You seem to be assuming that it's not possible to just successfully implement a new financial system for a large public organisation without then needing to perform _any_ kind of investigation.
Oh right. I'll get my coat.
15 publicly visible posts • joined 24 Jan 2013
Bad guess. The README (which has now been updated) explicltly told users to run the command "pip install $WRONG_PACKAGE". FWIW it looks like the reason for installing the $WRONG_PACKAGE was just to facilitate downloading some data files, and this has now been replaced with a simple "git clone" command.
The Google-provided analytics.js that is downloaded with this story (along with pretty much every webpage we all visit...) is 52kB, so over twice as big as Elite. I know which of those two products I think has brought more value to the world.
(yes I know my browser probably caches analytics.js and doesn't redownload it on every page I browse to, but that's not the point)
The comment about email addresses is not strictly true. The domain part (after the @) is case-insensitive, but the local part (before the @) "MUST be interpreted and assigned semantics only by the host specified in the domain part of the address" (RFC 5321). Whilst in practice many mail servers will handle the local part in a case-insensitive manner, one shouldn't rely on that behaviour.
"the core College IT systems and data and file storage were backed up on a different location of the same storage unit"
I'm sorry, but whatever organisational problems might also have been at play in the sorry episode, any sysadmin who thinks that copying data to the "same storage unit" can in any way count as a backup is incompetent.
One just has to register for distribution rights, once, for free. Took me about 2 minutes to fill in the form and get an automatic response. Yes, it's mildly annoying that they're taking away the old enterprise download links, but it's not difficult to use the replacement - I've been doing so for months.
I haven't done a full comparison of the available features, but the "send email when there's a new tweet" thing sounds awfully like what one can already do (totally for free) on ifttt.com ("If this, then that"). That site also has a great many recipes that others have already written if one wants to copy something to get started.
The statement "probability of data loss to 1 in over 2 million years when properly monitored and maintained" sounds rather fishy to me. What are the chances that they've taken "failure rate for a single disk" and just multiplied that up N times, assuming that all failures are independent? Even if you declare lightning strikes and earthquakes as outside the calculation, disks that are hosted in the same environment, and which were probably all made in the same production run, don't have independent failure rates.
So the article says that this technique doesn't work on keypads with metal keys. Well fair enough, but I've used a far lower-tech solution to bypass keypads (er, obviously, only to get in to areas where I *should* have had access but didn't have the code to hand...). Just look for the keys that have the slightly greasy residue from people's fingers - far easier, cheaper and lower-tech than thermal imaging cameras!
I agree that sysadmins should remember to include VoIP in their assessment of network security etc. However, I'm afraid I'm always going to be sceptical of a company-produced "study" which essentially ends in an advert where they tell you that the same company just so happens to sell a product which can help solve $problem_covered_in_report
I would be rather surprised if Dell were actually paying someone to sit for 10 minutes in front of a computer and hit "next". For the Windows machines I look after, I tick a box, and Firefox will automatically install on a computer of my choice. And for the case of the Dell website, the customer has already ticked the box for them!