Glad you said "next to nobody".

I have an Acer Iconia A500, has a full sized USB and HDMI output.

I've only used the USB a few times (keyboard and a thumb drive). When I did use the USB port I was very happy it was there!!

It took me 2 tries, 2 hours apart...then I got in. That was last week FWIW.

no, I am not suggesting you use un-encrypted wireless and most certainly not suggesting we get rid of firewalls either.

I am suggesting that there are way too many techs that forget how to take care of the end user and make their experience an easier one.

You should also add in the time it takes to install that cert on every device.

There are 2 basic attitudes I see here:
1. Who cares if the user gets errors, they should have installed the cert
2. Just set it up according to Microsoft's recommendations and not have users complain.

#1 will result in numerous calls to whatever helpdesk is available. In the extreme, you get the owner/ceo/exec/etc... barking at you because they don't understand the error message. Or, you use an internal CA and have to manually manage all devices. What do you tell the owner when they get a new phone on Sunday morning and ask you why they can't just set it up.

#2 results in no errors for the end user...it just plain works. The only ones who seem to have a problem are engineers/techs that don't seem to care what the end-user experience is.

You can go about this either way. It's your choice.

I prefer to setup systems so that users don't need to call me every time they get a new device, computer,etc. That is what the autodiscover service is for!

To avoid "this is an un-trusted root CA", you should use a public cert.

Is it better to setup the cert properly to not give errors, or teach your users to ignore them?

Or, maybe you just get a real certificate issued so you don't have issues when...say...the CEO uses his iPhone or other mobile device internally.

How is this new? People have been using internal server names (fully qualified and not) for a long time.

In fact, Microsoft Exchange "best practices" state you should be using the unqualified server name as one of the SAN entries in the SSL cert.

I agree with the Etymotic earplug recommendation. I have had a pair since the late 90's and they are great.

Granted, I haven't used them in years and they are probably a bit gross now. meh....

No, I'm sorry but you are the one who is wrong. It means "The Land": http://en.wikipedia.org/wiki/Haaretz

Hold on a second.....

You are stating that because a jailbroken iPhone can use a 3rd party store this is all Apple Hating?

How about the fact that you MUST jailbreak your iPhone to use it with a 3rd party store?

Ok, how about the fact that iPhone Jailbreaking Could Crash Cellphone Towers, Apple Claims.

Sorry, just trying to point out a problem with logic.

Wait, but you can use a 3rd party store...but you have to jailbreak your phone, which is bad......

Not at all. I got my HTC Hero in January 2010. The stock image on the Sprint HTC Hero was fine. After the 2.1 upgrade I had an issue with slow dialing. That was actually caused by the radio firmware which is entirely sprint's fault and was fixed by a trip to the sprint store. Since then I have decided to root the phone to install a different build with 2.2. How is that any different from having an original iPhone and not being able to run the latest iOS?

Then sir, you are a fool. How exactly is is a failed experiment? My phone seems to work just fine, I can find any application I want...and...I can replace my battery!