What I will say is that, if Microsoft thinks its product is good then it should stick to its guns, not expect instant success and keep pushing their interface and features. If it drops this then they are admitting they got it wrong AGAIN. I can't see people every buying products from those who keep getting it wrong repeatedly (unless there is a 20 year old legacy product driving the market they they cannot sensibly move away from).

Its a new market for Microsoft and it has to recognise that it has to be the best product for end users, most attractive to developers and carriers and best able to integrate to come out on top. It can't win this by Marketting alone.

The facts are probably that WP was:
a) Late to market
b) Lacking developer support as many had already moved to iPhone or Android or developed mobile skills on these platforms
c) Not allowing hardware manufacturers to best utilise existing hardware by being proscriptive
d) Trying to be different after the market had already led in specific directions (iPhone then Android). Lets face it, it wasn't going to be easy to get in on this without using a similar interface to iPhone or a good weight of device support (Linux)
e) Less than interesting on most of the original hardware
f) Poor Marketting
g) Leaving carriers being carriers - little value add and little gain.
h) Using the names "Microsoft" and "Windows"


Anyone think of any others? I think instead of arguing between posts I think we can just add a big list together, post it to Microsoft and see if they learn any lessons.

The issue is based on what you need in different scenarios and to meet that I can't see anything wrong in doing both writing to syslog and a database.

Why do both? In larger systems the amount of data is difficult to cross reference and analyse as files due to the amount of sources, size of data, tools to visualise it all, etc. Writing syslog data to centralised syslog services that do use database backends to centralise logs and query/report against them are a key tool in these scenarios. Its one of a number of interfaces you have to analyse what is taking place on your systems.

However, I'd rather use the simplest method of getting log information out of a system if I'm going to use it for debugging an odd situation. There are situations where the overhead of writing to a database or a write remote data might fail and cause no debug information to be written. I'd rather a simple logging system locally.

I agree with this but can see why people may think this way. When I was a newbie I had a very different opinion when I started with Linux/Unix. The reality is that for newbies /usr/bin /bin and /opt/product/bin is not, on the face of it, as straightforward as simply a folder called "Program Files". Unfortunately when you look into the Windows filesystem binary files and libraries are often nearly anywhere despite Microsoft's advice, especially with .Net, Java and many other languages. I have to say that in most cases I see developers working on Linux do tend to have the tendency to stick to the filesystem locations as it supplies an appropriate area for most requirements.

Doesn't that mean that Chromebooks will be able to connect to real computers?

Interesting....

I was at a conference last week where the Facebook's malicious URL detection engine, which was stated by a Websense supplier as sourced by Facebook from Websense, was discussed. I remember using Websense years back as a URL filtering engine (which I believe it still is but with an improvement in deep inspection) and can see how Facebook have probably bolted it in so that traffic using redirects from their site get a layer of filtering before redirection from Websense's URL database and from the on the fly categorisation features, however, I can also see why there is still vulnerability. URL blockers, DPI engines and the like, like Websense, are tools that are always in development and are rarely anywhere near 100% accurate, instead, being aimed at giving an acceptable level of accuracy.

To be honest, I can't see that this vulnerability will be anywhere near the top of the list of vulnerabilities in tools like these. I'd be surprised if an unclassified (by the filtering engine) proxy couldn't redirect to wherever was required

I'm not convinced. I often use cable ties but I use them as a last resort or a short term measure where, IMHO, decent structured cable management has not been put in place.

I find that cable ties are just another thing to get cables caught on and to cut your hands to shreds when feeling around in the mass of cables to find the one you want with the way people cut the excess tie length off leaving sharp ends. Cable tray and velcro, vertical cable rings, horizontal cable management bars, well defined cable routes recognising the choke points and planning for management of it, using the right length cable for the job and well labelled cables are the real tools for good cable management. My advice is to never skimp on cable management or practice and to be strict with people doing cabling (including yourself) to ensure what is done meets the standards you set yourself or others.

Sorry but the protocol was never built for this and whilst it has had people add protocols for securing and signing data and verifying identity only limited people really use them.

If you can't prove an identity then the emails are just bits on the wire. You might as well take people to court for the dust they create.

I find the "get a private network" comment interesting. It is an opinion which will largely be ignored if you state it within an organisation and is unlikely to make a difference to the way that anything is run.

I'm not surprised by the comment - I made it myself until recently, however, its an area where you will not win the argument and it is because of what our industry is telling people. Our industry is influencing at senior levels in organisations for cloud based everything and managers (IT and none IT) are being told that the cloud is the right way to do things, open, accessible and someone else's problem. I don't really find it surprising that security breaches happen in this environment as you have a disconnect between those running the servers (that are concerned with the security of their hosting environment) and those writing the applications (that are concerned with the functionality of their applications).

In the pre-cloud computing model you had a middle layer where those teams met and argued security. Now I believe they meet less and less and those arguing security are seen as blocks to success and bypassed. I don't doubt that there are those IT teams who are hot on security who have had someone start to host an application in the cloud without them being aware of it? If people have then I suspect that noone is checking the application security and are either expecting the hosting company to do it or the developers,

Agreed. If you look at Microsoft's catalogue they need Skype:

1) Market share (mainly)
2) A lightweight cross platform voice link with Microsoft Linc/Exchange/Office 365 for Microsoft Live users

Microsoft have some very strong capabilities in this sector but no market share or cross platform support. Skype might just be the stepping stone they needed.

Lets face it - its the Malware and misuse issues on these platforms that causes the levels of distrust. If you change them then you *might* be able to open up a little (provided the malware writers don't just switch to your new chosen secure platform).

As an aside there are current "solution"s to this. The most common being eveyone works on little VDI or Terminal Services sandboxes on server farms. What a waste of computing resource that is if trust is the only issue. So a server has to run a new (virtualised) desktop OS (or Terminal Services session) as it doesn't trust your current desktop OS... There are other reasons to do this which I can agree with but not just a trust issue.

Whichever way this is currently sliced and diced, the internet is a reflection of human beings. I'll quite happily allow home machines onto our corporate network if, like the humans, I can work out some method of forging a trust with them - i.e. understand how they work to understand where the risks to our data are (and this may be a policy that I can track against). Health checking as part of 802.1x authentication before the device is allowed on the network is an option as is only allowing access to a subset of resources.

Ends in 10..9..8..7..6..5..4..3..2.1.... Damn (Dodgey TV Hero - insert your choice)!

We aren't comparing expectations we are comparing belief! Analysts are turning surveys and trend data and multiple pieces of other esoteric information regards product, people and economies into those figures based on what we would buy from them. They are measuring our fervour for the companies involved..

I'm not surprised by the figures for Apple, Facebook and Google. We're flawed and some Companies have followers that treat them like a religion.

My surprise is simply, what makes anyone believe in IBM?

Agree with this 100% - VBScript or app creation using vb.net or c# are fall back measures for when a quick script isn't appropriate.

If you use Powershell look at the extensions from Quest which sometimes take a slightly onerous task in the MS supplied powershell install and add some even simpler ways of doing the same things..

They have a point - how many data centre's besides some of the large new builds have pue figures of around 1.2 - i.e. anywhere near those for efficient data centres?

There is still a level of complacency in many companies that in the drive for computing power it is acceptable to use as much power as required but this ignores all the massive extra waste. In theory all the energy used should convert directly to computing power but in reality large amounts is wasted, making the power supplies stable with inefficient UPS designs, cooling because processors and hard drives give off so much waste heat, the waste heat being thrown away by the data centres whilst traditional air con cools the ambient environment of the server rooms.

The companies who are complacent are exactly the people who should be targeted by environmentalists.