|
|
I was recently talking to a client about the lack of guidelines for acceptable personal use of office resources in his company. He rejected the suggestion that he provide any real rules or guidelines (apart from some old rules that most employees were not aware of and of which there was no procedure to remind them to periodically read). He said that he only wanted to hire motivated people who wanted to work, and that people who need rules should work elsewhere.
The results of his approach seem reasonable, everyone who works for him works really hard. In return his attitudes towards employees are more relaxed than most employers, among other things he is very supportive of employees who desire career opportunities greater than his company can offer.
I have been wondering whether rules alone can make people lose interest in working, or whether it’s the type of person who doesn’t want to impose rules that inspires hard work.
My experience is that when working for people who have a rule-free environment I tend tend to work really hard, and that when working for companies that have lots of rules I find it difficult enough to get out of bed in the morning – let alone become motivated to do any work.
I am interested to see comments from other people, both workers and managers. Is my experience common in this regard?
Dell just sent me a letter advertising their new Vostro line “especially for small business“. They say “we listened, then we listened some more” and explain that it’s based on feedback from people in small companies. The problem (which should be familiar to everyone who has ever done any consulting work) is that people don’t ask for what they need! Ask someone what they want in a computer system and the first thing that they will ask for is a fast CPU and a low price, the colour of the box will probably be higher on their priority list than the option of a backup.
Dell have proved this by advertising their small business machines by advertising cheap desktop machines for small business use.
Here is a list of the features that I consider essential in small business systems (based on my experience working for dozens of small companies):
Reliable operation. Using a relatively inexpensive machine as both a desktop machine and a server for the company network is very common in companies with less than 10 people. The Dell PowerEdge Tower systems are reasonably cheap (as little as $800AU – $100 more than a low-end Vostro in the base configuration, although the Vostro includes a bundled monitor). The PowerEdge machines have ECC RAM as a standard feature (avoids data loss due to memory errors) and can be delivered with hardware RAID support (SATA-2 or SAS) and a variety of backup options. A low-end tower PowerEdge server with 250G of hardware SATA RAID-1, a 160G removable disk for backup, and an extra gigabit-ethernet port costs $2015. Such a machine would do really well as a server for a small company while also being quite good as a desk-side workstation (the cooling fans would probably be louder than on most workstations but the money saved would be worth-while for most small businesses). If Dell was to promote PowerEdge tower machines (maybe under the label “Vostro Servers”) it would be good for customers and should be profitable for them.
The next thing that Dell should consider is a laptop with ECC RAM. Many small businesses start out as a sole trader with a laptop. Data loss on such a machine would be catastrophic. At the design stage ECC RAM would not be difficult to add – if there was a company that produced such RAM (I expect that Dell could purchase enough volume to drive the creation of new memory modules).
Another laptop issue is the reliability of mass storage. Laptops tend to get dropped and hard drives tend to break when dropped. Lenovo sells a “ThinkPad Serial ATA Hard Drive Bay Adapter” which allows two hard drives in a Thinkpad which could be used for RAID-1 (if you don’t want a built-in DVD drive). I chose to use regular backups instead of buying the extra hardware for RAID-1 but it would be good if other companies offered such options – especially when promoting their products to small businesses (who often don’t do regular backups). Even Lenovo could improve things in regard to their potential RAID-1 support in Thinkpads by promoting this feature (instead of just having the hardware listed as an optional extra with no mention of why you would want it) and offering a default install with RAID-1. Better still would be hot-swap RAID-1 in a laptop (which would be quite easy to do if the expansion bay was changed to use USB as it’s method of connection). Of course RAID-1 only covers you in the case where the drop is only enough to destroy one disk or if it causes partial damage to both disks but doesn’t destroy the same section of data on both disks.
The next big thing for laptops will be flash storage. One of the major advantages of flash is that it’s almost impossible to destroy it by dropping it. I would rather have my important data on a flash storage than a hard drive (it also saves electricity and therefore makes the battery last longer). The option of having flash as the primary storage device and a hard drive for files that are larger and less important would be useful to most small businesses. Of course hardly any small business owners will ask for this, they will probably ask for a machine that has a fast CPU.
Sometimes when developing a product you have to design something with the features that customers need and get the sales and marketting people to convince the customer of the benefits of the features. Even though the number of people who understand the technology and will jump at the opportunity to buy good things (such as me) is rather small, the number of people who can understand once it’s explained to them is quite significant. I’m sure that if Dell released a new line of computers with the slogan “reliable machines that don’t lose your data” instead of “good-looking new machines” then they would get some interest.
After writing this post but before publication time I happened to be speaking to the owner of a small business on the topic of choice of computers for a company such as his. He seemed convinced of the benefits of a better machine to replace his current desktop PC that is running as a server (it’s yet to be seen whether he considers the benefit to be worth the cost).
I wonder if Matt Domsch reads my blog…
A frequent criticism of solar power is that the sun only shines brightly for part of the day, and that many of the times when there is significant electrical load (EG when people get home from work in winter) the sun light will be weak. One interesting solution to this problem is to store the solar power by splitting ammonia into nitrogen and hydrogen gases, storing them separately, and then reacting them to produce super-heated steam for power generation at any time that power is needed. The technology is based on three decades of research at ANU and the Federal government has allocated $7,400,000 for building a power station near Whyalla in South Australia.
The down-side to this is that it needs water for the steam part of the electricity generation process which is a minor problem as we are having water shortages in most parts of Australia. But the up-side is that the process of combining nitrogen and hydrogen to produce heat should be something that can be turned on rapidly. So it seems that there is potential for having a wind power plant designed to satisfy all the power requirements on windy days and store hydrogen and nitrogen for times when there the combination of sunlight and wind is not adequate to satisfy the power requirements.
Previous plans for the maximum possible use of renewable energy in producing electricity have included gas fired power plants for times when wind and solar power can’t meet the demand. It seems that with technology such as this one it will be practical to have all electricity produced from renewable sources of energy.
Due to climate change and population increases we are having increasing problems with the water supply in Australia. Peter Lieverdink suggests that we have more options for water supply including treated sewage similar to the Netherlands here he grew up. However I believe that in Australia we already do what he proposes (put treated sewage in rivers and then use the same rivers for the water supply). It’s just removing the middle step (of having the treated sewage in a river) that is controversial.
I recently examined a water bill for my house. Among other things it said that my water use was slightly above the average for houses that use water efficiently and significantly below the average for typical water use. The funny thing was that most of the expenses on the bill were not actually related to the amount of water used. My bill for a quarter was $54 service charges for sewerage and water (of which $39 was sewerage), $30 for sewage disposal, $26 for water, and $14 for drainage. So the cost of disposing of sewage was greater than the cost of getting fresh water and the sewerage service charge was the largest single item on the bill.
Australia supposedly has a capitalist economic system in place (except for the communist policies related to farming and the protection of some industries such as car manufacture and coal mining). Surely the right thing to do is to make water expensive enough that people have a financial incentive to conserve it!
The first thing that should be done is to make the majority of the value of a water bill received by a typical household be determined by the amount of water used. This could be achieved by reducing the fixed components of the bill to something small (EG $20 per quarter instead of $98 for me) and then increasing the cost per kilo-litre (EG from $0.85 to $2.50). The end result would be that people who use average amounts of water would pay about the same amount as they do now and people who use less than the average amount would get smaller bills, while government revenue would remain the same.
The next thing to do is to have different tarriffs for different quantities of water used. The first 50L per day could be free (water for drinking and cooking is a right), between 50 and 450L per day (451L per day being regarded as efficient water use for a house with four occupants and a medium garden) could be at slightly more than current prices, and usage greater than 450L per day could be significantly more expensive.
The current situation is that everyone is going to pay through taxes for desalination plants and other expensive methods of producing new fresh water. Having people pay for what they use is the capitalist way.
Here’s an interesting CSPAN interview with Dick Cheney from 1994. It’s amazing how accurate Dick’s analysis of the Iraq situation was in 1994 when justifying the decision to merely destroy Saddam’s army in Kuwait and not try to occupy Iraq or catpure Saddam. It’s a pity that he didn’t stick to that idea.
Since the old CSPAN interview became popular the MSNBC show Countdown with Keith Olbermann covered it (youtube link). Keith initially said some ridiculous things about heart surgery affecting people’s emotions (that was the medical opinion about 2000 years ago, doctors have learned a lot since and Keith should learn from them). Then John Nichols of The Beat blog and author of Dick: The Man Who is President (Dick Cheney) makes some interesting comments. John interviewed the professors who taught Dick at university and their opinion of him matches the current observations – that he believes that the US government can do whatever it wants with no consequences.
When I was about 11 years old I decided that I wanted a career related to computers. My first computer was the TEC-1 single-board Z80 based kit computer from Talking Electronics magazine (see the photo below). I think that I built this when I was 10.
The computer is 16cm high and 25cm wide. The six seven segment displays are the only built-in output device (there were optional kits for other output devices). The keypad has the hexadecimal number keys, an “ad” button for entering addresses, a “go” button for executing programs, and “+” and “–” keys for incrementing and decrementing the address. Below the reset button (labelled “R“) you will see the optional function key (of which I can’t remember the purpose). Programming this computer required entering the hexadecimal code on the keypad with the “+” and “–” keys being the main method of editing (the “ad” key was used to jump to a different section of RAM). In editing mode the first four seven-segment displays showed the address (the Z80 could only address 64K of RAM) and the other two showed the memory contents (the word size was one byte). In terms of user-friendlyness it was probably about equal to punched cards – apart from the lack of non-volatile storage (unless you built the optional NVRAM kit).
My TEC-1 has 2K of RAM (the 83251R chip is equivalent to an Intel 16kilo-bit 6116 static RAM chip) and 2K of ROM (the chip with the orange sticker labeled Mon1 is a 2716 EPROM – 16kilo-bit).
Not long after that my parents bought the first serious computer for the family, a Microbee Z80 based system with a tape drive that used a monochrome monitor of resolution approximately equal to CGA and which had either 16K or 32K of RAM (I can’t recall). The next family computer was a Microbee Premium series 128K which is probably the same model as the one depicted on the Microbee Wikipedia page (a serious omission of the Wikipedia page is that it has no picture of the box containing the PSU and the floppy drives for the Premium Series). My first published article in a computer magazine was when I was about 15 years old and I wrote a long email on a Fidonet echo (mailing list) reviewing a 3rd party update to the CP/M system for the Premium Series Microbee and was surprised by having it published in the Microbee club magazine (in those days we didn’t bother much about copyright so no-one asked for my permission before publishing).
I wonder if starting with computers at such an age is typical for people who now contribute to free software development. I think it would be interesting to see some blog posts from other people in the community about how old they were when they started with computers and what type of computer they started with.
I also wonder about the correlation between the age of starting with computers and career success in the computer industry. One significant benefit of starting early was that I could learn things that would be useful for my career in later decades while other children were wasting time studying what teachers told them to study. It also meant that in later years of high-school I could relax knowing that I could get straight B’s without effort which was more than was required to enter a CS degree program at that time. Until half-way through year 12 I tried to avoid ever doing home-work at home – home-time was computer time! Do you think that the age at which you chose your career significantly affected your success? If so in what way?
If you were asked for advice by parents as to when their child should be given it’s first computer what age would you suggest? Unfortunately I usually get asked for advice about such things by people who have children aged 16+ (which is way too late IMHO).
Update: Dbenn recently gave a talk to his son’s primary school about computers and he used the TEC-1 as an example. They are still in use!
It’s interesting to see that Audi is releasing a car with LEDs for all lights including the headlights. This is being promoted as an environmental benefit, however a quick google search revealed that my Volkswagen Passat apparently takes 55W headlights (giving a total of 110W of electricity used). Even allowing for some inefficiency in the alternator this would make a very small impact on the fuel use of a engine rated at 140KW. The Audi in question is the R8 (wikipedia link because the Audi web site is badly broken) and has a 300KW engine…
A simple implementation of LED headlights will do some good for plug-in hybrid cars and all-electric vehicles where saving power is more important – when the technology filters down to cheaper vehicles. Also one possible use for the technology is to dim the headlights by turning off some of the LEDs in the bank (according to the LED Wikipedia page it is currently impossible to create a single LED that takes more than 1W of power, so a bank of LEDs would be used). Currently you have a choice of using “parking lights” or “head-lights” when driving, and when driving just before sun-set or at night in the city (where the street lights are bright) you need head-lights to allow other drivers to clearly see you but don’t need them as bright as they have to be when driving at night in the country. So a range of levels of luminosity could be effectively used in headlights to increase efficiency in some situations and increase light levels in others.
According to the Luminous efficiency Wikipedia page current LEDs are up to three times as efficient as quartz halogen incandescent globes and future developments are likely to increase that to six times the efficiency. Combine that with more effective use of headlights to provide the light at the location and level that’s needed and the result could be using at little as 10% of the electricity for headlights on average!
Another thing that I would like to see is the Adaptive Headlights feature of the better BMWs (which I referenced in a previous post about the BM 5 and 7 series) implemented in a cheaper and more reliable manner. The feature in question is that the headlights will turn when driving around a corner to show the road ahead instead of just shining off the edge of the corner. Implementing such a feature with incandescent lights is difficult because they have to be physically turned and moving parts tend to break (which increases maintenance costs and decreases the overall reliability of the vehicle). An obvious alternate design is to have a set of LEDs pointing in different directions and which LEDs get power would determine where the light goes (this would also react faster than physically moving a light). Once LED headlights become common the Adaptive Headlights feature could be implemented in the cheapest cars on the road with minimal extra cost – currently it’s a feature that would be expensive to implement and would increase the sale price of a small car and probably the service price too.
A question that is often asked is whether to use SE Linux or a chroot to restrict a program.
In Unix chroot is a way of running a program with a restricted set of directories available (it used to be merely a sub-tree but with bind mounts it can be any arbitrary set of directory trees). A chroot can be implemented in a daemon (it can call the chroot(2) system call before it drops it’s privileges) or by a shell script (through the chroot(8) utility). The disadvantages of a chroot are that root can escape from it, a chroot process can see the existence of non-chroot processes (ps and similar programs work in the same way in all chroot environments), and inter-process communication is not prevented. One solution to this is to have an enhanced chroot environment (which typically requires a kernel patch) where the chrooted processes can not run ps without restriction and have other limits applied to what they are permitted to do (there are several kernel patches that implement such restrictions). In the early days of SE Linux development I implemented similar functionality in SE Linux policy (here is the paper I presented at Linux Kongress 2002).
Configuring a chroot environment is inconvenient. If it is configured in the traditional manner (copying files to the chroot instead of bind mounting the directories) then old versions may exist in the chroot after new versions with security fixes have been installed in the main environment.
SE Linux provides better security than a typical chroot environment by controlling all interaction between processes. It provides more flexibility than an enhanced chroot environment by being configured entirely by policy and not requiring a kernel recompile to change the way it works.
I believe that the correct thing to do is to cease using chroot entirely and use SE Linux instead.
I’ve been thinking about music videos recently while compiling a list of my favourite videos of all time. It seems that YouTube has changed things through the re-mixes of videos and the ability of anyone to publish for a mass-market (although without the possibility of directly making money from it).
Also today all new PCs (and most PCs that are in use) are capable of being used for video editing and the compute power needed for 80’s and 90’s quality special effects is also commonly available (in most cases good art doesn’t need more technical quality than that). So anyone can produce videos (and a quick search of YouTube reveals that many people are producing videos for their favourite songs).
I think that we need a music video for the Free Software Song. One possibility is to base it on the 1984 Apple advert (because it’s the free software community that is opposing Big Brother not Apple). I think it would be good to have multiple versions of the Free Software Song (with matching videos), there could be the version for young children, the Hip-Hop version, the Punk version, etc. Also I think that there is potential for the creation of other songs for the free software community.
One possible way of doing this would be to have a contest for producing music and videos. Maybe a conference such as LCA or OLS could have the judging for such a contest. I would be prepared to donate some money towards the prize pool and I’m sure that other individuals and organisations would also be prepared to do so. If I get some positive feedback on this idea I’ll investigate how to run such a contest.
Here are my favourite videos of the moment. Please let me know of any videos that you think I would like based on this list.
- Placebo:
-
Infra-Red – I love the Haxor ants (I Lied to You – We Are the Enemy says the CEO), I first saw that idea in the book City
 by Clifford D. Simak’s
- A Song to Say Goodbye – strange and sad. Like much good art it can be interpreted in several ways.
- Pure Morning – strange video that seems to have nothing to do with the music, but still good
- Slave to the Wage – interesting and not strange by Placebo standards. I’ve recently decided that I don’t like working in a corporate environment so I can relate to this.
- Smashing Pumpkins:
Ava Adore, interesting way of changing scenes, and a very artistic and strange video (matches the song)
- Duran Duran (who incidentally named their group after a character in Barbarella: Queen of the Galaxy
 – strangely the spelling is different though):
- Come Undone, interesting aquarium scenes
- Too Much Information – they should re-do this and include a reference to the Internet in the lyrics. ;)
- Wild Boys – Mad Max 3 as a film clip
- UNKLE:
- Eye for an Eye – strange and disturbing, as any serious art that is related to war must be
- Rabbit in Your Headlights – surprising end, I wonder if anyone was injured trying to emulate this clip
- Nine Inch Nails:
Head Like a Hole, strange and a bit bizarre at times. Not the greatest of my favourite clips but the music makes up for it.
- Queen:
- I Want to Break Free, strangely amusing and very artistic
- Chemical Brothers:
- Let Forever Be – my favourite clip of all time. Fractally weird, you can watch it dozens of times and still be missing things.
- Setting Sun – the world would be a better place if more cops could dance like that! Also is it just me or does the drummer guy look like a Narn from Babylon 5?
- Out of Control – surprise ending. I would appreciate it if someone who knows the non-English language (probably Spanish) in the clip could point me to a translation.
- Star Guitar – a real work of art but no plot and I didn’t enjoy the music, I recommend watching it once
- The Golden Path – I used to wonder whether office work was really so grim in the 60s and 70s, but then I worked for a financial company recently…
- Fat Boy Slim:
Praise You – why can’t reality TV be this good?
- Falco:
Rock Me Amadeus – let’s represent two totally diffent cultures (bikers and Austraian high society) in a film clip, silly but amusing
- Madonna:
Like A Prayer – I wonder how many racist organizations banned that
- A-Ha:
Take On Me – mixing multiple art forms (in this case film and animation) can work really well. Beat Kill Bill to the idea by a couple of decades.
- Robert Palmer:
Simply Irresistable – pity that they didn’t hire more women who can dance or at least put the dancers in front of the models. It’s interesting to note that one of the models appears to be actually playing a guitar.
- Garbage:
- Michael Jackson:
Billie Jean – class is timeless.
Recently someone asked on IRC whether they should use SE Linux on a web server machine (that is being used for no other purpose) and then went on to add “since the webserver is installed as root anyway“.
If a machine is used to run a single non-root application then the potential benefits of using SE Linux are significantly reduced, the issue will be whether the application could exploit a setuid program to gain root access if SE Linux was not there to prevent it.
The interesting point in this case is that the user notes that the webserver runs as root. It was not made clear whether the entire service ran as root or whether the parent ran as root while child processes ran as a different UID (a typical Apache configuration). In the case where the child processes run as non-root it is still potentially possible for a bug in Apache to be used to exploit the parent process and assume it’s privileges. So it’s reasonable to consider that SE Linux will protect the integrity of the base OS from a web server running as root – even for the most basic configuration (without cgi-bin scripts). If a root owned process that is confined by SE Linux is compromised then as long as there is no kernel vulnerability the base OS should keep it’s integrity and the sys-admin should be able to login and discover what happened.
If the web server is more complex and runs cgi-bin scripts then there is a further benefit for system integrity in that a cgi-bin script could be compromised but the main Apache process (which runs in a different domain) would run without interruption.
When a daemon that runs as non-root is cracked on a non-SE system it will have the ability to execute setuid programs – some of which may have exploitable bugs. Also on a non-SE system every daemon has unrestricted network access in a typical configuration (there is a Net Filter module to control access by UID and GID, but it is very rarely used and won’t work in the case of multiple programs running with the same UID/GID). With SE Linux a non-root daemon will usually have no access to run setuid programs (and if it can run them it will be without a domain transition so they gain no extra privileges). Also SE Linux permits controls over which network ports an application may talk to. So the ability of a compromised server process to attack other programs is significantly reduced on a SE Linux system.
In summary the more complex your installation is and the more privileges that are required by various server processes the more potential there is to increase the security of your system by using SE Linux. But even on a simple server running only a single daemon as non-root there is potential for SE Linux to provide real benefits to system security.
|
|
