Apple is "amazing, incredible, great, easy"

[mantakos]

Goes to show how versatile a mac ISN'T... 5 head plasma torch cutting...

The defining advantage of a PC is the greater availability of a variety of application software. The Windows installed base is greater, so application developers target that platform.

It's not likely that the average user is going to find himself doing 5 head plasma torch cutting, but many users find themselves needing to run some software that isn't available on the mac, thus the prevalence of Boot Camp, Parallels, etc.

Some users don't require much other than "the basics", and so don't miss the lack of variety of Windows applications. Some overcome that by running Windows apps on the mac.

Not surprisingly, your choice of tool depends on the job you need to do.
-harry

 

[dmccormack]

One of the solutions has been for corporate IT department to come up with 1 or 2 "standard" configurations. Thus forcing people into a solution that creates the least amount of work for IT when updates come out or other support is needed.

Well, thats's the risk -- more potential configurations, more potential gaps in testing.

The Navy and Marine Corps are tied to NMCI configs -- ask those folks how they like that.

IIRC, Apple would threaten to sue SW developers who didn't follow Apple Human Interface Guidelines.

 

[EdFred]

The defining advantage of a PC is the greater availability of a variety of application software. The Windows installed base is greater, so application developers target that platform.

It's not likely that the average user is going to find himself doing 5 head plasma torch cutting, but many users find themselves needing to run some software that isn't available on the mac, thus the prevalence of Boot Camp, Parallels, etc.

Some users don't require much other than "the basics", and so don't miss the lack of variety of Windows applications. Some overcome that by running Windows apps on the mac.

Not surprisingly, your choice of tool depends on the job you need to do.
-harry

Which is why I am in the "PCs are better camp". Versatility, plus I can build one myself.

 

[jesse]

Why overload an already overloaded IT staff (most organizations) with trying to support crap that does not directly support the business? (CEO aside)

Because -- that "crap" might make your employees a lot happier. That means that they might like you a lot more. That means you might get some more budget.

It's not all as cut and cry as attack the employee and don't let them do something unless it 100% relates to business.

You're going to be a hell of a lot more secure if your users like you and don't engineer their way around you like they will do if you treat them as the enemy as your attitude suggests one should do.

 

[PittsDriver]

Why overload an already overloaded IT staff (most organizations) with trying to support crap that does not directly support the business? (CEO aside)

...and they call Apple users smug?

I've been using iTunes and Quicktime since the day they came out and I can't recall ever needing any support for them.

Other than IT companies, the business doesn't exist to employ IT people and revel in their techno-awesomeness. So why should an IT guy get to tell me what gets classified as crap or does or does not support my productiveness? This just goes to my point that IT is the proverbial tail wagging the dog in a tragically great number of companies.

 

[EdFred]

...and they call Apple users smug?

I've been using iTunes and Quicktime since the day they came out and I can't recall ever needing any support for them.

Other than IT companies, the business doesn't exist to employ IT people and revel in their techno-awesomeness. So why should an IT guy get to tell me what gets classified as crap or does or does not support my productiveness? This just goes to my point that IT is the proverbial tail wagging the dog in a tragically great number of companies.

Because what might be classified as crap may be the reason he has to keep coming and fixing your (insert work related program) issue - which *does* affect your company.

 

[jason]

Over 40% of attacks are from the inside. Those are the facts.

Too many IT departments take that to an extreme. Sure, you shouldn't be an idiot just because it's behind your firewall. Don't have unsecured file shares or ignore patching your servers or use WEP. But you know as well as I do that the internal attacks are almost always low hanging fruit. "Hmm, what's this? A full customer list sitting on a file share." Internal users aren't often running metasploit against your internal services. Nor are they attacking a buffer overflow in iTunes to launch an attack on the CEO's computer. Even if they were, you could find ways to secure it.

Why overload an already overloaded IT staff (most organizations) with trying to support crap that does not directly support the business? (CEO aside)

You don't. You present the costs to management and let them decide if it's worth expanding that staff to cover the new responsibilities. There are a lot of intangibles in business. Job satisfaction is one of them. Take your average billion dollar company. Hire one IT guy that makes $40k-70k/year and tell him "Your job is to secure the rest of this crap. Be the voice of the user and find ways to do what they want to do securely. You have a $100,000 budget." I guarantee you that there could be ROI found in that position. Waging war on your users doesn't make you more secure. It just sends them deeper underground.

 

[jason]

Because what might be classified as crap may be the reason he has to keep coming and fixing your (insert work related program) issue - which *does* affect your company.

Minimally.

I used to hang my hat on that argument. Used it to get my way when I was simply being overprotective of what I had built. I decided to see if I was right. I wasn't. In all the time that I've been more open to supporting a wider range of applications I've had maybe one or two issues with them. Easy to identify and fix. Don't get me wrong. My users know that it's not a free for all. They still need to work with my department to get what they want. I've just enjoyed the fact that they do work with us instead of just working to go around me and hide it.

 

[EdFred]

Minimally.

I used to hang my hat on that argument. Used it to get my way when I was simply being overprotective of what I had built. I decided to see if I was right. I wasn't. In all the time that I've been more open to supporting a wider range of applications I've had maybe one or two issues with them. Easy to identify and fix. Don't get me wrong. My users know that it's not a free for all. They still need to work with my department to get what they want. I've just enjoyed the fact that they do work with us instead of just working to go around me and hide it.

That's why I said *might*. In older systems it was sometimes a memory issue. You mean I can't watch streaming video, have 15 apps open and get my database to open?

 

[SkyHog]

Too many IT departments take that to an extreme. Sure, you shouldn't be an idiot just because it's behind your firewall. Don't have unsecured file shares or ignore patching your servers or use WEP. But you know as well as I do that the internal attacks are almost always low hanging fruit. "Hmm, what's this? A full customer list sitting on a file share." Internal users aren't often running metasploit against your internal services. Nor are they attacking a buffer overflow in iTunes to launch an attack on the CEO's computer. Even if they were, you could find ways to secure it.



You don't. You present the costs to management and let them decide if it's worth expanding that staff to cover the new responsibilities. There are a lot of intangibles in business. Job satisfaction is one of them. Take your average billion dollar company. Hire one IT guy that makes $40k-70k/year and tell him "Your job is to secure the rest of this crap. Be the voice of the user and find ways to do what they want to do securely. You have a $100,000 budget." I guarantee you that there could be ROI found in that position. Waging war on your users doesn't make you more secure. It just sends them deeper underground.

I want to send that article to my boss so badly....but it won't go over well.

 

[flyingcheesehead]

It's asinine comments like the one above that caused me to make the statement below. I was neither lying nor was I incompetant at using a Mac.

Well, curiously, the Macs in my neighborhood were able to do things in a time frame you said they couldn't. Just trying to set the record straight.

Goes to show how versatile a mac ISN'T. Since my computer days started out doing CNC, structural design work, and 5 head plasma torch cutting, PCs were the choice. Macs couldn't do it then, and nearly 20 years later they still don't do it? Wow.....awesome machines.

Uhhh... 99.99999% of computer users don't need to do that. For the 0.000001% that do, the PC is the obvious choice. There are plenty of niche applications where only one platform will do the job. Often that's Windows, but often it's Unix/Linux or the Mac.

For your average computer user, any of the above will work - And most average users will do better with a Mac because there's less geekiness (read: administration) involved. I've heard so many people say "Well, I hear I shouldn't get a Mac because there's no software" and when I ask what they're getting a computer for, they say "Well, I want to do e-mail, browse the web, maybe do some work in Office, and little Bobby wants to do some video editing..." In that case, there is *plenty* of software available, and for someone who doesn't have their own IT department, the Mac is usually the better choice.

FWIW - When not playing in the online world, I am "fair and balanced" - My own grandmother wanted a computer to keep up with people via e-mail. Normally, I'd suggest a Mac for a novice computer user, but she lives in PA and is somewhat techno-phobic so she needed someone to be able to help walk her through things sometimes. She's got a neighbor who's a Windows guy, and I'm 700 miles away. The choice was pretty clear. The reason I sound like a Kool-aid drinking lunatic here sometimes is that there are plenty of people parroting Windows, so us Mac folk tend to get a bit defensive.

 

[ScottM]

 

[Henning]

That said, this is a silly argument -The Mac is not the be-all end-all machine for every application or every person, nor is Windows, nor is Linux, nor any other platform....

In fact, they all suck....

 

[PittsDriver]

"....I've got a girlfriend and things to get done...."

That's funny right there...

 

[SkyHog]

I do have to point out: We made the mistake of allowing iTunes for a short while at work. Allowing iTunes/Windows Media Player increased our tickets by a huge amount, and nearly every ticket was "How to build my library - so and so has theirs with album covers!"

So not every organization is the same. My organization is absolutely retarded.

 

[SkyHog]

In fact, they all suck....

That is pretty funny. What moron called it "linux" with a hard i? There's no e in Linux, morons.

 

[mantakos]

That is pretty funny. What moron called it "linux" with a hard i? There's no e in Linux, morons.

Note the date on that video, 2001. Today, the world seems to have figured out a consensus that it's pronounced "linnicks" (like "linen"), but I recall a greater variation in years gone past. When a greater percentage of people familiar with a term have seen it only in "writing", but never conversed with another person on the topic, pronunciations tend to vary more, as everybody makes up their own pronunciation.

I think some Americans figured that since the guy's name was "Linus", and since he must pronounce it in the American way, like the Peanuts character, that it must therefore be "lye-nicks". Of course, Linus is Finnish, and pronounces his name more like "lee-nus", but this was all pre-youtube...
-harry

 

[Henning]

That is pretty funny. What moron called it "linux" with a hard i? There's no e in Linux, morons.

"u" being a vowel separated by only one consonant could also instigate the hard "i" sound....

 

[SkyHog]

"u" being a vowel separated by only one consonant could also instigate the hard "i" sound....

Example, besides "Linus?"

 

[EdFred]

Example, besides "Linus?"

Not this again Nick...it's the hard g all over again.

lining
lima (as in bean) Never heard it called a limma or leema bean.
linotype
liposuction
lidocaine

 

[dmccormack]

Not this again Nick...it's the hard g all over again.

lining
lima (as in bean) Never heard it called a limma or leema bean.
linotype
liposuction
lidocaine

This discussion is ridiculous.

(pronounce according to your local norms)

 

[EdFred]

This discussion is ridiculous.

(pronounce according to your local norms)

Feel free to stay out of it then. Nick wanted examples, I provided them.

 

[dmccormack]

Feel free to stay out of it then. Nick wanted examples, I provided them.

So did I (hint -- ree-dik-u-lous)

 

[SkyHog]

Bah. Its Linux. Not Lineux. Perhaps it should be spelled "Linnux" to be proper, but its not English. So nyeah.

 

[EdFred]

Bah. Its Linux. Not Lineux. Perhaps it should be spelled "Linnux" to be proper, but its not English. So nyeah.

Maybe you should go buy some GIF Peanut Butter and make a sammich. You'll feel better.

 

[flyingcheesehead]

Maybe you should go buy some GIF Peanut Butter and make a sammich. You'll feel better.

I pronounce Linux with the long I. Yes, I know Torvalds doesn't pronounce it (or his name) that way, but I'm not in Finland either, so I'll Americanize it all I want. I bet he doesn't pronounce "Mac" or "Windows" the same way we do either.

 

[EdFred]

I pronounce Linux with the long I. Yes, I know Torvalds doesn't pronounce it (or his name) that way, but I'm not in Finland either, so I'll Americanize it all I want. I bet he doesn't pronounce "Mac" or "Windows" the same way we do either.

I think I say Linnux. My mouth can be lazier that way, need to open it further to say the long i. lol

 

[jesse]

Linus pronounces Linux like most people do. His name on the other hand changes depending on the language.

 

[tdager]

I do have to point out: We made the mistake of allowing iTunes for a short while at work. Allowing iTunes/Windows Media Player increased our tickets by a huge amount, and nearly every ticket was "How to build my library - so and so has theirs with album covers!"

So not every organization is the same. My organization is absolutely retarded.

Not too mention the very real, and sticky problem, of making sure none of their libraries contained pirated songs. Not worth the hassle and headache.

 

[jason]

Not too mention the very real, and sticky problem, of making sure none of their libraries contained pirated songs. Not worth the hassle and headache.

How does iTunes change that? Simple access to the internet or a working CD-ROM drive make that effort necessary.

I agree that you don't want to turn a blind eye to such activity...but do you have an example case that shows that it's a necessity? A case where a business has ended up in any sort of trouble because one of their employees had illegal music on their workstation? I'm genuinely curious. I've never seen one but that doesn't mean that there isn't one out there.

 

[tdager]

How does iTunes change that? Simple access to the internet or a working CD-ROM drive make that effort necessary.

I agree that you don't want to turn a blind eye to such activity...but do you have an example case that shows that it's a necessity? A case where a business has ended up in any sort of trouble because one of their employees had illegal music on their workstation? I'm genuinely curious. I've never seen one but that doesn't mean that there isn't one out there.

LOL...our Counsel does not rely on reality....but *possibilities*. :smile:

 

[jesse]

LOL...our Counsel does not rely on reality....but *possibilities*. :smile:

Well -- then you might as well just not have employees. As their memory of your business processes is by far the worst security risk.

Risk versus Benefit. Not just eliminate all possibilities. So far you fail to recognize the benefit while failing to discuss the actual risk.

Too much in IT is just eliminating all risk because it gives you something to do. Problem is you kill all benefit.

 

[dmccormack]

Well -- then you might as well just not have employees. As their memory of your business processes is by far the worst security risk.

Risk versus Benefit. Not just eliminate all possibilities. So far you fail to recognize the benefit while failing to discuss the actual risk.

Too much in IT is just eliminating all risk because it gives you something to do. Problem is you kill all benefit.

As long as there is a measureable benefit, one side or the other may have a case.

Until then, risk avoidance is the safer, default response.

 

[jason]

LOL...our Counsel does not rely on reality....but *possibilities*. :smile:

Do they have access to the internet? To their gmail accounts? Is port 80 unfiltered outbound? Port 443? Port 22? Meebo? Are you decrypting all encrypted traffic for inspection?

I understand, Tom. I used to manufacture all the reasons why we couldn't do these things. Maybe I'm just lucky, but I've yet to be proven wrong. Don't get me wrong. We've had employees who abuse our policies. But I don't think that a more rigid structure would stop that. When they do we show them a report of what they've done. It goes in their file and they go on probation. Then they skitter off and tell everybody how we knew exactly what they were doing and everything is quiet for a long long time.

My point is simply that the lack of iTunes doesn't insulate you from the responsibility to search for pirated music.

You have policies and you come down on those that break those policies in a very public way. You put it on the employees that "you could be the one that screws this up for everybody". It works better than you'd ever imagine.

And yes, I understand that the lawyers tend to gum up the works. That doesn't mean that you can't be an advocate for your users. You just do it in as safe a way as possible.

Trust me, I understand what you do and I respect your efforts and your knowledge. I'm not trying to argue with you...just exposing you to a different way of seeing it. I'm not expecting that you'll embrace it. It took me a very very long time.

 

[jesse]

As long as there is a measureable benefit, one side or the other may have a case.

Until then, risk avoidance is the safer, default response.

To each their own. Restricting employees should never be the default response. But that's just my philosophy and it wouldn't work everywhere. That is the beauty of it though -- I don't have to work where it won't work

 

[dmccormack]

To each their own. Restricting employees should never be the default response. But that's just my philosophy and it wouldn't work everywhere. That is the beauty of it though -- I don't have to work where it won't work

I'm not advocating that position -- just stating the norm across a variety of IT shops.

 

[jesse]

I'm not advocating that position -- just stating the norm across a variety of IT shops.

Understand. I totally understand that is the norm -- but that doesn't mean I defend it

 

[tdager]

Do they have access to the internet? To their gmail accounts? Is port 80 unfiltered outbound? Port 443? Port 22? Meebo? Are you decrypting all encrypted traffic for inspection?

I understand, Tom. I used to manufacture all the reasons why we couldn't do these things. Maybe I'm just lucky, but I've yet to be proven wrong. Don't get me wrong. We've had employees who abuse our policies. But I don't think that a more rigid structure would stop that. When they do we show them a report of what they've done. It goes in their file and they go on probation. Then they skitter off and tell everybody how we knew exactly what they were doing and everything is quiet for a long long time.

My point is simply that the lack of iTunes doesn't insulate you from the responsibility to search for pirated music.

You have policies and you come down on those that break those policies in a very public way. You put it on the employees that "you could be the one that screws this up for everybody". It works better than you'd ever imagine.

And yes, I understand that the lawyers tend to gum up the works. That doesn't mean that you can't be an advocate for your users. You just do it in as safe a way as possible.

Trust me, I understand what you do and I respect your efforts and your knowledge. I'm not trying to argue with you...just exposing you to a different way of seeing it. I'm not expecting that you'll embrace it. It took me a very very long time.

Yeah man...trust me I am barely touching the surface of our controls. Let me just say that YES, we do that and more. We are an MSSP, our clients DEMAND we maintain the highest of standards, period. So do our regulators.

Trust me when I say that the general user base actual finds me quite reasonable and accommodating, and they also understand why we do what we do.

 

[jason]

Yeah man...trust me I am barely touching the surface of our controls. Let me just say that YES, we do that and more. We are an MSSP, our clients DEMAND we maintain the highest of standards, period. So do our regulators.

Trust me when I say that the general user base actual finds me quite reasonable and accommodating, and they also understand why we do what we do.

Fair enough...

 

[jesse]

Let me just say that YES, we do that and more. We are an MSSP, our clients DEMAND we maintain the highest of standards, period. So do our regulators.

The way in which you must operate -- is not the same as the way many companies must operate

Unless one works at Apple...what business relevance does iTunes have?

Unless one works at AOPA....what business relevance does posting on Pilots of America from work have?