Does it actually *work* properly though?

Samba 3 had network printer driver support. Theoretically. In practice it was a buggy PITA that took 10x as much work to get to the point where it worked 1/2 as well as the Windows setup.

Overall, no, it isn't even close. Samba 4 may offer the core features of AD its self, but it doesn't offer all the powerful management and Group Policy tools, system deployment facilities, etc. Some of it could probably be hacked in on top, but IMO, it's really not worth it.

I was running a Samba3 domain on an LDAP directory for years. It was OK, but always had annoying warts and problems, plus it was a pain to run. Automatic printer drive deployment was fiddly and never that reliable. Group Policy wasn't even an option.

Eventually I gave in and moved over to win2k8. As a heavy Linux user and long-time *nix sysadmin, I have to say, for running Windows networks I am NEVER going to use anything else. Sure it has its issues, but it's reliable and it has an amazing array of system management tools.

The Microsoft Deployment Toolkit alone is worth running a Win2k8 box for : just PXE boot your clients and have them auto-re-install themselves, install software and printers, change settings, add local users, install updates, and reboot almost ready to use. You can do this with a USB key and a manually copied Windows PE image, but it's fiddly and annoying.

Then there's Group Policy. Group Policy actually makes me want to use Windows. It makes me want to get rid of my Linux thin clients - despite their reliability - because with Group Policy I can just push changes out to all machines (or defined subsets) with a few simple changes in a central directory. It's seriously impressive.

About the only irritation is that so many software packages use custom installers rather than the Microsoft Installer (MSI), so it's not always easy to roll them out via Group Policy server push. Some of those that do (I'm looking at you, Adobe) don't make it easy to just download their updates whenever they come out and push them via Group Policy; you have to go and check for updates by hand. Fail.

Despite the irritations, there's just nothing like it for booting a client off the network and having it come up ready to use. Redirect the user's desktop and documents folder and you don't even need to worry about the machine breaking or having client backups; you back up the redirected folders, and if the machine breaks you just re-image it because it has no local data of any importance on it.

The sad fact is that tools like this are no fun to work on, so they're not something we're going to be seeing in Linux/BSD land in a hurry.

Nope, turns out it's a magnetic strip system not a smartcard system, so it isn't SmartRider.

Correction. After reading the presentation, it's clear that this is not a smartcard system, it's a magentic strip system. That means it isn't Western Australia's SmartRider, and WA's old MultiRider magnetic strip system has been retired for 5 years so it's not going to be MultiRider.

The transit system in question is 5-7 years old - or less depending on which one they refer to. The crypto is old, but the smartcard transit system isn't. Fail. How do I know? Because there are no older transit tag systems in Australia.

Sadly, much of the problem is the plastic granules, powder and fragments that UV-degraded plastics (like those lawn chairs) break down into.

Big chunks are a problem, but a huge part of the issue in the great pacific midden is tiny particles and fragments that've been eroded by agitation and broken down by UV until - for many animals - they're indistinguishable from food. They get into little filter feeding critters, they collect in the guts of larger creatures, and they just don't go away.

Becoming too small for us to see and deal with doesn't make that waste go away, it just makes it even harder to deal with.

In 20 years, we'll be looking for dolphin-safe plastic items, and lamenting the number of seabirds that're killed as by-catch from the oceanic plastics harvesting industry. Concern will be raised about the waste disposal practices of on-board plastics recycling, but nobody will do anything about it because it happens in international waters.

Sometimes you just can't win.

I'm starting to want to do this at work, and need to look into whether I can do it with Squid.

Why? Drive-by downloads, fake antivirus scams, and other malware delivered via the web. I already transparently proxy HTTP, blocking all executable downloads. I suspect it makes a big difference. If nothing else, the proxy was down for a week at one point and *two* machines got infected by malware during that week. Co-incidence? Possibly, but I'm not betting on it, especially since examination showed that both were drive-by attacks the proxy would've prevented.

The user base is pretty computer illiterate ("why yes, please do clean that nasty virus off my system. You need admin rights to do so? Of course, no problem.") and somewhat resistant to education/training, so technical protection measures are needed.

I'm concerned that that drive-by attacks, fake antivirus scams, etc will soon use HTTPs in an attempt to bypass filtering proxies and transparent proxying - if they don't already. I can knock these out fairly effectively if I can examine data being downloaded for things like PE headers, but I can't do that with HTTPs. I can still do URL-based filtering for "file extensions", which works surprisingly well and only requires the very occasional site to be whitelisted for using "blah.dll?query-string" or "myapp.exe?dosomething" URLs. Nothing forces the attacker to put a Windows file extension in the URL, though, and I can't discover the MIME type or the type of data being downloaded without inspecting the stream.

The challenge is to do this without any risk of compromising netbanking data, etc. If our proxy gets cracked... ow.

First, sandpaper: ogodogodogod. What a way to make your point.

Good luck. I'm quite happy with the healthcare over the bandwidth myself, for what it's worth. Australia is working hard to destroy our social health care at the moment, though :-(

USians who whine about this appear to be heavy users of HD video streaming (!!) via Netflix and other mostly USA-only services. The US just has a whole bunch of bandwidth hungry services the rest of us poor peons aren't allowed to use.

That was commonplace in Australia for some time, and worked really well.

WAIXMule was a modified eMule client that only used peers reachable via the Western Australian Internet Exchange (WAIX), which most WA ISPs didn't meter.

It worked too well; the ISPs started limiting traffic through peering points because of the congestion. Honestly, they weren't actually just whining, they had major trunk links being saturated. Upgrades would've been immensely more expensive because they were already the fastest economical links available, and had no benefit whatsoever for most users, so they started limiting peering point traffic. Fair enough, honestly.

While this is currently true, in Australia we had both data caps and speed caps for a LONG time. It's only once Telstra's monopoly was broken by the advent of 3rd party DSLAMs in exchanges that this changed.

We're likely to see charges for both speed and data return with the NBN, at least according to the current pricing plans.

I thought you were serious until the third and final sentence. Heh. A carrier thinking about long term network investment. Right. (OK, so the US has seen some of that actually happening, what with the Verizon fibre stuff, but it's pretty unusual).

For what it's worth, here in Australia a 100GB cap was considered very big until a year or so ago. Most people never knew or cared. Most plans were capped at 20GB or so, and people didn't know or care about that either. Of course, Australia doesn't have any useful streaming services; the existing ones are all geo-locked and nobody here seems to have the power to break through all the stupid media licensing to set up a local one. Unless you're a mad torrent freak, heavy gamer, or use a VPN to work heavily, even 20GB is usually overkill.

I want to laugh at people complaining about their constricting and horrible 300GB caps, but I'm aware the US market has tons of bandwidth-hungry services available that we just don't have equivalents of in AU, so it's not that comparable. Alas.

Do Lenovo still follow IBM's tradition of having the BIOS check for unauthorized 3G and WiFi cards and refusing to boot? I'm seeing mixed reports and Lenovo themselves don't seem to have a clue.

While I'm a huge fan of portrait work and use a 1200x1920 portrait 24" display at home, I'll still take 1920x1200 over 1366x768 any day, and that's the choice I currently have.

Alas, Dell's Latitude models are one of the few laptops that have non-crap resolutions and decent touchpads instead of that horrible Alps crap everyone's using now. Pity Dell are marginally more evil than the other vendors at the moment (see, eg, the Optiplex affair).