID would do this wirelessly)

- They request the information needed

- On your screen you get a summary of the information they're asking for (age, home address, etc), and get to choose which parts they are allowed

- Your phone asks you to enter your pin to confirm the transaction

Simple, secure, and you remain in control of your data at all times.

In addition, the database should be distributed. No one location should hold all the data (enforcing separation by birth city may be sensible), and you should be able to move your records between providers at will.

The parties storing the data should not be able to read it, but I don't know enough about encryption to know whether it's possible to use a combination of keys from yourself and the person requesting your details to allow the transmission in this form.

By designing it as a distributed system like this, it can also be tested in small numbers before billions are wasted on a flawed implementation.

Uses Live? Count me out

Sorry, but I'm not a fan of any service that wipes your account after 90 days.

... oh, and that includes corporate account for tracking your software licence purchases of rather large amounts of Windows and Office. MS insist it has to be linked to a Live ID, then wipe the lot because we're not using it enough.

£200 to read on holiday

With the amount Ryanair charge for excess baggage, that sounds like a bargain to me!

I wish that fella *was* Ted

... at least then I'd know he's not going to be posting drivel to El Reg for too much longer.

John Ozimek wrote a far better article yesterday explaining exactly why Wolfram Alpha is different, and how it needs a different approach to searching. Maybe you should speak to him Ted, to learn a bit about what you writing about before you start spouting off?

http://www.theregister.co.uk/2009/05/18/wolfram_alpha/

LeMans??

Who gives a shit about LeMans. Want one. Now!

Incompetent.

How can a government that admits over 80% of it's systems have been infected by viruses make any claims as to security?

One virus is enough to give third party access to this database, and if they really are providing remote access, then the security is an absolute joke.

But we want a search monopoly... *waaaah*

Are Microsoft seriously trying to say to the EU that the reason they should be allowed to keep a browser monopoly is because they have plans to use that to create a search monopoly?

Isn't that kind of behavior what got them in this mess in the first place?

Lagged on not de-activating?

Are we talking about the same company here? This is the company who insisted we create a live account in order for our company to track our corporate licence counts for office, exchange, sql, etc, and who promptly de-activated the account and erased all the online records for our licence tracking 90 days later.

When we came to add more licences the next year Microsoft just didn't want to know. They didn't see why we had a problem with their corporate licencing service wiping out all online records if you don't log in every 90 days. They couldn't even understand our frustration at the fact that we could re-activate the account, but that they had no way of re-attaching the licence records to it, they just assumed we would happily re-register all the certificates from the originals in the safe...

Clueless, absolutely clueless.

But do the numbers work?

It's all well and good saying these tweaks save admins time and money, but when you mention 1500 workstations at $120 a pop, that's $180,000. I hope there's a lot more under the hood, because exchange and open office integration isn't exactly difficult.

As a linux newbie, it took me a couple of hours to get exchange email working with Ubuntu, and under an hour to get full blown outlook installed and running under Wine. Considering the Outlook license is free if you have Exchange, why would I want to use Evolution?

Still Microsoft's problem

It's still Microsoft's problem though - they've insist on allowing users and applications to run with admin rights for years, and are now feeling the repercussions of this stupidity.

And they still have this assumption that applications running in windows are trusted and can do anything they like. Pretty much the only defense is that they ask the user to say whether it's ok for programs to run before they're installed.

They're going to need to design the OS so that individual applications are sandboxed, and so that the OS doesn't trust applications by default. I've been suggesting signed applications, with programs only able to modify their own files for years, because trusting random programs downloaded from the internet has always seemed a bit dubious.

Oh, and they might want to take a leaf out of Linux's book and create an application repository so it's possible for users to easily update all their applications at once.

VMware cheaper? Riiiiight

So, if you artificially limit yourself to 16GB of memory, VMware can perform better, and they're using that to justify the cost with memory prices how they are today?

Tell you what, go spend £600 on an extra 32GB of memory and run that test again VMware, then I might be interested.

Sounds good to me

Why on earth is this portrayed as a negative move? Of course google are going to include advertising in their services - it's how they're funded.

Am I happy with an easy to use, free photo publishing tool, that's cross platform and lets me easily face tag, geo tag, and share my photos. You bet I am.

Do I mind google showing a few adverts to pay for that? Are you kidding? It's a damn site better than me paying for it out of my own pocket.

I agree, absolute nonsense

I mean, even after you ignore the spelling mistakes that litter the article, it's talking complete garbage. Web 2.0 died? Somebody had better tell Facebook quick! Web apps aren't compelling? Yes they are, and they're widely used for a whole bunch of stuff. They might not be ideal for corporate use, but that's a whole other ball game.

And as for Google harping on about Moore's law to justify their business. Say what? I don't remember google having to justify anything. Ever. They made a damn good search engine, are happily making billions off it, and now have a whole host of other software available on their website too.

And their 'arrogant' approach? Not one I've seen personally, and with the amount of money they're making, I think I'd just call it 'confidence'.

The whole article smells of sour grapes to me.

just solve the sodding crashing

Much as I love firefox, and it's ability to recover my session, I really wish it wouldn't crash all the time. Yes, IE crashes occasionally, but firefox does so much more regularly.

Any bugfix I see that fixes some kind of crashing issue is going straight on!

AppLocker - great, but 3 years late and half baked

I think I remember SysInternals releasing Windows Protection Manager a few years ago, that did everything AppLocker does, and then some (automatic program detection, instant approval process), and did it all for Windows XP.

Unfortunately, Microsoft bought the company and buried the product.

And now they have the cheek to expect me to upgrade my OS to get a half baked implementation of a product I could have bought three years ago?

Windows 7 does look interesting enough for us to have a look at, but Microsoft have a long way to go before they repair the damage done to their reputation over the last few years. Unless this is very, very good, they're still not likely to get any sales from this company.

Err... it's a *development* platform

I really don't see the issue with selling a development platform that can only be used for developing your own apps on.

Unless google have marketed this as a fully functional android phone that you can *also* use for development, I don't really see the issue with $400 spent on a device dedicated to one purpose.

And it sounds like this restriction has a sound basis too, it's not an arbitrary ban, so you could do with loosing the sensationalist headline.

March 11th?

And later for older versions?

Gee, thanks Adobe, it's not like we weren't pissed off enough that we can't run Acrobat 9 already:

http://www.adobe.com/go/kb404597

Yup, a major bug that *completely* stops Acrobat 9 from being usable on *any* computer in our network, and Adobe have been sitting on it for FOUR MONTHS.

That'll be PDF's blocked at the firewall then.

easy to fix

And once again, there's a security alert from Micrsooft where the workaround for both items is "Disable scripting and ActiveX".

Since we disable both of those by default for the vast majority of sites, we can safely ignore these alerts. We actively filter office documents too, so that attack vector is also blocked.

Yes, Microsoft were incredibly dumb adding all this remote scripting into IE (and don't get me started about them then 'integrating' it into the operating system), but the fact remains that there are tools available to disable this technology too.

To be honest, while I love Firefox, after looking into it over the last few weeks, I actually prefer IE now. Group Policy enforced Security Zones offer us the same protection as NoScript, with the added benefit that users can't change the security settings on their own machines. If a script is going to run from any website here, it's going to be one that IT have explicitly authorised.

Now, if Mozilla had a corporate version of firefox that we could rollout, with a way to enforce the add-ons users can use, we'd move to firefox in a shot.

Unfortunately that's not possible, so right now, IE is the more secure system.

Interesting

Very, very interesting.

If you think about this along with all the other consolidation that's going on, it's almost redefining computers. You've got proposals knocking about these days for shared power supplies in datacenters, shared storage already exists, and virtualization (shared processors) is massive. This however is a whole new level, it's shared i/o, and potentially could apply to pretty much everything else.

If this takes off, each server can potentially be reduced to just processor, memory and motherboard. Absolutely everything else can be centrally provided and shared as needed. Each rack or server room becomes its own little mainframe / blade system.

It's also interesting when you think how well this could work with virtualization. The concept of mapping PCI-e to virtual machines has already been raised. Personally I think PCI-e mapping could be an easy way to provide high performance graphics to virtual machines. If shared PCI-e arrives and shared graphics cards (such as Nvidia's range) take off, there are potentially even higher gains to be had.

So if you think about it, we now have efficiency gains either in place or being talked about for:

- Shared CPU+ram (virtualisation)

- Shared storage

- Shared power supplies

- Shared networking

- Shared graphics

Combine all of those, and you can fine tune every aspect of your companies IT assets, precisely matching your hardware to your requirements. And you can do this while increasing performance since everything is connected in your server room using a local high speed interconnect.

Wow.