I mean, I guess that's how we all feel about Windows ME. Right? Totally.

What? What if they do some kind of heavy duty number crunching and he's talking about his Beowulf cluster? What if they're a small, high-priced CGI company and they have three render farms of 10 boxes each and ten regular servers? What if they're a web hosting company and those are the hosts?

I live in Baltimore, and I'm about to hop on I-83 to get to work, which has a 40mph minimum and a 50 mph maximum. As in there are signs that say "Minimum speed 40mph"

Maybe unheard of to you. http://technet.microsoft.com/en-us/library/bb123484.aspx I count well over 100 group policy settings that can be applied through Activesync to a Windows Mobile 6.1 device. Some of these actually do work on an iPhone as well, such as the password and phone lock policies.

Windows Mobile + Exchange 2003/2007 have had this functionality since 2005 at the release of Exchange 2003 SP2 http://www.microsoft.com/DOWNLOADS/details.aspx?familyid=535BEF85-3096-45F8-AA43-60F1F58B3C40&displaylang=en. It even works on an iPhone. I'd hardly call 2005 "recent" in the IT world.

Uh... because when you're getting wrecked by those goddamn green hopping jerk bug things, you can't press "start," type in "Justin Bailey," kill them, turn the cheat off and then continue on.

Correct, it does not count. You can only activate it at the very beginning of the game, just like with Justin Bailey; you can't turn it on, pass a hard part, and then turn it off. That's what the summary is talking about.

You're missing the point, which is that whether or not you're connected to the VPN, chances are good that your browser stores some credential information. If you're on a LAN that's the same subnet as your VPN endpoint, then once you disconnect, a malicious local user would be able to coax your browser to give up cookies about the VPN-accessed pages. Your browser uses IP addresses to associate a cookie with a host, which is what makes this possible, and explains why the certificate model of HTTPS on the corporate Intranet foils this attack.

First of all, any good VPN client allows the admin to prevent that (i.e., I don't consider the built in Windows PPTP client to be an example of a "good client"). However, that being said, for almost any circumstance I'm pretty confident the number of users who would know to do that would be 1%.

Yes but does it run on a beow... oh. Sweet.

I think the unspoken point of the article you seem to be missing is that, out of the meltdown of the global finanacial infrastructure, maybe this is not the time to screw up something that is actually doing fine the way it is.

Let's continue this conversation in a parallel universe, where the Internet did not arise out of US government and educational institutions.

Watchguard's been doing that since 1996! I really do like the Firebox Core after using it for a year or two, but man, you can tell that they've taken work from multiple unrelated development projects and strung them all together with a "manager" that simply launches bulky, inconsistently designed apps which then in turn launch more inconsistent smaller apps. Great feature set and very fast, though, once you get past the decent learning curve and annoying support contracts.

As I sit in my 130 year old studio apartment, I can safely say that I'll only consider Baltimore a city of the future when I get more than 200kb/s upload speeds and less than 130ms ISP gateway pings on my city-wide, 4G, futuristic-looking Xohm modem.

You are referring to what is known as "Split Tunneling;" which is a legitimate, albeit less secure, VPN configuration. Basically when split tunneling is enabled the client workstation's default gateway is still it's local gateway and DNS requests get routed by the client to the appropriate DNS server, whereas in a non-split tunnel the default gateway is the remote gateway (which obviously has no way of routing to the local network) and all DNS requests go encrypted through that. There are several reasons someone would want to do this:

• You need people to access their local printers/network resources and don't have some kind of pass-through ability
• You have limited bandwidth at your remote site and cannot handle the Internet usage that would be NATed through
• Your gateway does not support NAT on VPN tunnels and your clients need Internet access
• You don't realize what you're doing

Either way, what I do when I have some kind of weird situation where a user needs to change their TCP/IP config routinely is just put a couple shortcuts with pretty icons on their desktop that point to batch scripts that run a netsh script. You should be able to completely change an IP configuration on a Windows box with this utility, the user just runs "home.bat" when they're home and then "office.bat" when in the office. A Google for "netsh exec" should give enough info to get started.

Alright, fair enough; reading back it's clear I did interpret much more than what you actually said in your comment, and I was incorrect and kinda a dick about it. I apologize.

Oracle owns Sun, which is the parent of OpenOffice. You never noticed the OpenOffice options when you do a Java update?

Look at the OP. We're talking about OEM PCs that will be shipping with Windows 7.