I agree with this. While it's nice, and I recommend cloud servers for a lot of use cases, office infrastructure is currently not one of them. My major issue is not that the ISPs are not reliable, cost effective, or secure.

My major issue is one of network connectivity. "Business class" broadband ISP offerings in the US are pretty awful, which is why I put business class in quotes. Either service or speed (and often both) are incompatible with business requirements. Talking to first (and often second) level support is pointless once you explain to them that you're trying to run an office of 4-5 developers utilizing a cloud-based configuration management, issue tracking, and continuous build environment.

Individual connections actually seem much better. If you're going to move to a cloud-based infrastructure for the above use case, it's probably better to have everyone work from home, access protected resources via VPN, and use a distributed configuration management model to minimize connectivity down time.

The push by Microsoft towards SkyDrive and Microsoft Live accounts is also a really bad decision for consumers given the state of broadband in the US. Who's to say that Microsoft won't shut down these services in the future when/if it's no longer profitable.

What I gathered from the memo is two-fold:

1, Drive as much business as they can to the subscription model
2. All products will be tightly integrated and dependent on proprietary interactions

The first gives them the constant revenue stream. The second one destroys modular computing in that if you upgrade one area running Microsoft software, you are almost forced to upgrade all areas. That cost (we used to call it the forklift upgrade in mainframe days) will drive more businesses towards the subscription model.

Once they have a critical mass on the subscription model, they can then dictate technology to customers. Obviously, they plan on doing this from top to bottom (mobile, consoles, hardware, software, cloud). There will once again be open standards and Microsoft standards.

It's all about driving the market rather than being market-driven.

I haven't looked at this yet, but it seems Redhat has their own spin on things:

http://spacewalk.redhat.com/

It doesn't look as flexible or powerful as puppet, cfengine, etc., but it looks like a start at least.

Yep, good Java development tools are free (won't start the NetBeans versus Eclipse flamefest here).

Java application servers are free. Pick one, many are good, and you can buy support if you want it.

For those people stuck with .NET, SharpDevelop is free. I'm learning how to integrate .NET, IIS, and a servlet application. The boilerplate configuration is pretty easy. What I'm working on now is learning enough .NET to create a non-trivial application, and integrate that with the existing servlet application. My only real issue with SharpDevelop is that it doesn't appear to have a packaging option so I can create a zip file and import it into my IIS server. If SharpDevelop provided that, I'd be set.

Does SharpDevelop compete well with Visual Studio Professional and above? It doesn't appear to. However, it's not $500+ to obtain, either.

Yep. Getting stakeholders to face reality is always the challenging part. We managed to do it (OK, mostly do it) by running some extensive JAD sessions. No one left until things were agreed to and signed off by people who could make that commitment.

It doesn't mean that things didn't change down the road, but at least people understood the change, the weight of the change, and what that change would cost. Sometimes the change was documented and pushed out, and at other times the change was important enough to drop other aspects of the project. It still meant some gear grinding, but next time we had a better idea of the problem space, made fewer requirement mistakes, and consequently fewer whiplash changes.

As for daily stand up meetings - no one really liked them, but we made them serve a slightly different purpose. First of all, ours lasted about 15 minutes. Second of all, we focused on upcoming issues, especially those that might need additional resources to run smoothly. Doing so made it possible for those resources to be obtained in a timely fashion. Business types appreciate it when they're not whipsawed.

Day to day communication was handled a lot by IM. Rules were - don't bother someone whose status is "do not disturb", and don't set "do not disturb" as the default status. A couple of people sort of abused the "do not disturb" status, but in general that worked well.

I don't know if the above really classifies as agile (we patterned our process more on a DSDM path), but the result is we generated a lot of good stuff, released regularly, and the business people knew what they were getting ahead of time. Was it smooth sailing all of time time? Nope. Was it exhausting? Yep. In the end, was the process only used for mission - critical projects or ones where corporate - wide sign-off was needed? Absolutely.

There are quite a number of ways to harden access

1. pam-abl (as noted above)
2. denyhosts
3. VPN (openvpn works for me)
4. Hosting ISP firewall

Also as noted above, do not permit direct remote root access. Doing anything less is just advertising yourself as a platform for malware.

The first three are quite easy to set up. There is really no excuse for not setting up a least a minimum level of security on your system. That plus careful use of mod_security, and you've done quite a bit towards thwarting the casual drive-by cracker.

. . . . just my two cents

Yep, Flashblock is the way to go. Back when I had a lowly P4 with only 1.5 GB of ram (still have it as my XP browser test machine / Linux server), a Flash-heavy page would slow the computer to a crawl.

I don't mind non-intrusive ads. I don't even mind (too much) the more "content after the jump" ads. I'l even grudgingly put up with the "press skip to continue" ads. What I won't put up with are ads that cover the page, ads that play music, ads that have intrusive animation that I cannot control, and other interactive ads that I must interact with before viewing content (skip ads above excluded).

When I encounter such ads, the organization behind the web site, the advertising company (if I can figure out who produced the ad), and the company who's product is being advertised all get fairly acerbic letters from me. Repeat offenses mean I will not purchase or recommend those products, and will not visit those web sites. I let the three groups responsible know this as well.

I know, one person writing email to a PR / marketing drone in a large company does virtually nothing. I'm sure it probably does nothing other than generate a chuckle for people at an advertising agency. I think an advertising agency's entire business model is centered around being annoying.

Possibly many people writing would do something — I have seen fewer "take over your screen interactive flash ads" recently.

For the TL;DR crowd . . . I visit sites for the content, not your advertisements. Make the advertisements relevant to the content, my interests, and less the center of attention than the content. Do that, keep out the malware, and you might even get some clicks from me. Fail to do that, and I just won't visit a site, nor use the products you advertise.

Yep, it takes discipline (he says as he posts on Slashdot while working from home).

Actually, I'm more productive at home than I am in the office for the most part. I'm a systems architect, but I still get both programming and system admin queries from colleagues. Pulling my head out of an architectural problem and back into the detail that programming or system admin requires creates lots of lost time (insert pulling my head out of other place jokes here). That level of interruption happens less when I work from home rather than at the office.

I say less, because I'm still connected. At least one of my VPN connections is always active (we use two, incompatible VPNs, a problem I hope to have resolved by June), cell phone is always on and available, mail is automatically checked every 5 minutes, and Skype / Google Talk are on. I'm usually being productive by 7:30 AM (today was 8:02 AM), with a 5 minute break at around 9:30, lunch at 12:30, and an afternoon break around 3 PM.

What I find is that people try to solve some of the less complex problems on their own first before emailing / calling / IM'ing me when I work from home. When I do get contacted with a problem, the person is usually much more focused in solving the problem. Sure, there's usually a bit of chat (mostly around craft beers these days), but much less so than in the office.

Do I miss the camaraderie of the office? Sometimes, yes. I go in occasionally, and we have off-site all-hands meetings as well. It's not quite as connected as the "all office, all the time" environment, but I find it works well for the type of stuff I do.

The only thing I miss is a large, printing whiteboard. Sadly, no room to put one in my home office. The best that I can do (and I'm thinking about it) is to mount a 4'x8' whiteboard sheet on the wall. That or get a Wacom tablet . . .

If you want a free data analysis system, there's always R.

It's a bit of a beast to learn (at least for the non-statistician that I am), but it worked pretty well when teaching someone how to do ecology analysis. There are GUI front ends for KDE (RKward on Linux) and R Commander on a bunch of platforms. I have used RKward and ESS (Emacs speaks statistics) to work with R.

R has an entire repository much like CPAN. It's called CRAN, for the Comprehensive R Archive Network. If you've thought of it (statistical analysis), it's probably already written, tested, documented, and there may be academic papers out that use it.

I am currently a systems architect, and work on making flexible systems. I know this is a bit far afield, but on the Windows 7 I'm working on, I have both JRE 6 and JRE 7 installed. I can convince my system to switch back and forth at will by fiddling with the Java Control Panels (for the browser) and some environment variables (PATH, JRE_HOME, JAVA_HOME) for the actual Java. This seems to satisfy the browsers, my IDEs, Tomcat, Glassfish, and some random desktop applications I have. I don't know how this would impact your system.

In fact, life on this particular machine is more complicated than that. It seems that even though I'm running a 64 bit system, at least 2 of my browsers are 32 bit. Thus, I have four JREs and two JDKs installed. Swapping around to the right one is a bit of a pain, but possible. I just have to find the right Java Control Panel, run it as Administrator, and I can switch things around.

However, at no point in all of these installs did the Java installer prompt me to uninstall a different version. True, I can no longer easily run multiple versions of JRE 6 or JRE 7 (without changing the target directory), but I normally don't do that. I used to do that with JRE 5.

Granted, doing all of this requires administrator privileges, and is much more cumbersome than it is on Linux, but it appears to be possible. Without knowing more about the particulars of your environment, it's hard to say why the Java installer is prompting you to uninstall JRE 6. Again, I've never seen that behavior, with the possible exception of installing on Linux via an RPM. I believe even in that environment you have the option of choosing with Java platform to use via the alternatives command. However, I tend to install Java by hand on Linux (for a small number of systems) and by custom script (for a large number of systems). I've found the alternatives system to be somewhat incomplete in maintaining multiple JDK/JRE combinations for development and testing.

Your mileage may vary of course. This just works for the systems I'm responsible for.

Oh, and as for hard-coding stuff. You have my condolences. I suggest finding the developer, and assigning him or her remedial system administrator / help desk duty for the rest of his / her career. I'm only being just a bit hyperbolic here . . .

Hmm, I use the off-line installer and didn't get asked about the Ask Toolbar. It could be because I install the JDK with its public JRE, and not just the JRE. I'll have to try an off-line installation of the JRE on Windows and see if it's still there.

Right now I have some software that will not build in Java 7. The developers decided to use some Sun - proprietary APIs that no longer exist in 7. There were big warnings about this when the code was built using JRE/JDK 6, as well as warning all over the Javadocs. However, these developers knew better. Now the code won't build in Java 7 until the dependency on these proprietary APIs is replaced. It will run just fine on Java 7, but you cannot do maintenance on the code using Java 7 until the code is fixed.

On what screwed up platform is this?

Seriously, I have 1.6.0_39 and 1.7.0_13 happily running together on all the platforms that I'm responsible for (Linux, Windows, UNIX of various flavors).

This patch was rather important in that there are some server side security issues being patched as well as browser plugin issues.

I'm seeing all of this hate, but you know what, I just don't get it. Software of any complexity has bugs. Microsoft used to be the champion of security exploits. Now it's Java. And lest anyone forget, there are myriads of PHP / Ruby / Python security bugs that allow systems to be exploited. I'm not even sure that there's a secure Ruby on Rails platform at this point, for example. I don't know for certain about Ruby, since the only Ruby platform I have right now is for Redmine.

I guess though everyone likes the Faux News mentality of computer security reporting. It garners page clicks, makes people feel important and is a lot easier than actually doing any work. It's like the hit piece someone at InfoWorld did on a Spring Framework bug that could possibly be exploited (albeit not very easily). The sensationalist piece completely overlooked the fact that the issue had been addressed over a year ago. The "journalist" at InfoWorld was too busy jumping on the "all things Java are evil and insecure" bandwagon to do the tiny bit of research needed to write intelligently about the problem . . .

Just like people are now doing about the current issue . . .

My favorite comment so far has been along the following lines

Sure, [insert-least-favorite-software-of-the-day] may be patched now, but will it remain patched?

I thought at least professionals were a bit more intelligent than this. I guess not.

I haven't used mono on Linux in a while, so maybe it's been improved. Earlier versions on Fedora were a mess.

One of the biggest issues I had with mono was its clash with SELinux. There was just no way to get Apache HTTPD / Mono / SELinux to play nicely together. After the fifteenth or sixteenth custom SELinux rule I just punted. I lodged all the SELinux bugs with Mono, and there they sat.

Another issue I had was with hard-coded ports. It was very difficult at the time to run both the Mono server and something like Tomcat on the same platform. To me, this was the only reasonable way to test ease of development, software release, and performance. Unfortunately, I didn't have a set of identical boxes at the time.

Due to all of these infrastructure issues (including chasing down obscure libraries - I don't mind building them), I abandoned C# / Mono and happily run everything on Tomcat or Glassfish (or Jonas or JBoss, etc). Tomcat just works on every platform I run it on. I run it on Linux, I run it on XP, I run it on Windows 7 (haven't tried Windows 8 yet), I run it on MacOS. The same web application (if written properly) runs on all of those platforms without change.

I'm not much of a developer - more a systems architect - but I've developed Java - based web applications on Windows, Macintosh, and Linux. I use the same tools (I'm a NetBeans / Maven fan), and they operate in the same way across all platforms. To me, having a platform - agnostic environment is very important. I am then not constrained (nor do I have to constrain team members) to a particular environment. I work on Linux, the servers run on Linux, most people develop on Windows, and there is one person on a Macintosh. And yes, right now I'm posting from a Windows machine.

I can do the same thing with PHP, Ruby, Python, Scala, Lua, Perl, or Scheme. I cannot create a flexible, platform - agnostic environment with C#. I also have issues with the C# language, but this isn't really a language wars thread.

And you are composing mail in HTML, why? I read all of my mail as plain text. If you've done some fancy formatting in HTML to call attention to a particular point, I won't see it.

Try organizing your text in a clearer fashion. Try using lettered or numbered points. Even dashes for underscores work as long as you are not reading / writing in a proportional font.

If you cannot tell by now, I really dislike HTML mail. Use plain text, you'll know how it looks for everyone, it's lighter in weight, and doesn't distract from the information you're trying to send. Besides, many mailing lists discourage if not expressly prohibit HTML mail.

/ I know, get off my lawn
// Seriously, HTML is for web pages, text is for email