Zoom was great when everybody was working from home. Audio quality was never a problem. Everybody on my team are on high end macbook pros and in some cases had personal higher end podcast/streamer equipment. Your not squinting at a TV on the wall 15 feet away when someone is sharing their screen. Everybody was far more prompt for meetings since they where not physically changing locations or waiting for the people who had the conference room before them to vacate.

Its the hybrid mix that I can't stand. I remained a remote employee when everyone else was forced back into the office. Now I have no idea who is talking or who is in the room half the time. The AV setups in the conference rooms pick up any background conversations and amplify them. The cameras randomly are zooming in and out at the wrong person. Nobody is ever on time to the meetings anymore because they have to move between physical locations. There tends to be a conversation in progress when the conference room finally joins the call.

I am an ITT Tech graduate who paid their way through school using federal loans.

I earned my A.A.S in Electronic and Computer Engineering Technology and my B.S. in Electronic and Communications Engineering Technology from ITT Tech. I started the process in 2001. My total student loan debt was over $60K when I graduated but I knew that would be the case going in. I don't buy this crap about 18 years olds not knowing what they are getting into.

While my program of study was electronics engineering I always intended on working in IT. I wanted to get my degree in electronics engineering because I felt I would get more out of an instructor led education in electronics than I would in IT. After graduation my first job was an desktop support specialist for a software company which turned into a junior system administrator position one year later. After one more year I switched to my current job where I was hired as system administrator and am now a Senior Linux Administrator. I make good money for the location and was able to pay off all my student loans and put a down payment on a house when I was 32. In full disclosure this was speed up by about 5 years due to my mom passing and a life insurance policy I was the beneficiary on but it really only speed up the process by those 5 years. I already was doing pretty well before she passed.

I had some outstanding instructors and I refuse to do them an injustice by saying my education was sub-par or otherwise not worth the investment. Of all my friends who went to normal state universities I am doing the best for myself career wise. From what I heard from them at the time the state university standards where dropping just as much as the private for profit schools.

After earning my M.S. in Information Technology I went back and taught part time as an adjunct for both the electronics and information technology departments. I quit about 3 years ago when I moved about 1hr away and did not want to commute. This was just supplemental income for me and never my primary job so I was able to just do things my own way and not worry about the repercussions if I failed to may students or did not haul the corporate line. Things definitely where different by the time I went back to teach. The standards where not what they use to be when I was a student. They also added a lot of degree programs with attractive sounding names such as Digital Entertainment and Game Design which attracted a much broader student base and failed to provide any sort of meaningful filtering of who they accepted. However the faculty was still a outstanding group of people who knew their stuff.

I cant speak for other ITT Techs than my own. I'm sure for every person like me who had a positive experience there are numerous people who could tell a horror story about their experiences at ITT Tech. I just feel like a large part of the problem is that ITT accepts people who are not college material and these people are doomed to struggle or fail out and when they do they are also a demographic of individuals who are more likely to blame the system than accept any blame themselves. Perhaps it is ITT Techs fault for accepting them; its certainly doing the schools reputation a disservice. But just like with the student loans I have a hard time accepting people do not know what they are getting into or filling sorry for them if they did not do their research before hand.

I fully acknowledge ITT Tech has its fair share of problems which have gotten worse over the years. I just don't think its particularly unique to them or even for profit schools.

> Why is that? While some people might be that petty, it's very possible that Gravity never hired those kinds of people in the first place.

It may be petty for someone making several hundred thousand a year to resent someone who's market value being 30-40K being bumped up to 70K but for the vast majority of college graduates that is a slap in the face. Your giving everybody the rewards they worked their asses off for. I don't consider that petty, I consider that basic human disposition. Especially in a place like a credit card payment processor. I doubt many people working there go home and take pride in telling their family and friends about the work they did that day and how its making the world a better place. The majority of them are probably working for the paycheck.

Now don't get me wrong. I do admire the guy for what he is doing. Its a great selfless act. But I'm just saying its completely reasonable and understandable for those employees who where currently making ~ 70K to feel resentment and it does not make the petty or bad people. I would hope they thought this side effect through and have plans to deal with it. Since its not going to just be one or two bad apples but the vast majority of people in that position.

A good chunk of college graduates will never see that kind of pay. If you think people only go to college to make more money, you need to think again. Many careers for college graduates pay below average, and people knowingly still go for them.

E.g. in the UK a prime example is law school. The average pay for a UK solicitor is well below the national median salary.

I’m too lazy to look it up but I would be surprised if many of the founders of the internet where not ham operators. Again I’m being lazy about looking it up but if not specifically in writing at least in spirit I believe one of the purposes of the armature radio program has been to advance wireless communication and technology.

Right now strong encryption and authentication are where most of the efforts in the field seem to be focused. It should be at the forefront of the experimentation being done by amateur radio operators.

Not that I really have an answer to the problem of bandwidth abuse. I completely understand how this would be a problem and have no doubt that it would be abused.

I’m a IT department of one so I get a lot of those "reset password" requests and have to do a lot of hand holding I feel I should not have to do. Its 2014 and a certain level of computer literacy should be expected of you if you want to function in corporate America. (or whatever country you are from). I have a Masters of Science in IT Security, a B.S. in electronic engineering and my RHCE with 10 years experience and feel that being pulled away from "real work" to reset a password is extremely annoying. However its a lot less annoying when the client services team is not available and the receptionist passes the call directly to me. In most cases the client tends to be very friendly and thankful and makes you want to help them.

The problem with this is geeks are generally not business people and do not know if the client is up-to-date on their billing or if they are notorious for trying to get free work and need to be kept in check. When I do take personal interest in solving a clients issue I risk promising things I should not be promising them or putting way more time and effort into a client who is already behind on billing than I should be.

I also have a very hard time quoting a client an appropriate amount. I work for a interactive and design agency and when you work with us you have a team of individuals working for you including but not limited to an account manager, producer, designers, art directors, user experience, strategy, front end developers, back end developers, system administration in some cases. Having a team of 5-10 specialists working for you is expensive. Just having a 1hr meeting with everybody is probably going to get billed at around $1000. I feel really weird giving clients numbers like this and responding to the sticker shock.

Red Hat Enterprise Linux Server release 5.6 is still supported and ships with OpenSSL 0.9.8e which is not vulnerable. I am sure there are other examples as well. If I had a StartSSL certificate and the browsers started to remove support of them or warn that my site has a StartSSL certificate signed before a certain date and cant be trusted I would be really pissed.

I have always felt there was conflict between system administrators wanting proven and stable versus developers wanting bleeding edge. I have given up the fight when it comes to web development and use Ubuntu 12.04LTS which still is not bleeding edge enough for most of my dev's. For infrastructure components outside of web development though I dont think its a safe assumption that people are on a vulnerable version.

This is a prime example of why I would never give anything away free. Unrelated to SSL certificates; I rather throw out my old equipment than give it away since the people I give it too will never be happy and don't understand its free for a reason and demand support. The fact that you cant afford something better does not give you rights to it.

OK well I just updated about 40 servers. Has anyone started working with CAs to reissue SSL certificates signed with a new key? Are they willing to do the reissue for free? In particular I use RapidSSL for most things and Verisign for a few bigger clients who prefer it.

How do you know your CA isn't vulnerable?

I don’t; but I do not know how I could ever be sure. I’m a generalist sys admin and my knowledge of crypto is limited to the basics. That being said my understanding is that this vulnerability is in the code that creates the sessions not in the certificates themselves. The risk is that my key already was compromised when I was using the vulnerable version. For me this means two things:

1) There is no easy way for me to confirm or deny the CA is fixed short of attempting to exploit them.

2) Even if the CA is not fixed the vulnerability appears to in the routines used for session management not in the SSL certificate itself. While there is cc information and other stuff I would not like to be leaked, the CSR itself only contains my public key not my private key. As long as my servers are patched and I have a SSL cert using a new keypair that I know has not being compromised; I am not sure if the CA's version of openssl maters or not.

I am in no way trying to pretend I am an expert. I am sure there are problems with my analysis but it still feels like its time to be pragmatic and get a fix in place before asking all the what-ifs. Not that those questions should not be asked but it’s a mater of prioritizing.

I agree that you get what you pay for. Just because you don’t have a budget for a $1000/mo dedicated server does not mean you have the right to that service level at a lower price.

As fellow geeks I am sure we have all been asked for advice on buying computers from our family and friends. I’m a mac person and use a $3000 laptop but I know most of them will not be willing to spend this much money. I normally quote them a $600(ish) computer that has at least an i-Series processor and 6-8GB of RAM. I tell them to avoid a couple vendors that I consider to be bottom of the barrel. It never fails though, that for all the reasoning and advice I give them, if they find a computer for $400 in the Sunday paper all that gets thrown out the window. They don’t want a computer that fits their needs they just want the cheapest computer. It also never fails that the moment it starts having problems they come to me for help and if I give them any slack for buying a cheap POS that I am suddenly considered an a-hole for not helping since that’s all they can afford.

The way I look at it is I spend my hard earned money on a reliable machine so I am not put out by the type of issues you get with cheap hardware or cheap services and you did not head my advice to avoid the same issues and thus by asking me to give up my weekend or even a couple hours to help you makes you the a-hole not me.

I have used, Rackspace, Linode, DO, AWS, and Google Apps among others and none of their status pages are every very helpful. It’s really a problem with Google Apps since my users know to check there and then claim the problem is not with Google even though it is. I frequently have issues with their IMAP servers failing where a user can connect via the web interface but not through a IMAP client. This is never shown on their status page. Of course I am going to check the status page.

The only hosting provider I have no complaints about is Rackspace but those servers are almost $1000/mo. On the other hand they do open up tickets for me faster than I can log into the management portal to do it myself. Even still I have had hour-long outages. If you don’t have HA you WILL have outages no mater who you use or how much you pay. Ironically the worst service was from The Planet even though those where still $800/mo dedicated servers. Their status page was a twitter account that they did not advertise on their homepage.

I have debated moving our average SMB size clients with no HA from linode to DO just because tools like Packer can interface with them easier. Still don’t know about that.

Comparing Box.com with Dropbox is like comparing apples to oranges in my opinion. I have a 100GB dropbox account for personal use and a enterprise Box.com account for work. They are two different service aimed at different markets. Box.com has always primarily been driven by its web interface where I can count the number of times I have used the dropbox interface on one hand.

In a business environment you cant ask your clients to install software on their computers in order to share files with you. First off it may not be allowed by corporate policies or security controls and even if it is allowed would you install software a vendor asked you to install to accommodate their workflow? Box.net is absolutely awesome in a business environment and has allowed me to get rid of insecure FTP servers and clients trying to use their web browsers as FTP clients and blaming us when they did not work. Box.com also allows project managers to create and manage permissions on their own client folders freeing up IT from that task.

In short I would not give up either account.