Sounds very similar to what we developed. Parallel evolution? Or just creative re-use of obsolete Portmasters?

When we got more powerful hardware for the SSH bastion host, I wrote a set of daemons and scripts which would maintain one 'screen' session for each console port. At startup it would enable logging, make a 'telnet' connection, and then disconnect the session and leave it idle. When a user wanted to access a port, they'd run a menu tool (setuid launcher and Perl, iirc) that would give them a list of sessions to which they were entitled access, and also show the status of each screen session -- alive, dead, or in use by somebody else. When you attached to a screen, the script would send a 'title update' escape sequence, so with PuTTY your terminal titlebar shows what device you were attached to, no more pasting into the wrong window!

The main reason for using screen was that when you attached to an existing session, you didn't just get a blank prompt like 'tip' or telnet, you were dropped into a session with the latest output on the screen and scrollback available to go back hundreds of lines. So if you were trying to connect to a Cisco router that had just frozen, instead of seeing nothing, you saw the panic message it had last emitted. Also gave an audit log of everything executed on every console, going back basically forever.

Saved the company $$$$$$ with this build, between not spending money on half-ass Digi appliances and faster diagnosis and recovery when devices went braindead (especially in lights-out remote data centers). By the time I was downsized out of the corp, we had 3-4 deployments across multiple cities/countries.

We did the same, but isolated all portmasters on a standalone switch, as the product line has been dead for years and the security in the product was pretty minimal even when Livingston and then Lucent was actually supporting the Portmaster. I think this guy is more asking about the software to handle the connections/auth/logging/etc rather than asking about a hardware solution?

darinbob:

Nice slander there. Timothy Mcveigh was a former member --he joined while he was in the US Army, but later quit the NRA, viewing its stance on gun rights as too weak.

I dunno, the background check for ammunition purchasing would be enough to have me move out of New York. This means every time someone goes to the range to do some target shooting, they have to get a background check if they buy a box of ammo to shoot?

This will increase the number of calls into the check system by orders of magnitude. Today the usual NICS background check turnaround times vary by time of day and what else is going on (gun show weekend == one to four hour turnaround). And there's no mandate that the state return results in a timely manner, so access can be artificially manipulated by downstaffing the background check office or otherwise ensuring that the checks take an excessive amount of time. And there are stores which sell ammo but not firearms, so these will need to have access to the system.

Adding an extra hassle to each ammunition purchase pretty much guarantees that people are going to buy the maximum amount of ammunition allowable with each purchase, and also pool together purchases for groups of friends. Or just drive across state lines and buy their ammo in a "free state".

Laws on this vary by state -- in several states auto insurance is not mandatory, and if the owner doesn't intend to operate the car on public roads, there is no title, registration, or tax to be paid -- all the paperwork is around vehicles which operate on public roadways. A track car that I transport on a trailer, or farm vehicle that only incidentally uses roads, is not taxed, licensed, or registered.

Most states are the same way with firearms, there is no permit or registration or fee unless you want to obtain a state-issued permit to carry concealed (available in 49 of the 50 states). Imposing an annual tax on a constitutional right has already been struck down by the supreme court, just read up on the history of the "Poll Tax".

Existing laws (e.g. New Jersey) mandating safety features specifically exempt the police.

If anybody "needs" user-restricted handguns and these other features, it would be law enforcement. I'd go so far as to say that these should be mandatory for LEO on and off duty, and optional for the rest of us.

Actually, it does add up, when you consider the breakdown of the total people polled:

There were more than 3,500 responses to the 10-week consultation - which included those from members of the public, academics, charities and communication firms as well as 757 from parents.

So parents made up less than 20% of the total respondents, and some parents were in favor of no filtering of any kind. Even in the UK, people understand that government shouldn't be in the business of filtering lawful material, and that automatic opt-out filtering has a chilling effect.

I'm subcontracting for a major consulting firm, on-site at their biggest client. The consulting firm wants to look good for their client, insists on having warm bodies in the seats at the client site during the client's business hours (8-5), even though the nature of my tasks and of client's business means I can't actually implement anything during business hours.

So I sit in a chair in front of a laptop for 8 hours writing "documentation" and dealing with change manglement processes, then another 1-3 hours actually getting real work done after the close of business. It'd be cheaper for them to hire a wannabe actor to sit in my seat from 9-5, and then just pay me for my 3 hours a day of actual productivity.

If you control the terminal, and don't mind invading the user's privacy (and possibly increasing your liability, e.g. if passwords are compromised), then yes, you can filter HTTPS just like you filter HTTP. All the major commercial web filtering appliances can do it, as can Squid: http://blog.davidvassallo.me/2011/03/22/squid-transparent-ssl-interception/

Actually, many of the more complex commercial firewall products CAN partially filter facebook. For example, you can permit reading but block posting updates, or permit access to most pages but block Farmville and all streaming media from fbcdn.' I've always thought the easy way to cut down on problems with this sort of Internet access was to permit Content-type: text/* but block all images, audio, and video. Basically, let them read Playboy for the articles!

Claim from "girlintraining" is about exclusion of use of open source in end-user businesses: "Microsoft offers huge discounts to businesses that agree not to use a competitor's product. They also regularily check for compliance and there are large fines for any company caught using open source software. Management often parrots what Microsoft says to tell the tech workers who question the policy, but if you ask the right people the right questions, you'll find out the company you're working for entered into an exclusive contract with Microsoft, and that was one of the conditions.. I asked for any proof. None was provided.

This isn't about the deals Microsoft had with PC hardware sellers (Dell, etc) regarding shipping new PCs with free operating systems installed, this is a claim of exclusionary contracts with end-user businesses forbidding the "use" of any open source software (not just OS, applications as well). Extraordinary claim, where's the extraordinary proof to back it up?

Automobile owners are NOT licensed in the USA.

I owned 2 cars at age 13, didn't even have a state ID at the time. Couldn't drive them on the street, but could operate on private property with no restrictions at all. Where I live in the USA, automobile drivers do not have mandatory insurance, nor mandatory registration of the track car in my garage, nor mandatory training to drive on private property.

Other consideration is that an mandatory rule will be abused by Sarah Brady and friends to try to make it more difficult to own firearms. For proof, just look at the gun laws in Chicago and D.C. both before the recent USSC cases, and the new laws they've enacted since the court struck down their blanket handgun bans. For example, Chicago had mandatory handgun registration, but closed the registration list, and dropped registered owners if they didn't re-register each year within a 2-month window for renewals.

The Google Voice transcription is so uncannily near-perfect with phone numbers, and so awful with everything else, I suspect it is cheating, and using the Caller-ID and other sources to cheat on 'recognizing' a phone number.

I have been an employee/contractor at many Fortune 500 companies, and have never seen anything even hinting at a contract with Microsoft involving "large fines for any company caught using open source software". Care to provide any proof of Microsoft contract with any F500 consumer of software that prohibits said F500 from running open source software?

People talk about this records retention issue like law enforcement is asking ISPs to store full packet captures of every session and decrypted SSL traffic, or even just netflow data on every customer's every transaction.

If you read the articles, they're really just talking about storing the dynamic IP address (DHCP) assignment records, showing when each customer was handed a particular IP to use, and when they stopped using it. So perhaps 1-2 records per week per customer, or less -- I still have the same "dynamic" IP from my cablemodem provider as when I first signed up a year ago. To oversimplify, it's the difference between asking a hotel to put a camera in every room versus just keeping a register of who has received a key and whether they've checked out yet. And this law lets the wireless carriers keep running their no-tell motel operation.