Don't blame Windows Autorun for this, that's ridiculous. Autorun is easily disabled (every corporate environment with IT worth a damn has disabled it through GPO already) and if you already have technicians plugging untrusted USB thumbdrives into computers used to run industrial equipment, you've already lost the battle. Furthermore, Windows doesn't automatically load things from USB devices anymore, and it hasn't in a long time, I think at least since XP Sp1 or SP2. It scans the devices and brings up a menu asking you what to do, one of the options will be run whatever is labeled as auto-run. None of the systems that don't have this default behavior (fyi you can disable USB devices entirely as well, and most PC's have options to disable USB ports in the BIOS as well) are supported or receive security patches.

In this case, the attackers had lots of resources, enough to find and develop multiple 0-day vulnerabilities (as any security researcher will tell you, finding a vulnerability whether Windows or Linux, is simply a matter of looking hard enough), accurate and in-depth knowledge of the target's systems, equipment, and operating procedures, and could rely on poor security practices. In that environment it's hard to imagine them not succeeding.

It's pretty difficult to keep the fact you are heterosexual or homosexual out of the workplace entirely, especially in a situation like when you are in the military and around your coworkers for 99% of your day. Guys have pictures of their wives/girlfriends, they call home, they get care packages sent to them. I'm not saying they should have a gay rights parade in the middle of camp xray, but under the current policy, if a female soldier hits on a gay male soldier, and he says, sorry but Im gay, he can be discharged, and that;s ridiculous.

I was taught about the mistreatment of Native Americans in elementary school, again in Middle School, and again in high school, including the fact the US government routinely violated treaties and deliberately infected them with disease. I was also taught about Japanese internment camps, the illegal seizure of their properties, the supreme court decision made on clearly racist and reactionary grounds that allowed them, and the fact that despite their family was illegally forced into camps, many Japanese Americans still served their country with distinction in the military. America is, and always has been, a work in progress. "All men are equal" is an ideal to strive towards, not a statement of reality. Comparing Don't ask Don't tell to the government sanctioned wholesale murder and persecution of gays is ridiculous. One limits their ability to serve openly in the military, the other makes it impossible for them to exist openly at all. The punishment for one is a discharge from the military, the other is death. The reality is Don't ask Don't tell would be gone already if it weren't for the fact that Congress still has a lot of old white men who are from a time when Blacks couldn't sit at the same lunch counter as them, as they die off the ridiculous policies that exist to placate their homophobia will be gone too.

America is far from perfect when it comes to civil rights and treatment of minorities, but at least we are on a path to making things better, not worse. Men like the leaders of Iran are trying their hardest to go in the opposite direction.

At the same time, this disclosure may force the PRC to publicly announce it's position and in doing so force North Korea to the negotiating table faster. Unless of course it's "secret" message was just lies and bullshit. If they tell us they would support South Korea, but then tell North Korea the opposite, and never actually do anything in public, it's all meaningless anyways. China does not see above telling the US what they want to hear in order to get things they want, while telling North Korea the opposite to get things they want from them. I for one, want my diplomats to behave ethically and straightforward at all times, even if that means we get fewer "secret" overtures to get things we want.

The problem here is he's clearly in over his head. The small business market is crowded with companies with lots of experience. He's not asking "What would be the best method to do X for a small organization" where X is something discrete like backups, file server, etc. He's asking how to do everything. And that's a problem. Experience matters. I work for a company that provides IT services and support to the type of organization hes talking about. We constantly take over in the wake of people like this. Normally, they manage to coast for 6 to 12 months, something big happens, and the company winds up writing a big check to someone like us to clean up the mess. I've been doing it for several years now, and I still learn new, better ways to do things all the time, and learn about new potential pitfalls to avoid. I have the benefit of working with a team that has lots of experience so we can catch each others mistakes. Decisions made now will have big implications on the long term support costs.

Anyways, my two cents on how I would probably do it. The article is short on details, and of course you would need to find out exactly what their use case and budget is, but one fairly generic solution is Windows Small Business Server. It's pretty inexpensive, you get one beefy server and it gives you AD, Exchange, Sharepoint, and a file server. All of it is on premise and works if you lose internet connection. Buy Dell or HP desktops/laptops, make an image and if one gets messed up you can just reimage. Redirect all their folders so their desktop, my docs, etc. is all stored on the server. Use Group Policy in AD to lock the stations down as much as possible without interfering with their ability to work. An SSL cert combined with the remote web workplace feature gives them access to their e-mail and desktop machines anywhere they go. Pretty much anyone who works in an Office environment is familiar with Office and Exchange, so training costs are minimal. Have at least two separate forms of backup and make sure 1 goes off site. If you install the server as a VM using HyperV, you can easily bring it back up if the hardware dies. I know I will take some shit on Slashdot for recommending a MS solution, but I doubt this organization is going to want to be the guinea pig for him to learn Linux administration on.

Viruses running with admin privileges can yes, because anything running as admin can. Something running as root can do the EXACT SAME THING on a linux box. You can argue that Windows should make it harder to run things as admin all the time, and that's exactly what they have been doing with Vista and 7, and the result has been massive griping about it. The reality is most people are unqualified to administer their own box, and no amount of hand-waving and finger pointing will change that. The people that are confused by the registry would be confused by config files just as easily.

Huh? The system hives live in %systemroot%\system32\config and the user hives live in the root of their profile. The system hive is split into like 5 different files, each named for the section they are. I'm not sure why you would want to look at the files, If you want to back them up there are better ways then a flat file copy, and if you want to delete them you aren't going to be able to because they will be in use.

Splitting the hives between the system directory and the user directory makes a lot of sense from a permissions perspective, to consolidate them would mean giving non-admins (able to write to their hive but not the systems) access to directory of files they can't edit and able to see the hives of other users. Putting it in the profile also firmly attaches it to the user it belongs to in a logical way. Either way other then data recovery or forensics, I've never needed to manual access the registry files, and no normal user ever would.

As for the lack of ability to clear settings, the cause is also a part of the solution. The cause is because admins running programs as admins can do whatever they want with the registry, because they are admins. Run a shitty installer, it spews shit everywhere, because it has admin rights and you ran it. The solution to shit in places it doesn't belong is to give an admin user the ability to use a program to modify the registry and change entries that don't belong. The registry cruft problem is entirely one of developer laziness, and you could have the same thing with config files just as easily. If MS forbade admins from modifying the registry in unapproved ways, people would scream murder, and actual admins (as opposed to retards running as admin) would have a legitimate point. A shitty program is a shitty program, nothing stops you from tracking the changes you make to the registry and undoing them 100% later, you could even store that info in the registry!. The registry also fully supports permissions, so you can fully control who can change what, put of course if someone runs a program as an user who has full access rights to everything, and that program writes all over everything, whose fault is that? MS gave you the tools, but you hung yourself. Don't like it, complain to whoever wrote the program, the OS did what it was told by an user with the access rights to do it, a situation could just as easily have happened with config files (and in the pre-registry days, it happened all the fucking time, which is why the registry was invented in the first place).

If you want to actually understand the reasoning behind the implementation of the registry, instead of blindly railing at it because you don't like the result when you let programs you don't trust do thing you dont want to it with wild abandon, look here: http://blogs.msdn.com/b/oldnewthing/archive/2007/11/26/6523907.aspx

The reality is there's nothing wrong with the registry as a design decision, and everything wrong with the security model of run everything as admins, but the reality is even though Windows gives you all the tools to run things NOT as admin, everyone does anyways, even people who should know better, and when they try to do anything to fix it, everyone calls them retarded and annoying because it gets in the way of running everything as admin.

Every college level textbook I have ever had had the answers to every problem in the back, and most had an optional paper back book with a detailed description of how to work them out you could buy. Even if they didn't, copies of the instructors version that had the answers worked out in detail were available online. In what bizarre universe are schools actually grading assignments from the problems sections of textbooks? My professors always assigned us problems he felt were relevant, but whether or not you did them was up to you. If you didn't do them, chances are you failed, with the exception of the few quick learners with an aptitude for the subject.

The few graded take home assignments I remember were given on the assumption that most of use would split into groups and collaborate anyways. They were universally assignments given out of pity if the class average was lower then expected, and only served to weed out those who truly didn't give a fuck and couldn't even be bothered to cheat.

The big hurdle to custom games right now is they are region locked. Maps from one realm can't be played on any others, which has frustrated devs to the point many of them have given up. The new popularity system also means that 99% of maps never get seen, as the list itself is a self-fulfilling prophecy. Get on the top of the list, you get played a lot because you are on top, so you get played more, etc. Blizz has tried to help by choosing "featured" maps to force to the top of the list for a few weeks, but it's kind of an ugly hack to a broken system. When you make a game, you choose the map, and then slots are automatically filled and the game starts automatically, making announcing any sort of gametype impossible. So for games like Dota, which had dozens of game types, the only way to implement it in sc2 is to make different maps, which splits the player base and keeps the map from hitting the popular list. Oh and my personal pet peeve, when the game fills, it auto starts a 30 second countdown. If people leave during this time, the countdown doesn't stop. Theres no way to stop it and get a player to fill the slot without leaving, and starting over, and if you don't leave fast enough you are stuck hitting load screen. It was a known problem in wc3 and they actually made it 10x worse not better.

The problem is, it's not just Google, all big companies do this. And because they do it, they get a big advantage over the small and medium businesses that are stuck paying 35% because they cant pay an army of lawyers and accountants to setup and run these loopholes. Congress should either close the loopholes, simplify the tax code so fewer loopholes are possible, or get rid of corporate income tax entirely to kill the whole incentive to play the "tax haven" game in the first place. At least that way you level the playing field and cut out a parasitic, wasteful element in the form of the army of tax attorneys and accountants every Fortune 500 company must employ.

His Dell rep is taking him for a ride. He needs to call HP and Lenovo, and get quotes, pick the lowest one, show it to the others, and ask for new quotes. Repeat a few times. Even if he still picks Dell in the end he should be able to get a better price and probably some perks. We get our Dell and HP reps to compete over 100 desktop orders, I'm sure they will be willing to negotiate for a 1000+ order. Building your own machine is asking for disaster. I love building my own machines, and wind up with a better machine for it, but I'm a geek and if my motherboard blows up tomorrow I have enough spare parts laying around to cobble together a new pc. When all the ram in all your pc's starts failing over a 2-3 month period, and the ram vendor is blaming the motherboard vendor and the motherboard vendor is blaming the ram vendor and neither will give you the time of day, you are going to be screwed. That's not a fictional scenario, that's a real life scenario from my personal experience, and it happened to about 300 pc's and was a nightmare, I wouldn't want to see it with 1000.

Your rep probably knows you are a "dell shop" and you want to stay that way (because mixing vendors is a pain in the ass for support) so he figures he will through out a high number and hope you will bite. If he won't budge, hang up the phone, look up the sales line on Dell's site, and start calling until you get someone willing to play ball. The real money is in servers anyways, so while you are negotiating feel free to threaten to take your desktop AND server business to another vendor. You have to fight for it but PC vendors will sell to you at almost any margin above break even for them, because they want their foot in the door. Building your own PC's is kind of like not having insurance. Sure, you save a little money, and for most people, nothing bad will happen. The few that do have something bad, it will be catastrophic. You buy insurance to spread the risk. The same with PC vendors. They do a lot more testing up front, and they are large enough to absorb particular models having high failure rates without it becoming a complete catastrophe.

The DotA community on Battlenet was killed by Blizzard, when they began banning people with no possibility for appeal for using the 3rd party tools necessary to making a decent game on battle.net possible. Tools like visual custom kick and banlist became bannable offenses, but they were pretty much necessary to have a game on battlenet that wasn't full of laggers, leavers, and griefers. The more serious players moved to 3rd party services/leagues, and the casual players quit or moved to League of Legends or Heroes of Newerth. I haven't played Heroes of Newerth since beta, but to call it a drop in replacement for Dota was pretty far fetched, Dota relies on extremely fine tuned RTS and pathing mechanics, that wc3 provides, and that simply didn't exist in HoN when I played.

CLI's are great for scripting, but they also make it very easy to make errors of omission. If you don't know about a command, you don't use it. If there's an important security setting for example, you might see it poking through the GUI, but not know you need to add it when starting from a blank config file. Of course in theory no one should be admin for a system they didn't know and fully understand, but we all know in reality that is not what actually happens, especially in smaller operations. A good system uses both to do what they are best at, and a good admin should be familiar with both. Even MS finally got on this bandwagon, with Powershell and server 2008, anything you can do in the gui can be done with powershell, and a lot of rarely used commands are powershell only (keeps you from overly complicating the gui which is a good thing).

The number of messages you can store in modern versions of Outlook is effectively only limited by the file system/hard drive space available. Because Outlook uses a database for it's back end, you will get best performance by archiving older mail out to a separate file, which it does by default. I've seen some users with truly monstrous .pst files.

Because the entire site had been completely overwhelmed by spammers? Digg went from a great site to go see whats new to a glorified RSS feed for cracked.com , college humor and reddit. They had to change something,