There is so much essential functionality missing from key management and encrypted e-mail, that it is in a barely usable state. For the Brazilian government, or any government for that matter, to provide end-to-end email encrytption for their own workers, so much more needs to be done.
Name me even one mail client or plug-in that can search encrypted messages, the body not just the metadata. Or how about re-keying stored messages? Federal employees often have an obligation to archive communications, but how will that fit with the recommended practice of re-keying? The list goes on.
E-mail encryption has been rather thoroughly thought through at the protocol level (thanks, Phil!) but when it comes to how it can be made to fit in with normal workflow, practically nothing has been done yet.
Microsoft used secret APIs to give its programs an advantage over competitors. That had a big effect in the 1990's. It is apparently still going on in some things but we'll have to wait, as usual, a long time before it turns up in court records. And like before, the damage will have been done. The only way to stop it is to stop using M$ products.
You can find more like that if you wade through the material of the Comes V Microsoft case at the now archived Groklaw site. Basically anything bad that has been said about M$ and the people that work there is true.
And that was just a lame excuse. She obviously had other motives for cancelling telecommuting as there is no need for a VPN for real work. SSH does not require a VPN. Nor do version control systems (git, bzr, svn). Nor do HTTPS for the intranet or IMAPS for the mail. Not even SIP or Skype for calls needs a VPN.
VPNs only add an extra layer of complexity and add little to nothing in return. That goes double for PPTP, which is garbage.
So regardless if her telecommuters were productive or unproductive, VPN use is an irelevant metric.
Please note that the author did not mention Denyhosts since his servers run OpenBSD, which incorporates DenyHosts functionality through ''pf'', its packet filter/firewall software (see the brute-force configuration of pf for more details).
You can do the same with iptables on Linux using the module "limit". See the manual page for "iptables-extensions" for the details. DenyHosts may have it's good points, but mostly it just complicates things. There is already a lot of functionality in the packet filter that you can use, whether on Linux or BSD.
However, what I see now, in contrast to years ago, are slower paced attacks. These come in steadily but at a rate that just passes under the threshold. One of these days I ought to look at what is blocked to see if it's just the slow ones getting through or if all the probes are now timed that way.
If you want to oxygenate the box wine before serving, just pour it into a carafe a little ahead of time. The wine remaining in the box stays as it is but the wine in the carafe gets the oxygen needed to take care of some of the tannins. Seriously, even with wine in a bottle, using a carafe is a good way to deal with tannins.
A nice carafe can also help show off the wine itself.
In addition to security there is also the ease of maintenance that you gain by eliminating windows. But security alone should be enough to force the decision by insurance companies offering 'hacker insurance': Time may go by and the name may change, but it is still the old NT kernel underneath.
The Vista series is as vulnerable as XP. That includes Vista 7 and Vista 8. Every few months you have vulnerabilities that affect the whole zoo. On top of that you have a thriving ecosystem of malware flame and Conficker. New malware arrives and joins the old which never really goes away. It is the whole system that is weak, not just the pieces. Not even new, unready systems like Haiku-OS have that. The only way to leave it behind is to leave Windows behind.
No, the only real change since more than 10 years ago has been how M$ has been gaming the vulnerability reports and CERT. Even the shills and astroturfers defending M$ are nothing new.
Because insurances are notorious for requiring their customers to minimize the chance for a reason to file a claim, and your premium is usually dependent on your risk.
Windows user pay higher premiums, but at this point it could qualify as willful negligence. Sure the system may have come with Windows but that's no excuse not to clean it off before connecting to the net.
The trouble with computers is that they do what you tell them, not what you want. -- D. Cohen