lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: bkfsec at sdf.lonestar.org (Barry Fitzgerald)
Subject: lame b!tching about xpsp2

James Patterson Wicks wrote:

>Barry,
>
>	All references to command-line were in direct reference to
>Devis' comment " . . nothing more and shows how the typical M$ user is
>scared as hell of having ever one day to learn Unix, go through RFCs (
>what for ? M$ don't even read em themselves ), and use the command
>line."  
>
>I was simply pointing out that teaching everyone command-line is
>unreasonable.  A lot of *nix gurus forget that there are millions of
>people out there who think a korn shell is something you use for tacos.
>When you are an administrator dealing with servers and applications, you
>are sometimes too far removed from the real user.  Managers and
>designers have think like a user when it comes to making
>enterprise-level decisions.  Normal users cannot (and will not) use
>command-line in an office.  Add to that the fact that people not only
>dislike change, they try to resist it, even if it's for their benefit.
>These are a few of the human-factor elements that must be considered
>when making a change within an enterprise.
>
>  
>
I believe you read his comment incorrectly.  I didn't read it as a 
statement advocating that new users use the command line, but rather the 
(unjustified) fear of users that they would have to use it or read the 
RFC's.    Obviously no normal users are going to use the command line.  
Nor do they have to.  The point is moot.

>Ok, your point on cost is correct.  If you wanted to train your staff to
>use Mandrake 9 (we did a beta in the office), the training costs would
>be considerably less, but learning a new GUI and office application
>suite still requires training.  Remember that not everyone in the
>company is comfortable with a computer to begin with.  If you have ever
>worked at the Help Desk in a company, you would understand that there
>are some really dense people out there.  Three years ago, migrating 500
>users from Windows 98 to Windows 2000 took a month and several "training
>lunches" to educate the user community on the differences in the
>operating systems.  Did the IT department feel it was necessary?  Nope.
>Did HR feel it was necessary?  They sure did, and they were right.  As a
>whole, people have to be gently through a change, even the majority of
>Windows 2000 users felt it was unnecessary.  Ask any CTO.  The human
>element is a killer when it comes to enterprise-wide IT decisions.
>
>  
>
Having worked at a helpdesk in the past, I know exactly what you mean.

I also know that it's not a windows-vs-GNU/Linux problem; it's a new 
deployment problem.  The same exact thing happens between MS Office 
roll-outs as well. 


>The minimum training period to move some
>slightly-above-minimum-wage-earning mailroom dude from Windows/Office to
>Linux/Open Office is a one-week training period.  That still about $2500
>per user.  Then you have to give your Help Desk staff extra aspirin for
>the hundreds of "I used to do it this way in Word, how do I do it now"
>questions that they will receive.  You can cut cost even further with
>in-office training, but there comes a point where you just have to
>concede that the costs and headache are not worth it.
>
>
>  
>
New deployment issues come with the turf of being a helpdesk tech.  I 
still don't agree with your estimates, though I do agree that there's a 
breaking point where costs aren't worth it -- I don't believe that 
you've demonstrated the point to match the situation.

             -Barry



Powered by blists - more mailing lists