Fuck that. I usually propose running Cat 5e in a single strand for 300m. If the project is approved.....

Not if you're in on any of my contracts no, you can't. And don't even think about uttering the word "cloud" while talking about your development model. Some clients, most (small time?) clients, will be ok with you putting the code in a private repository. More specifically, they won't care where you put your code, bigger clients want to know exactly where everything is.

The Bendigo at least set those fields to autocomplete off - so should the browser actually be doing that then... or even keeping it for two hours plus.

Not really a banks fault though - why is the browser hanging on to post'd data after it's been post'd??

Well, yeah, that's kind of the point - emulate what we've seen of google glass as much as possible (and also be useful when watching morons drive). I made sure to be well aware of the local surveillance rules and all of that, clients are told about the glasses and the possibilities, people are so excited about GG technology that they're not stopping to consider the ramifications. Pretty much anyone who posts on here has thought about them (as is evidenced by the attempted testosterone flowing from some of the other comments) but they're not the general public.

All I see in the news lately is how good Glass is, with lots of comments about the need to be looking directly at the person to take a picture. The public are being calmed before the storm.

I've spent the last 8 months wearing a pair of sunglasses that contain a camera in the bridge, mostly because I see lots of stupid drivers on the road, but also because google glass has been coming along. I'm careful to remove the SD card fairly regularly, but in that 8 months only 3 people have questioned my very chunky glasses with half cm buttons on the left side.

People don't care about privacy, not until it's the "creepy" guy staring at them instead of the average guy.

AC has a point. This is why you get companies (here's a local example: http://www.attache.com.au/products/attache-accounts/ ) who give you your pay slips via HTTPS (because it's secure) but have the beancounters email through the base files in plain text (because they've got no idea how any of this works).

Are you using SCTP or have you rolled your own standard?

My first thought was the clouds version of the y2k defined SCTP protocol

What makes you think our helldesk is under staffed?

If the phone isn't picked up by the second ring, there's a major network fault and the staff know it. That's happened twice in the past three years.

Yeah, best case we've deployed is a Citrix XenApp farm coupled with local computer access. Xen servers control medical software, local desktops are pretty free for email and porn (a surprising amount of porn for medics who are idle). We can control the Xen computers easily enough this way, local computers are wiped if they have a problem via our "perfect world" deployment policy*. It's nice, compromises are minimalistic at best and we segregate the desktops from the servers pretty solidly (with the file/print servers in the middle - "dual homed").

Doctors can do what they want, netops are happy with what they get to lock down, and we even pass a lot of the DSD compliance ratings (not that we're audited, but it's a good benchmark).

*Can't solve your problem in 10 minutes, a further 5 minutes to blow the machine back to standard image. 5 more to reconfigure default accounts and such (which is automated, but we also need to wait for download/ sync of emails etc.). 20 minutes downtime from start of call to end, maximum.

Surely you can control where that goes though - medicare billing is going to be pretty damned obvious (*.medicare.gov.au) and most sites like that have specific IP lists (and port lists) that you can use to lock your firewall down to.

Sure, it's still strictly "internet" access, but it's not like you're going to get a drive by attack when all you allow through the packet filter is access to the specified domains IP ranges and maybe the ISP DNS server to look them up for the software. This is security one-oh-one really, and something we already do for our 4d based medical magic (you know the craptastic software I mean).

Security on a medical computer like this should not be compromised for the sake of a doctors ease of use. Give the XP machine (VM or otherwise) a dedicated IP and do it properly, or stop screwing around and let someone else do it. (Not necessarily directed at you Holi)

I'm always surprised about little things - unencrypted communications is actually kind of an obvious thing to do as far as I am concerned. I mean, screw trying to get a mars rover to reconnect because the clock died and the time is out of sync so the SSL is borked. I'd love to hear from someone who built the communications protocols up, to see if they were just lazy, uneducated, or thinking like the above.

My old boss always cheated - pull a drive from the RAID-1, take it home while the RAID-1 rebuilds with a third drive. That way one is always offsite, and the work is always saved on two drives.

Fortunately (or unfortunately depending how you look at it) he's never had a disk fail mid way through the daily/ weekly rebuild.

We always quote it as "the more disk space you have, the more porn and piracy you save"