Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:Smart Move? (Score 1) 407

by admiralex (#34096490) Attached to: Google Sues US Gov't For Only Considering Microsoft

Loopholes are not really the issue here.

I work in the Federal Government doing IT, and you're dealing with a workforce that is neither nimble nor flexible and in a lot of cases is a decade and a half behind the rest of the world technologically. It's easy to say from a bird's eye perspective let's just rip all the Microsoft stuff out and throw in some tech from some other vendor, but think about what that would mean to the civil servants, most of whom are in their 50s or 60s and don't particularly like computers in the first place. Indeed, I'm a Mac guy working next to a group of people who are supporting a mainframe that's just within the past year been decommissioned in favor of a move to a Windows-based software delivery platform that until a few months ago was running on Windows 2000 server. Who's going to teach them how to use the new stuff? What happens when it's upgraded? And web applications, as we all know, are upgraded at warp 8. Who's going to teach them how to use it securely and effectively? How is it going to integrate into existing workflows? Where are you going to find contractors with the appropriate certifications, clearances, and .gov experience to support it?

The government runs on Microsoft and MS is entrenched in the data center. Windows is JUST NOW displacing mainframes, and the Mac is nibbling at the edges of that. Web-based apps (especially hosted somewhere other than a secure room in the heart of one of the giant buildings in downtown DC) are out of the question for a variety of reasons, and that is not going to change before we've moved on to whatever comes after the current web apps craze.

Google has a point, but the deck is decidedly stacked against them. The fairness argument they're trying to make will be trumped by practicality. The government is not going to set up a hodgepodge of different platforms all doing the same thing in different, sometimes incompatible ways just because it's not "fair" for competing technology to be excluded from the bidding process.

Comment: Re:So here's an idea (Score 1) 839

by admiralex (#30594708) Attached to: Midwest Seeing Red Over 'Green' Traffic Lights

What, you mean like wasting all this money and time trying to come up with a solution to a problem that's not really a problem? I think it costs more and produces FAR MORE pollution to hire a contractor to go out and knock snow off the light than it does to put the old lamps back in and let them melt the snow with "waste" heat. Switch to LEDs in climates where the fact that they run cool isn't a problem and keep the old tech in climates where it serves an actual purpose.

It's not "waste" if the "waste" is performing a critical function.

Comment: So here's an idea (Score 1) 839

by admiralex (#30594052) Attached to: Midwest Seeing Red Over 'Green' Traffic Lights

Um ... if the old lights were hot enough to melt snow and stay visible in a blizzard REVERT TO THE OLD TECHNOLOGY! Clearly the wasted heat wasn't exactly wasted if it served a useful purpose. Why waste all this money coming up with these crazy schemes for getting snow off an LED when a regular old hot incandescent has the functionality you need BUILT IN?

Comment: Re:Many bothans died to bring us this transformati (Score 1) 491

by admiralex (#30577790) Attached to: China Debuts the World's Fastest Train

An "advantage" of their government? Advantage? LOL. I've never heard totalitarianism described that way before. By this description, the U.S. was wrong to abandon slavery in the 19th century. All it did was throw away a large, obedient workforce.

You forget that rail drove American expansion across North America and built the economic engine that saved the world from the Nazis and the Japanese in the middle of the 20th century. Why was the transcontinental railroad built? Because it was profitable. No one currently has a financial incentive to build high speed rail in the U.S. because there aren't enough paying customers to make it profitable. I'm pretty sure the Obama administration is very willing to build high speed rail to every state in the union, but the republicans would jump up screaming BIG GOVERNMENT and the plan would go nowhere. If the government can't build it and private industry is not willing to invest in it, who's going to pay for it?

China can get away with this because 1.) they don't have laws/regulations in place that protect the environment, 2.) they don't have to deal with private property, 3.) they've got money to burn, and 4.) they have a political structure that won't get in the way. China is not a democracy, and it's not especially capitalist though it looks like it is through the eyes of someone who doesn't really understand capitalism or democracy. A totalitarian regime can do whatever it wants and spin the result however it wants. It's the responsibility of those of us in the outside world who can see those "accomplishments" for what they are to call it like it is.

How many habitats were destroyed / communities displaced / people driven from ancestral homes / workers' lives lost to build this high speed railway? We'll never know. Because that's how totalitarianism works. As an aside, the transcontinental railroad did the same thing. It was built on the back of chinese laborers and destroyed countless native american civilizations. One can only imagine the impact this has had inside China.

Something else in terms of perspective. Yeah France can build high speed rail. That, in the U.S., is about the equivalent of building high speed rail from San Francisco to Los Angeles. It's all in one state handled by one state government and can be routed through land that would make private property/environmental issues far less of a concern. To build something like that across STATES in the U.S. would be the equivalent of trying to build rail across COUNTRIES in Europe. Try to extend that rail from Paris to Moscow and see how quickly that gets done. When you compare the U.S. to another European country, remember that you're talking about a country that spans an entire CONTINENT. More legal issues, far more expensive, and far more time required to do that. If we were doing this on a state level, of course it could be done ten times faster. France can do it, and so can California. Could the EU?

Comment: Re:Many bothans died to bring us this transformati (Score 1) 491

by admiralex (#30577522) Attached to: China Debuts the World's Fastest Train

An "advantage" of their government? Advantage? LOL. I've never heard totalitarianism described that way before. By this description, the U.S. was wrong to abandon slavery in the 19th century. All it did was throw away a large, obedient workforce.

You forget that rail drove American expansion across North America and built the economic engine that saved the world from the Nazis and the Japanese in the middle of the 20th century. Why was the transcontinental railroad built? Because it was profitable. No one currently has a financial incentive to build high speed rail in the U.S. because there aren't enough paying customers to make it profitable. I'm pretty sure the Obama administration is very willing to build high speed rail to every state in the union, but the republicans would jump up screaming BIG GOVERNMENT and the plan would go nowhere. If the government can't build it and private industry is not willing to invest in it, who's going to pay for it?

China can get away with this because 1.) they don't have laws/regulations in place that protect the environment, 2.) they don't have to deal with private property, 3.) they've got money to burn, and 4.) they have a political structure that won't get in the way. China is not a democracy, and it's not especially capitalist though it looks like it is through the eyes of someone who doesn't really understand capitalism or democracy. A totalitarian regime can do whatever it wants and spin the result however it wants. It's the responsibility of those of us in the outside world who can see those "accomplishments" for what they are to call it like it is.

How many habitats were destroyed / communities displaced / people driven from ancestral homes / workers' lives lost to build this high speed railway? We'll never know. Because that's how totalitarianism works. As an aside, the transcontinental railroad did the same thing. It was built on the back of chinese laborers and destroyed countless native american civilizations. One can only imagine the impact this has had inside China.

Something else in terms of perspective. Yeah France can build high speed rail. That, in the U.S., is about the equivalent of building high speed rail from San Francisco to Los Angeles. It's all in one state handled by one state government and can be routed through land that would make private property/environmental issues far less of a concern. To build something like that across STATES in the U.S. would be the equivalent of trying to build rail across COUNTRIES in Europe. Try to extend that rail from Paris to Moscow and see how quickly that gets done. When you compare the U.S. to another European country, remember that you're talking about a country that spans an entire CONTINENT. More legal issues, far more expensive, and far more time required to do that. If we were doing this on a state level, of course it could be done ten times faster. France can do it, and so can California. Could the EU?

Comment: Many bothans died to bring us this transformation (Score 2) 491

by admiralex (#30575788) Attached to: China Debuts the World's Fastest Train

Before we start lauding the Chinese for bringing this technological marvel to the world and criticizing the "west" for falling behind, perhaps we should be mindful of the fact that the only reason this is possible is because the Chinese government can walk up to your house, tell you it's no longer yours, and you have no recourse. No concern for the environmental impact, human impact, long term impact, etc. The Soviet Union's great technological leaps looked mind blowing at the time as well, and look where they are today.

Comment: Re:Keeps happening (Score 2, Informative) 134

by admiralex (#29603541) Attached to: Communicator Clothing

Just as a point of clarification -- not that this poster is inferring anything wrong -- but the TNG communicators were not part of the uniforms, they were attached to the shirt like a broach. If you didn't want to be contacted/tracked, you took the communicator pin off and you couldn't be tracked by that method. Of course that didn't stop ship's sensors from finding you whenever they wanted to, but it's not as if they were implanted.

Comment: Mass Mac Deployment for Dummies (Score 3, Informative) 460

by admiralex (#29500369) Attached to: Large-Scale Mac Deployment?

I do this for the federal government, after coming from a university environment where I grew up with the Mac from the bad ol' days of the late 90s through Apple's phoneix-like rise from those ashes into the titan it is now. Truth be told, not much has changed.

For mass deployments, I'm about to look into Casper, but NOTHING I've seen or heard about beats netboot/netrestore -- and mind you, I live and breathe Mac. I use PCs to manage Remedy tickets, and that's it. The ability to create a master image, upload it to a server, restart a machine with the n key pressed and have it image itself was and is nothing short of magical, and it's the deployment solution I'm moving toward for the portion of the Treasury Department network I control (if I die, money will cease to be printed). Unless Casper can top that, netinstall + n is still my deployment solution of choice, and one that the folks where I used to work are still trying to replicate three years later. There's nothing faster or more foolproof.

Prototyping is just as easy. I deal with everything from banknote designers (pull out a bill. Isn't it pretty? My designers drew all that stuff on their Macs) to executive management, and though they use their machines differently, they all have the same baseline needs -- a rock solid configuration that's hardened to IT Security's exacting (if evolving) standards, and Office to handle collaboration. My base image is a hardened installation of Leopard with fully-patched Office. That's standard across all machines. This base image is what I run in regular user mode on my personal production machine so I will know firsthand exactly what the user experiences from day to day. I customize the default user environment on the standard image to suit _my_ tastes and allow the users to tweak and refine that environment as they see fit. I learned years ago that this is the best approach for standardizing a user's desktop because I know how to work around the various quirks of OS X that can become annoying after using it for an extended period of time, and they usually haven't been on Macs long enough to have figured these things out. The more experienced of my newest users typically bristle at this since to a person they always think their approach/way of configuring the Finder/desktop is THE way to have their machines work, but I usually don't hear a peep from them after a week or two of working in my environment. The biggest compliment to me is when I cease to get trouble tickets from my bitchiest users because they find that I've already anticipated and addressed their most obvious complaints in the standard image.

On top of the standard image, I install applications specific to the machine's role. The designers, for instance, get Adobe CS 4 and additional design-focused applications such as Quark and a font manager. My video people get Final Cut Studio. My engravers get the same package as the designers. My method of choice for deploying to these disparate groups lately has been to install the specialized applications on the standard image and create secondary images applicable to specific groups. Banknote design machines, for example, have their own special image and the video production machines have an image all their own. This simplifies things mightily because all I have to know when I want to deploy a new workstation (or repair a broken one) is where it's going. Oh, this is a replacement banknote machine? Put the banknote image on it. Copy the _user folder_ -- and nothing else -- from the old machine, create an account on the new machine, point it at the old user folder, and voila. Completely new hardware, and the user has no idea anything's changed. I've upgraded users from Tiger-running G5s to Leopard-running 8 core Mac Pros, and the only difference they noticed was the machine was "a lot faster." And the Apple menu's a different color. That's the power of Mac OS X.

Security, as I'm sure you well know, is not an issue on the Mac, but given the sensitivity of what my users do, I have to throw IT Security a bone by way of MCX settings. MCX (Workgroup Managed preferences, in other words) allows you to dig deep into preference files and turn off/disable things that otherwise might pose a security risk. Don't want your users to burn CDs? Turn burning off. Don't want them to install software or even mount disk images? Turn that off too. Want to be a real nazi and lock down iTunes so they can't get to the store or listen to any internet radio stations? Want to restrict application execution to a specific directory? You cannot, for example, run an executable that lives anywhere other than /Applications/? You can do all that with MCX. And not only are these settings irrevocable from userland, they can be enforced at login, at logout, at reboot, at random times during the day, every hour on the hour, however you choose to inflict them. The Mac is your oyster, especially if you know how to use shell scripts and installers judiciously.

And that's pretty much it. I don't worry about updates since, for one, I disable Software Update on all my machines so I don't have to worry about users screwing up the configuration. All updates are installed first on my production machine and I work with them for a week or so to see if anything obvious pops out at me. This, by the way, is something else that the Mac excels at. The Mac community is so knowledgeable and robust that if 10.6.2 breaks a plug in in Photoshop, you will hear about it and a workaround before it ever becomes a problem for you in house. I usually play with the update for a week or so. If I don't run into or read about any showstoppers, I send an e-mail out and tell my users to run software update. The deployment process will need to be a bit more formal than that in the Treasury Department, of course, but the principle is the same. Dot updates for Mac OS X are NOT Windows service packs, so I don't ever worry about a dot update radically changing anything and usually deploy them to my users within a week or so of their release. Same usually is true for application updates. Install on my machine, if I don't run into any showstoppers, deploy to users. Lather, rinse, repeat.

In short, this is Mass Mac Deployment for Dummies: 1.) build a standard image. 2.) Put that image on your machine, use it as your own production environment. 3.) Customize a default user environment and copy that to /System/Library/User Template/English.lproj so that any new user accounts you create will start out with a configuration virtually identical to what you use every day. 4.) Create a disk image from this standard setup with Disk Utility. Yes, disk utility. You don't need anything else. 5.) On top of this image, install applications that are specific to your users' needs. Design apps for designers, video apps for video production pros, etc. 6.) Create disk images from those. 7.) Deploy the images to your users. This is not something you really need an infrastructure for. If you reimage more often than when new hardware comes in or a new OS is released (and I'm talking a 10.7 or a 10.8, not a dot update) then you're doing something wrong. 8.) Find something to do with all your newfound spare time.

Now occasionally you will have users like I do who have damn near 20 terabytes of data that they absolutely must keep around for whatever reason. That's not a problem. Just make sure all their data lives INSIDE THEIR USER FOLDER (and it's hard for them to not save everything inside their own user space) and you can move it all at once without having to worry about data loss. sudo ditto -V . Bit for bit copy of everything in the user folder. And as an extra plus, lately I've started isolating user data from the image entirely. All of my machines have three drives in them: boot, work and scratch. I created a /Users folder on Work and point the accounts there. The boot drive can now be read only and I can make changes to the configuration at will without having to worry about any data being affected. Need to completely reimage the machine for some reason? Boot in target disk mode, ASR the new image to the boot drive, recreate the user account in the new image and point it at /Volumes/Work/Users/. Or better yet, if you've got some of the most recent Mac Pros, snatch drive one out of the machine, install it in your production box, image the drive from there, take it back to the user, plug it back into their computer and hit the power button. Game over, thanks for playing. This approach is just in the testing phase right now, but so far I've had zero problems with it. Cuts down migration time from hours to minutes.

Hope this helps.

---
"The best way to predict the future is to invent it." -- Alan Kay

"Necessity is the mother of invention" is a silly proverb. "Necessity is the mother of futile dodges" is much nearer the truth. -- Alfred North Whitehead

Working...