Gaaah, glossy screens
The photo on the last page sums up why I would never buy one of these laptops. What is with the manufacturers current obsession in using screens that are absolutely unworkable in daily use?
89 posts • joined 18 Apr 2006
A while ago I created a table comparing the different MS licences for Windows Server for use when we virtualised our network.
Despite their support for virtualisation in their licences, it wasn't the enterprise or datacenter edition that worked out best. The artificial restrictions included with the licences, combined with the extreme price of the datacenter edition meant that the standard version worked out both cheaper and more flexible.
The enterprise edition looked great on paper, until you realised that that five licences included have to be run on the same piece of hardware. And that means can't live migrate or load balance the enterprise edition (you're in breach of the licence as soon as you move one server on its own).
So ironically you have to buy the standard edition if you want to use enterprise level virtualisation features.
We've got just over 100 desktops, but over 117 applications. And that's without counting the various free utilities we have scattered around the place, nor the software running on the servers.
If I were to audit the lot, I reckon there's easily 150 separate applications in regular use here. Hell, even ignoring firewall software, there are already 6 just for email:
Mimesweeper anti-spam appliance
GFI Mail Essentials
... and that's not even counting the fact that one of our directors just bought a windows mobile phone, so we now need the management tools for that.
All I can say is thank god for group policy.
Sounds just like it, take a look here:
One standard corporate image, streamed down to laptops. Citrix ensures it's fully encrypted on the client side, so there are no concerns if a laptop is lost or stolen, and you get to run two virtual machines on each laptop. So you can have a secure corporate setup, and another version for home use.
To copy the comment I just pasted on the MS site:
Basically, if we upgrade from XP to Vista, we can't do a straight upgrade, we also need to buy MED-V, which comes as part of MDOP, and learn how to use that to configure two sets of windows, with two sets of security updates, and two sets of anti-virus.
I'm sorry, but even with MDOP I can see where Sophos are coming from - that sounds like an admin nightmare, and a huge amount of work. Also, while I've only had a quick browse, I can't find any details on how to buy MDOP yet, and I have a sneaking suspicion it isn't going to be free.
The bigger problem is that Microsoft have marketed the XP mode as being a great solution. What's been gloseed over is the fact that this hidden virtual PC is going to be full of vulnerabilities unless secured. Most users are just going to run programs, they are going to have no idea that they have a virtual machine running in the background.
Those hidden, unpatched virtual machines are going to be seen as low hanging fruit by the malware guys. Unless Vista defaults to automatically patching them, with the Vista security center warning if the Virtual machine has no AV or needs security patches, then yes, this is going to be a concern.
The thing is, closing these guys down, or even causing them problems doesn't solve the problem. In fact, the way they were doing business makes them sound like one of the most reputable companies out there.
If your mobile number is on their list, then your number is already out there and being offered for sale by data collection agencies.
The real problem is that anybody can collect your number and sell it on, and you have absolutely zero control over who is or is not allowed to buy and use that to contact you. Do not call lists are absolutely no use unless advertisers choose to abide by the rules, and with no easy way to identify offenders, it's very hard to punish the crooks out there.
What is really needed is an official do not call list, and for the phone companies to create a quick and easy way to log offending calls.
If I'm ex-directory and on the 'do not call' list, it should be a few seconds work from my mobile phone to report the last call as an illegal unsolicited call. The phone companies have all the information on where the call comes from, so should be in a position to immediately inform the relevant authorities. Any volume of complaints against any one company should result in a freezing of their account while the matter is looked into, with large fines if necessary.
If their IT guys don't even have the sense to lock down the call center machines (which are about as standardised as you can get), nor to update them beyond IE6.
If the users have enough internet access and privileges to download and install Firefox, just think how many viruses and keyloggers are on that network, harvesting all of our details.
I'd love to buy the full commercial version... if Sun would just let me.
I'm using the open source edition at the moment, but would jump at the chance to buy the full version if I could. However, if you look at Sun's licencing page, while they do offer a $30 version, that's for a minimum quantity of 50.
I want 2-3 licences max, and while I would gladly pay $90 for them there's no way on earth I'm paying $1,500.
I see it as google enjoying a laugh at Microsofts expense. MS have been very public in the amount of money they are throwing at online services, and are aggressively targetting google.
What google have done is let them quietly dig away, and then just as Microsoft announce their massive achievement, google have poitned out to the world just how big a hole Microsoft have dug for themselves. Google's approach is fundamentally more efficient and scalable, and it means Microsoft for the foreseeable future are going to have to spend a lot more money than google to provide equivalent services.
Genius move by google, MS are going to be spitting feathers over this and it's going to take them years to catch up, by which time I'm sure google will have moved the goalposts again.
Taken to the extreme, you don't want even a plain card for this - after all, you don't know what information is being requested any more.
What you want is a touch screen device (like a mobile phone) that you can register as being your own, with a security 'PIN' that's required for any kind of proof of identity.
Any request would follow these basic steps:
- You identify yourself to the service provider (cash machine, shop, doorman, etc), by showing your phone (integrated RFID would do this wirelessly)
- They request the information needed
- On your screen you get a summary of the information they're asking for (age, home address, etc), and get to choose which parts they are allowed
- Your phone asks you to enter your pin to confirm the transaction
Simple, secure, and you remain in control of your data at all times.
In addition, the database should be distributed. No one location should hold all the data (enforcing separation by birth city may be sensible), and you should be able to move your records between providers at will.
The parties storing the data should not be able to read it, but I don't know enough about encryption to know whether it's possible to use a combination of keys from yourself and the person requesting your details to allow the transmission in this form.
By designing it as a distributed system like this, it can also be tested in small numbers before billions are wasted on a flawed implementation.
Sorry, but I'm not a fan of any service that wipes your account after 90 days.
... oh, and that includes corporate account for tracking your software licence purchases of rather large amounts of Windows and Office. MS insist it has to be linked to a Live ID, then wipe the lot because we're not using it enough.
... at least then I'd know he's not going to be posting drivel to El Reg for too much longer.
John Ozimek wrote a far better article yesterday explaining exactly why Wolfram Alpha is different, and how it needs a different approach to searching. Maybe you should speak to him Ted, to learn a bit about what you writing about before you start spouting off?
Are Microsoft seriously trying to say to the EU that the reason they should be allowed to keep a browser monopoly is because they have plans to use that to create a search monopoly?
Isn't that kind of behavior what got them in this mess in the first place?
Are we talking about the same company here? This is the company who insisted we create a live account in order for our company to track our corporate licence counts for office, exchange, sql, etc, and who promptly de-activated the account and erased all the online records for our licence tracking 90 days later.
When we came to add more licences the next year Microsoft just didn't want to know. They didn't see why we had a problem with their corporate licencing service wiping out all online records if you don't log in every 90 days. They couldn't even understand our frustration at the fact that we could re-activate the account, but that they had no way of re-attaching the licence records to it, they just assumed we would happily re-register all the certificates from the originals in the safe...
Clueless, absolutely clueless.
It's all well and good saying these tweaks save admins time and money, but when you mention 1500 workstations at $120 a pop, that's $180,000. I hope there's a lot more under the hood, because exchange and open office integration isn't exactly difficult.
As a linux newbie, it took me a couple of hours to get exchange email working with Ubuntu, and under an hour to get full blown outlook installed and running under Wine. Considering the Outlook license is free if you have Exchange, why would I want to use Evolution?
It's still Microsoft's problem though - they've insist on allowing users and applications to run with admin rights for years, and are now feeling the repercussions of this stupidity.
And they still have this assumption that applications running in windows are trusted and can do anything they like. Pretty much the only defense is that they ask the user to say whether it's ok for programs to run before they're installed.
They're going to need to design the OS so that individual applications are sandboxed, and so that the OS doesn't trust applications by default. I've been suggesting signed applications, with programs only able to modify their own files for years, because trusting random programs downloaded from the internet has always seemed a bit dubious.
Oh, and they might want to take a leaf out of Linux's book and create an application repository so it's possible for users to easily update all their applications at once.
So, if you artificially limit yourself to 16GB of memory, VMware can perform better, and they're using that to justify the cost with memory prices how they are today?
Tell you what, go spend £600 on an extra 32GB of memory and run that test again VMware, then I might be interested.
Would it not seem simpler to modify the suits they wear to provide a certain amount of resistance to movement? Either with elastic around the joints, or with some mechanism to stiffen joints? That way they can be exercising muscles all day long, with every action they take, instead of just for a short period on the treadmill.
Wouldn't an elastic strap running from your hips / shoulders down to your feet do a decent job of simulating the forces you would feel on your legs when standing up?
Why on earth is this portrayed as a negative move? Of course google are going to include advertising in their services - it's how they're funded.
Am I happy with an easy to use, free photo publishing tool, that's cross platform and lets me easily face tag, geo tag, and share my photos. You bet I am.
Do I mind google showing a few adverts to pay for that? Are you kidding? It's a damn site better than me paying for it out of my own pocket.
I mean, even after you ignore the spelling mistakes that litter the article, it's talking complete garbage. Web 2.0 died? Somebody had better tell Facebook quick! Web apps aren't compelling? Yes they are, and they're widely used for a whole bunch of stuff. They might not be ideal for corporate use, but that's a whole other ball game.
And as for Google harping on about Moore's law to justify their business. Say what? I don't remember google having to justify anything. Ever. They made a damn good search engine, are happily making billions off it, and now have a whole host of other software available on their website too.
And their 'arrogant' approach? Not one I've seen personally, and with the amount of money they're making, I think I'd just call it 'confidence'.
The whole article smells of sour grapes to me.
I think I remember SysInternals releasing Windows Protection Manager a few years ago, that did everything AppLocker does, and then some (automatic program detection, instant approval process), and did it all for Windows XP.
Unfortunately, Microsoft bought the company and buried the product.
And now they have the cheek to expect me to upgrade my OS to get a half baked implementation of a product I could have bought three years ago?
Windows 7 does look interesting enough for us to have a look at, but Microsoft have a long way to go before they repair the damage done to their reputation over the last few years. Unless this is very, very good, they're still not likely to get any sales from this company.
The article says the two arrays form a high availability cluster, but then later on say that it can only fail over if the storage controller stays running.
So is it clustered or not? Do you actually have a HA cluster of two storage controllers here, or do you just have a remote mirroring & failover solution that still has a single point of failure?
'contactless' You mean like good old mag stripes used to be?
Chip n Pin might have sounded great on paper, but whichever pillock thought a technology that relied on regular physical contact between the device and the reader would work in commercial environments wants shooting.
Time after time after time, chip & pin cards or readers fail to read because the contacts are worn or dirty. Every retailer I speak to says they are far less reliable than mag swipe cards used to be.
I really don't see the issue with selling a development platform that can only be used for developing your own apps on.
Unless google have marketed this as a fully functional android phone that you can *also* use for development, I don't really see the issue with $400 spent on a device dedicated to one purpose.
And it sounds like this restriction has a sound basis too, it's not an arbitrary ban, so you could do with loosing the sensationalist headline.
And later for older versions?
Gee, thanks Adobe, it's not like we weren't pissed off enough that we can't run Acrobat 9 already:
Yup, a major bug that *completely* stops Acrobat 9 from being usable on *any* computer in our network, and Adobe have been sitting on it for FOUR MONTHS.
That'll be PDF's blocked at the firewall then.
And once again, there's a security alert from Micrsooft where the workaround for both items is "Disable scripting and ActiveX".
Since we disable both of those by default for the vast majority of sites, we can safely ignore these alerts. We actively filter office documents too, so that attack vector is also blocked.
Yes, Microsoft were incredibly dumb adding all this remote scripting into IE (and don't get me started about them then 'integrating' it into the operating system), but the fact remains that there are tools available to disable this technology too.
To be honest, while I love Firefox, after looking into it over the last few weeks, I actually prefer IE now. Group Policy enforced Security Zones offer us the same protection as NoScript, with the added benefit that users can't change the security settings on their own machines. If a script is going to run from any website here, it's going to be one that IT have explicitly authorised.
Now, if Mozilla had a corporate version of firefox that we could rollout, with a way to enforce the add-ons users can use, we'd move to firefox in a shot.
Unfortunately that's not possible, so right now, IE is the more secure system.
I'll have to agree with Nick Gibbins - the Busy Bees website is by far and away the most badly crafted site I have seen in the fourteen years I've been browsing the web.
I'm an IT professional and quite simply gave up on ever getting their site to work on my home computer. Every single person I know at work who's had to use the site had fought to get it working.
It seems that rather than create a standard secure website, some bright spark figured it would be easier to create a citrix account for every single user, and expect people to manage to traverse the obstacle course of permissions, activex controls and downloads to get the site working properly.
Even when you do have it working, it seems it was never tested on multiple monitors, so you wind up with an application forcibly taking over both screens, with a log in box split across the pair of them.
They've been promising a new version ever since we started using it, and considering our little girl is 2 now, it's been a while...
How this piece of crap wound up as the default voucher scheme around here I'll never know.
Very, very interesting.
If you think about this along with all the other consolidation that's going on, it's almost redefining computers. You've got proposals knocking about these days for shared power supplies in datacenters, shared storage already exists, and virtualization (shared processors) is massive. This however is a whole new level, it's shared i/o, and potentially could apply to pretty much everything else.
If this takes off, each server can potentially be reduced to just processor, memory and motherboard. Absolutely everything else can be centrally provided and shared as needed. Each rack or server room becomes its own little mainframe / blade system.
It's also interesting when you think how well this could work with virtualization. The concept of mapping PCI-e to virtual machines has already been raised. Personally I think PCI-e mapping could be an easy way to provide high performance graphics to virtual machines. If shared PCI-e arrives and shared graphics cards (such as Nvidia's range) take off, there are potentially even higher gains to be had.
So if you think about it, we now have efficiency gains either in place or being talked about for:
- Shared CPU+ram (virtualisation)
- Shared storage
- Shared power supplies
- Shared networking
- Shared graphics
Combine all of those, and you can fine tune every aspect of your companies IT assets, precisely matching your hardware to your requirements. And you can do this while increasing performance since everything is connected in your server room using a local high speed interconnect.
"And with the relentless upgrade spiral among software vendors, practicality says you can’t fall too far behind ..."
Unless of course Vista is enough of a flop that developers realize it would be commercial suicide to release software that doesn't support XP, in which case you can look forward to it working indefinitely.
That is the biggest problem for Microsoft, and the reason they're so keen to discontinue XP. A lot of companies aren't going to move until they're forced, meaning XP potentially still has a long and productive life ahead of it. We've certainly got no intentions of moving to Vista (or Windows 7), and have enough spare XP licenses to last us the next 5 years, by which time the desktop market could look very different indeed.
Ok, this needs to hit slashdot because people here just aren't getting it. This isn't about saving '30 seconds' of boot up time, nor just taking snapshots so it's "just like hibernation". If the OS can save a consistent *incremental* memory snapshot to disk in a usable fashion, you have many benefits over current systems:
This automatically applies to all applications, with no danger of some driver or program preventing your machine hibernating or resuming properly.
Hibernating and resuming will be near instant, making it perfect for hand held devices, DVR's, games consoles. Heck, even thin clients would benefit from instant boot.
Instant boot times also have huge benefits when it comes to power saving, which is a huge topic these days. Imagine a rack of servers where their boot time is fast enough that you can afford to simply power off unneeded machines under low load conditions.
The idea has a massive amount of potential. The only question is whether he's got the ability to pull it off.
Great idea, but I wouldn't like the thought of loosing *all* my passwords should it be lost, stolen or damaged, and there doesn't appear to be any way of doing this.
A computer backup program would also have made for a nice easy way to store your passwords on this, and a USB interface combined with a windows front end could have made entering passwords much more secure.
Sounds like they missed a few tricks.
You've first got utter stupidity on the part of the network managers: Computers in an Operating Theater should not be connected to the internet, especially if they're vital to the success of operations. And they should definately not be allowed to install updates unsupervised.
But to then react to that by disabling security updates across your entire organisation? Somebody needs to be sacked here. It sounds like both the network staff and the management are utterly incompetent.
I'm managing 100 computers here, without anything so critical as an operating theater, but I still have better policies in place than these jokers.
If you want an easy backup solution for Windows, use Apple's Time Machine :D
Buy yourself a Mac, get your backups working, then install VirtualBox and setup shared folders. Store all your windows files in your shared folder and it'll all be backed up automatically by Time Machine. If you want to be really thorough, redirect your Desktop and My Documents folders so they're stored in that shared folder. I haven't actually tested this with VirtualBox, but the theory is sound.
Best solution all round really. A better OS, more secure web browsing, but you still have windows available when you need it.
If anybody wants to get an idea of just how crackpot this is, have a read of this excellent summary of some of the problems of landing on Mars:
Short version: It's tough enough landing small robots down there, let alone a few dozen tons of spacecraft.
So if IWF are in the right here, why did they block the entire page, and not just the objectionable content?
That is what everybody is up in arms about. Blocking child porn images, fair enough, I won't complain about my ISP doing that. Blocking articles on an encyclopedia (regardless of whether El Reg likes it), no thank you.
You know, for an IT publication, The Register seems to be missing a lot of details these days.
When stating that OOXML has been ISO approved, it's probably a good idea to state that this *isn't* the version that's currently shipping with Office 2007, and that Microsoft have also stated that they have no current plans to update Office to use the ISO approved OOXML.
Biting the hand that feeds IT © 1998–2019