fouldsy.com

A recent article over at ZDNet raised some interesting questions. I always take articles like this with a pinch of salt, but it doesn’t seem too far from what’s probably going.

First thing – Microsoft provides admin rights to the majority of users right across the enterprise. Flies in the face of security rule #1, that one. Very few users should actually need admin rights in my opinion, and it’s not hard work to develop structured GPO’s that provide the flexibility users require. If they’re requiring admin rights to install apps that otherwise don’t provide a valid MSI to install without privileged user rights, is that something you really want on the network? I wouldn’t.

Yes, for those in the development environment I can see the reasoning, but most others shouldn’t. Even I don’t log in with admin rights – maybe 5% of the time I log in with a dedicated admin account, then back to my normal, everyday account. How have they fully tested Vista’s User Access Control (UAC) on a large scale without even deploying it themselves? Would I be happy implementing such access control lists knowing Microsoft haven’t used them extensively? No. Seems a case of “Do as we say, not as we do”.

The second bit that stands out – their internal IT support doesn’t get advance warning of security patches and vulnerabilites. Is communication so lacking they don’t give their own boys a shout when problems arise? Especially in an environment where goodness knows what is being installed by your users, I would have thought patching vulnerabilities would be pretty important, and I’m amazed they don’t get early releases.

There’s still the argument of “Well, we set time aside each month to roll out security updates rather than delivering them as soon as they’re available”, but again, how can Microsoft ensure they aren’t going to break something by releasing fixes without patching large portions of their own network? Hands up who can name 5 security updates that then received updates themselves?

Although I run Linux exclusively on all my home machines, Windows still remains pretty much the only choice in our network environment, primarily because of the extensive control provided by GPO’s and the automatic deployment of OS updates across the network. Seems kinda ironic that Microsoft themselves don’t make as much use of their own major selling points!

Although I’ve ran various websites for a number of years, none have ever been bandwidth intensive. This blog probably pushes things more than any of my previous sites going back 8/9 years, but only because I try to jazz things up with images in blog entries, and have a couple of hundred photos in my photo gallery.

Running the Unsigned Rock Podcast for what, 10 days, has shattered my low-bandwidth idea! You take a 30Mb podcast, get 50 people downloading it within 24 hours, and 10Gb a month quickly disappears. So, I have moved the media content delivery across to Libsyn, which seems to be working very well.

It does pose some interesting questions though. I have a domain registered through GoDaddy, web hosting provided by Lycos, and media content delivery handled by Libsyn. Sometime soon there’s got to be an all-in-one solution. Libsyn provide a half-decent blog, but is limited in additional themes and plugins. Most webhosts do provide different plans (I’m on a fairly basic plan) to grab more bandwidth and diskspace, but they don’t provide the same kind of load balancing as the Libsyn network.

With it becoming more + more common for people to want to store photos, audio + video on their own webspace, are we going to see content delivery networks merging with the traditional webhosts? Suppose there’s always going to be those that simply want basic webspace to host a few pages without all the bells + whistles, but the the trend over the last 6 months or so seems to be pushing to more bandwidth-intensive sites. Hence all the debate over internet neutrality.

• Creating ajax Vote Spy
  (tags: ajax scripting internet)
• Learn Italian Podcast
  (tags: podcast language italian)
• Learn Mandarin Chinese with Free Daily Podcasts
  (tags: podcast language chinese)
• Mac Mini User Community
  (tags: apple computing)

Over on the Unsigned Rock Podcast, I’ve got a competition running for the next couple of weeks in conjunction with Ampsex to win their latest album, ‘Original Sound Recordings’. It really is a wicked album – well worth checking out! Click the picture on the right for more details!

I’ve played ‘My Friend is a Punk‘ on the latest show, and last time round I played ‘Crazy Bitch‘, both from the album. Also, the guys are playing a gig at Rasputin Records in Campbell, California at 7p.m, so although a bit of a hike for me, go check it out if you’re in the area. More info from their MySpace page.

To win, simply check out the latest show and answer the question! Easy peasy. Who doesn’t like competition and a chance to win free music?!

With Amarok throwing a wobbler and crashing once a day or so, and knowing that it’s only a couple of weeks until Dapper Drake makes it to final, is it worth waiting until 1st June or run an upgrade now and grab the shiny new Amarok 1.4 release?

I ran it when I first started playing with the 64-bit system and had Dapper, using Amarok 1.4-beta1 + beta2, and really liked some of the extra features such as *much* better media player support for my iPod Nano and Archos AV500, but since the rest of my system is so stable, I don’t want to risk upgrading just yet. Plus, I fired off some scripts a few weeks ago converting anything in .wma or .aac format to mp3 which means I’m not really needing Amarok 1.4 for updated taglib support for writing aac tags.

But, I’m a technology whore as someone recently describe me, and on cue, Amarok has just crashed

• Ubuntu e-mail server
  (tags: linux computing networking postfix ubuntu guides)
• Free, Open-Source software for OS X
  (tags: apple computing software)

A little hiccup for a Monday. Not quite sure what went wrong, but in the middle of the morning our Open-Xchange server went belly up. No warning, no updates applied since the start of last week – just refused to handle user logins and dropped all existing sessions.

Easy enough to track down – the Java servlet couldn’t create a connection to the Postgresql database. After a bit of head scratching trying to figure out, simply re-installing ‘postgresql-jdbc‘ did the trick:

yum remove postgresql-jdbc
yum install postgresql-jdbc

followed by a restart of Open-Xchange:

/etc/init.d/openexchange restart

Bit of a puzzler as to why it suddenly stopped, as the correct PATH locations were still set and there hadn’t been any Java updates applied since the server was installed a couple of months back, but at least everything’s back to normal now.

Just got to figure out how to install Debian onto our new HP DL-320 webserver when they (quite helpfully) don’t ship with a CD drive… A nice ploy by HP to get you to then purchase a hot-swapable drive for £70-odd maybe?

• Build an Ajax RSS reader
  (tags: ajax programming internet scripting)
• Build an Ajax RSS reader
  (tags: ajax programming internet scripting)
• Ubuntu Center Hands-On
  (tags: ubuntu linux networking internet scripting)
• Ubuntu Center
  (tags: ubuntu linux networking scripting)

• Skype Recording with Ubuntu
  (tags: audio recording ubuntu linux skype)
• Audioblog.com
  (tags: audio blogging podcast)

I must admit, I haven’t got into Second Life as I’ve never really been a huge fan of MMORPG games, but I know quite a few people that are well into Second Life and having a whale of time. So, it was quite interesting to read that the BBC are tying in with the Radio 1 One Big Weekend, having purchased an island within the game and setup their own virtual stage and festival area.

The idea seems to be to allow players of Second Life onto the island and join the event, with the audio being streamed in from the actual live event taking place in Dundee. It also opens a host of other possibilites for festivals over the summer, as well any live lounge sessions with Jo Wiley, for example, being pushed out live on Second Life.

Whether it’s really a good use of the licence payers money is always something the BBC gets stick for, but it’s a very novel approach, just a shame only 400 players or so will be able to access it (which I guess is down to the hardware / bandwidth limitations).

And on a slightly different note, Allofmp3.com is now classed as 2nd only to iTunes in the rankings for online music services used by people in the UK. Of course, the survey is only detailing legal download services (classing Allofmp3.com as legal…?) and not showing how many people are still using peer-to-peer services for obtaining music completely illegally. Suppose it shows that people are willing to pay for music when it’s not stupidly priced, though the moral dilema for me is always how much money (if any) the artist actually sees when purchasing music from the Russian outfit.