Well, thanks! I wasn't freaking out...until I realized how many of your suggestions I fudge,
and how many of your points I've been taking for granted! ;-)
My mother had the same reaction.
PS: This week, Starbucks' "Pick of the Week" iOS app is offering for free, the password manager oneSafe. I've either heard of it or used it, but I doubt they would offer something that was from a questionable developer. Still, I recommend 1Password even if their cost seems significant at first, but oneSafe could give someone a sense of whether they want to go that route with a more robust password management system later one, especially since 1P also has Mac, Windows and Android versions.
The only way to be sure is to not have the computer that holds this information connected to the internet.
I think that comes under the heading of "nonsensical equivocation". It is the same argument windows apologists use comparing OS X to windows desktop security: "No computer is totally secure, therefor OS X and windows are equivalently secure". Poppycock! Windows can't be plugged into the internet for an hour unless it is behind a router (NAT firewall) without being "spontaneously" comprmised whereas OS X can (in default state) be online indefinitely without being invaded.
We (business owners, I specifically) NEED to have client logon's and file sharing, but I also don't want my network compromised. I obviously have personnel files and payroll & accounting (including client info and billing) computerized and networked. These systems need to be connected for them to function correctly. In the same way Target (or Tmobile) needs to be able to enter client credit applications at thier POS (point of sale) terminals. You simply have to have them connected.
The fact that 95% of windows system have (and require) 3rd party paid anti malware solutions in place (where as >90% of OS X systems don't have any anti-malware (other than that provided by the default system)) and yet 99% of the virus & malware infections are on windows systems speaks volumes. I am constantly amazed that windows sufferers continue on paying monthly "security" fees (to 3rd party anti-malwware companies) and yet have limited real security.
Saying "all" systems can be compromised therefor are equivalent is like saying that all flying is dangerous, therefore ultralights and hang gliding are equivalent to commercial airline travel. It simply isn't true. Your chance of crashing and being being injured hang gliding is considerable whereas your security on a commercial aircraft is almost assured (something like 99.9%)
My fear about Services like 1P is what happens when they are hacked or have a breach?
The breach would have to come from your system. 1Password stores nothing on their servers. You buy the app, it encrypts your Vault based on the password you choose, and then you choose how you wish to store your Vault if you wish to have it sync with another device. You can do it Dropbox, iCloud, a local WiFi sync on demand. The encryption is based on the password you use.
One great feature I requested from them—but I'm sure they were already working on before I asked—is Watchtower. Additionally, their Auditing section that will list any weak or old passwords
In fact, I recommend 1Password over others that are less expensive or free, like LastPass or Apple's iCloud Keychain, is the decentralized savings options and robust options. They are also very good about answering questions and taking ideas on their message board.
Now, it does take a little time to get all your passwords changed but once you've done it's smooth sailing. One "pro tip" is to also change the answer to your security questions to something that isn't something anyone will know. Now that you have 1Password you can add a field for that security question keyword(s) and then input the random letters for the answer to protect yourself even further. I take that one step further by using using the built-in email aliasing protocol that lets you input letters and numbers after your name and before the '@' symbol and domain with a '+' plus mark so that 1) if my email being used as a username is somehow stolen from a site, it can't be used on another site without me knowing about it, and 2) I will get to see which websites sell data to spammers (or had silent breaches in which my email addresses may have been sold to spammers. For example, if I had [email protected], I might use [email protected] for this site to help keep it isolated. I can easily do a search for ai23 in 1Password which will bring up only one result. Here's more information on this industry standard (that unfortunately isn't accepted by some websites, but used by every major email service):
PS: This week, Starbucks' "Pick of the Week" iOS app is offering for free, the password manager oneSafe. I've either heard of it or used it, but I doubt they would offer something that was from a questionable developer. Still, I recommend 1Password even if their cost seems significant at first, but oneSafe could give someone a sense of whether they want to go that route with a more robust password management system later one, especially since 1P also has Mac, Windows and Android versions.
One alternative to 1P is to develop an algorithm to produce a password for a given account. My wife and I have a system where we use the first letter of each word of a sentence we can remember, and prepend/append a piece of the domain and something about the domain name length. You end up with a different password for every site, and can easily come up with the password for every site.
For example, my "memorable" sentence could be "The quick brown fox jumped over the lazy dog." -> tQbFjoTlD
Then add an a to the beginning for "appleinsider" and, say 2x the domain length to the end (12) -> atQbFjoTlD12
For facebook, it would be ftQbFjoTlD16. Unique and tough to guess, and no dependence on access to a service.
One alternative to 1P is to develop an algorithm to produce a password for a given account. My wife and I have a system where we use the first letter of each word of a sentence we can remember, and prepend/append a piece of the domain and something about the domain name length. You end up with a different password for every site, and can easily come up with the password for every site.
For example, my "memorable" sentence could be "The quick brown fox jumped over the lazy dog." -> tQbFjoTlD
Then add an a to the beginning for "appleinsider" and, say 2x the domain length to the end (12) -> atQbFjoTlD12
For facebook, it would be ftQbFjoTlD16. Unique and tough to guess, and no dependence on access to a service.
I agree that it would be virtually impossible to guess on its own, but the problem with all such "human rememberable" cyphers using the same cyber method is that if a website gets compromised, say, Apple Insider, I don't think it would take took much effort for an algorithm to figure out there is a pattern, especially with key elements like your first letter of the password and website are 'a' and you used password contains the number '12' which is the exact number of characters on the website. I know you said 2x but your example or Ai is 1x. Even at 2x, or even using some other value, if it's an evenly divisible it could still be an figured out… but that's not where the real trouble would lie.
The real issue is then Mac Rumours was hacked by the same group (or perhaps you used a different password on a different site owned by the same company so the hack was sill a single hack) that the listed your mtQbFjoTlD18 (doing 2x for the value as you intended). With just those two they could find a pattern for all your accounts that use that same pattern.
Now, I'm not saying this is very likely, since hackers will go after the easy prey much less wild animals attacking the youngest, oldest and weakest of the bunch. My point is that it's not a truly good system; it's simply a better system than others. The best system is one that uses unique passwords for each site.
Note: My previous use of an email alias like [email protected] did reference Apple Insider in the 'ai' but the number was random, and, in fact I'm using a s 6 character randomizer for the email aliases I'm changing for user names, where possible.
OS X server (and xSan) are intended for small business & specialty applications not as a general enterprise solution.
MS represents less then half of the enterprise servers right now (declining for the last decade or so BTW) The majority are BSD (& variants) and Linux (& varrients).
So... if you were seriously enquiring, there is a wealth of 3rd party (non MS) enterprise software running on those systems.
The damage done to T-mobile, Experian (and Target and Home depot and...) will last for years and likely cost the companies hundreds of millions of dollars (possibly billions?) in direct and indirect costs. Big Business is (finally) getting the message that they simply can't afford to trust MS software in critical applications.
I'm currently taking computer science classes and want to become a network admin or network designer. It is encouraging to know that maybe I wouldn't have to rely on Windows Server, but this is currently all that is being taught at my local community college. I would love to learn OS X server.
One alternative to 1P is to develop an algorithm to produce a password for a given account. My wife and I have a system where we use the first letter of each word of a sentence we can remember, and prepend/append a piece of the domain and something about the domain name length. You end up with a different password for every site, and can easily come up with the password for every site.
For example, my "memorable" sentence could be "The quick brown fox jumped over the lazy dog." -> tQbFjoTlD
Then add an a to the beginning for "appleinsider" and, say 2x the domain length to the end (12) -> atQbFjoTlD12
For facebook, it would be ftQbFjoTlD16. Unique and tough to guess, and no dependence on access to a service.
wouldn't 2x domain length for appleinsider be 24, not 12? that's a pretty cool system there.
I agree that it would be virtually impossible to guess on its own, but the problem with all such "human rememberable" cyphers using the same cyber method is that if a website gets compromised, say, Apple Insider, I don't think it would take took much effort for an algorithm to figure out there is a pattern, especially with key elements like your first letter of the password and website are 'a' and you used password contains the number '12' which is the exact number of characters on the website. I know you said 2x but your example or Ai is 1x. Even at 2x, or even using some other value, if it's an evenly divisible it could still be an figured out… but that's not where the real trouble would lie.
The real issue is then Mac Rumours was hacked by the same group (or perhaps you used a different password on a different site owned by the same company so the hack was sill a single hack) that the listed your mtQbFjoTlD18 (doing 2x for the value as you intended). With just those two they could find a pattern for all your accounts that use that same pattern.
Now, I'm not saying this is very likely, since hackers will go after the easy prey much less wild animals attacking the youngest, oldest and weakest of the bunch. My point is that it's not a truly good system; it's simply a better system than others. The best system is one that uses unique passwords for each site.
Note: My previous use of an email alias like [email protected] did reference Apple Insider in the 'ai' but the number was random, and, in fact I'm using a s 6 character randomizer for the email aliases I'm changing for user names, where possible.
All very true. It's still a security vs. convenience tradeoff, and I'm comfortable for the time being. Not too inconvenient, but pretty secure.
I'm currently taking computer science classes and want to become a network admin or network designer. It is encouraging to know that maybe I wouldn't have to rely on Windows Server, but this is currently all that is being taught at my local community college. I would love to learn OS X server.
While OS X server is a nice piece of kit, its primary advantage is that you don't need an IT person to setup or administrate it (for a small business)
That said; If your community college were doing you justice they would be teaching you Linux (and to a lessor extent BSD (AKA Unix)) Linux is very popular in several distro's (red hat being the most popular (primarily because of IBM's pushing it) However BSD is still common and has several key advantages (licensing advantages, stability, responsiveness under heavy loads)
I truly think your community college is doing you a great disservice. Because windows (enterprise servers) are in decline there is a glut of MCSE's, (as is the case in a shrinking market) if all you come out of school knowing is MS server setup and protocol's your chances of actually finding employment in enterprise is slim.
I think if I were (30 years younger &) in school for IT and wanted to put myself in front of the pack, I would get myself a copy of Linux & BSD & install and learn them (multi boot setups are fairly simple to set up) even if my school isn't teaching them (Redhat enterprise and FreeBSD are the leading distributions (however FreeBSD can be confusing to install and configure so perhaps start with PC-BSD (is an easy install & config version of FreeBSD))
While OS X server is a nice piece of kit, its primary advantage is that you don't need an IT person to setup or administrate it (for a small business)
That said; If your community college were doing you justice they would be teaching you Linux (and to a lessor extent BSD (AKA Unix)) Linux is very popular in several distro's (red hat being the most popular (primarily because of IBM's pushing it) However BSD is still common and has several key advantages (licensing advantages, stability, responsiveness under heavy loads)
I truly think your community college is doing you a great disservice. Because windows (enterprise servers) are in decline there is a glut of MCSE's, (as is the case in a shrinking market) if all you come out of school knowing is MS server setup and protocol's your chances of actually finding employment in enterprise is slim.
I think if I were (30 years younger &) in school for IT and wanted to put myself in front of the pack, I would get myself a copy of Linux & BSD & install and learn them (multi boot setups are fairly simple to set up) even if my school isn't teaching them (Redhat enterprise and FreeBSD are the leading distributions (however FreeBSD can be confusing to install and configure so perhaps start with PC-BSD (is an easy install & config version of FreeBSD))
Actually there are some Linux courses offered at some of the community colleges (I live in a medium sized city and there is a network of 4 colleges). One of my IT friends steered me towards Windows Server and said that it would probably be easier to get a career learning that, even though I expressed interest in the beginning of learning Unix/ Linux. I'm only in my first semester (I already have a BA in Media/ Communications and looking to get at least an AS in Computer Science) so still plenty of room to explore what I want to do and let it all fall into place. Thanks for your advice- I've always loathed Windows and everything about it. It's so insecure that you can't even do normal things like you can in OS X- open emails for instance, without all kinds of warnings popping up and strange noises happening and anti- virus software going off like crazy, it's such garbage. And that annoying clicking sound that happens every few seconds in IE.. what the heck is that??
1) Last year I gave T-Mo a shot due to their high trade-in for my old iPhone, the additional huge account pay off they offered as a new customer, and then I used their EIP (Equipment Installment Plan) program to pay off the device a little each month. My social security number was surely used for that, and I think my DL. The one thing I didn't do it keep a CC on file with T-Mo, just paid it off each month, but that doesn't mean that T-Mo didn't maintain a copy of my card number and data on their system, but I digress, since this breach was with Experian's storage of the T-Mo credit search.
2) I would expect T-Mo and Experian to offer free credit monitoring for a year or two to because of this, just like Target et al. have done before. I recommend everyone do this, and then setup a repeating Calendar entry to have you check every week, fortnight, or month to make sure your identity hasn't been comprised in terms of your credit rating. And I don't mean this only for T-Mo customers, but for everyone. If you can't get the service for free at least get your once-a-year, free credit report by signing up with one of the three major bureaus—and only them, do not use a third-party service. You won't get a score with the free once-a-year service, but you'll see any soft and hard inquiries made on your credit, and see any loans in your name. Note: Of course, that is US-centric, and I do not have information for other countries. If you have info please include it.
3a) This breach is bad, and my mother messaged me "freaking out," as she put it. I told her there was nothing to worry about in the grand scope of things. This is the world we live in so for any internet facing accounts (especially), we need to 1) make sure all our passwords are unique, 2) and complex, 3) that our answers for recovery questions are unique, and 4) use two-step verification when possible, but we can't remember all that info so we need to learn to be experts with a password manager. I choose 1Password.
3b) Additionally, we need to not to freak out about these breaches; not because there is nothing to worry about, but because the breaches we know about are likely the not the only breaches that exist. I bet there are countless breaches we've never known about that are worse. Who here worried about SSL security all those years before "Go To Fail" was found? Where was the worry about a gov't program called Prism that claimed major tech companies offer backdoors into our devices before Snowden revealed the PowerPoint slides? Why do we have a light on our camera to know it's on when we can see that on our Mac/WinPC screen when we're using it, but there is no such HW light tied to the microphone which could be listening and recording for years, or why we now freak out when we're given the option for Alexa or Siri to listen specifically for a key words? We don't freak out because of psychologically of not knowing. KEEP CALM AND CARRY ON… BUT BE PROACTIVE AND SMART ABOUT IT.
Great post!
A small aside: our friend and often foe in these Forums [@]Gatorguy[/@] has quite often pointed out the fact that it is the credit bureaus and assorted data collection and aggregation agencies that most people don't see, that are the biggest problem to privacy. That Google uses our data for nefarious purposes (to sell ads) and it is their main business model is "in the open" so to speak, and of course you can "opt out" from using any of their services or devices that tie into them. These other aggregators, not so much.
I just heard on the radio this morning that Europe will be cracking down on the collection of and future storage of European citizen's data by FB, Google and Co. For better or worse, our data is not allowed by law to be aggregated nor traded in the manner seen in the US. Yes of course within each nation we have to keep our eye on the secret services, but the premise that our data can be collected, bought and sold is nothing short of dangerous, especially because morals/ethics seem to always take a backseat to greed/money, which in itself leads to lazy/cheap security practises.
Comments
My mother had the same reaction.
PS: This week, Starbucks' "Pick of the Week" iOS app is offering for free, the password manager oneSafe. I've either heard of it or used it, but I doubt they would offer something that was from a questionable developer. Still, I recommend 1Password even if their cost seems significant at first, but oneSafe could give someone a sense of whether they want to go that route with a more robust password management system later one, especially since 1P also has Mac, Windows and Android versions.
The only way to be sure is to not have the computer that holds this information connected to the internet.
I think that comes under the heading of "nonsensical equivocation". It is the same argument windows apologists use comparing OS X to windows desktop security: "No computer is totally secure, therefor OS X and windows are equivalently secure". Poppycock! Windows can't be plugged into the internet for an hour unless it is behind a router (NAT firewall) without being "spontaneously" comprmised whereas OS X can (in default state) be online indefinitely without being invaded.
We (business owners, I specifically) NEED to have client logon's and file sharing, but I also don't want my network compromised. I obviously have personnel files and payroll & accounting (including client info and billing) computerized and networked. These systems need to be connected for them to function correctly. In the same way Target (or Tmobile) needs to be able to enter client credit applications at thier POS (point of sale) terminals. You simply have to have them connected.
The fact that 95% of windows system have (and require) 3rd party paid anti malware solutions in place (where as >90% of OS X systems don't have any anti-malware (other than that provided by the default system)) and yet 99% of the virus & malware infections are on windows systems speaks volumes. I am constantly amazed that windows sufferers continue on paying monthly "security" fees (to 3rd party anti-malwware companies) and yet have limited real security.
Saying "all" systems can be compromised therefor are equivalent is like saying that all flying is dangerous, therefore ultralights and hang gliding are equivalent to commercial airline travel. It simply isn't true. Your chance of crashing and being being injured hang gliding is considerable whereas your security on a commercial aircraft is almost assured (something like 99.9%)
My fear about Services like 1P is what happens when they are hacked or have a breach?
The breach would have to come from your system. 1Password stores nothing on their servers. You buy the app, it encrypts your Vault based on the password you choose, and then you choose how you wish to store your Vault if you wish to have it sync with another device. You can do it Dropbox, iCloud, a local WiFi sync on demand. The encryption is based on the password you use.
One great feature I requested from them—but I'm sure they were already working on before I asked—is Watchtower. Additionally, their Auditing section that will list any weak or old passwords
In fact, I recommend 1Password over others that are less expensive or free, like LastPass or Apple's iCloud Keychain, is the decentralized savings options and robust options. They are also very good about answering questions and taking ideas on their message board.
Now, it does take a little time to get all your passwords changed but once you've done it's smooth sailing. One "pro tip" is to also change the answer to your security questions to something that isn't something anyone will know. Now that you have 1Password you can add a field for that security question keyword(s) and then input the random letters for the answer to protect yourself even further. I take that one step further by using using the built-in email aliasing protocol that lets you input letters and numbers after your name and before the '@' symbol and domain with a '+' plus mark so that 1) if my email being used as a username is somehow stolen from a site, it can't be used on another site without me knowing about it, and 2) I will get to see which websites sell data to spammers (or had silent breaches in which my email addresses may have been sold to spammers. For example, if I had [email protected], I might use [email protected] for this site to help keep it isolated. I can easily do a search for ai23 in 1Password which will bring up only one result. Here's more information on this industry standard (that unfortunately isn't accepted by some websites, but used by every major email service):
And what is the alternative? Apple is slowly killing off OS X server hardware and software.
Linux is pretty much *the* answer for servers these days. Why anyone wouldn't use RHEL for a server stack is beyond me at this point.
My mother had the same reaction.
PS: This week, Starbucks' "Pick of the Week" iOS app is offering for free, the password manager oneSafe. I've either heard of it or used it, but I doubt they would offer something that was from a questionable developer. Still, I recommend 1Password even if their cost seems significant at first, but oneSafe could give someone a sense of whether they want to go that route with a more robust password management system later one, especially since 1P also has Mac, Windows and Android versions.
One alternative to 1P is to develop an algorithm to produce a password for a given account. My wife and I have a system where we use the first letter of each word of a sentence we can remember, and prepend/append a piece of the domain and something about the domain name length. You end up with a different password for every site, and can easily come up with the password for every site.
For example, my "memorable" sentence could be "The quick brown fox jumped over the lazy dog." -> tQbFjoTlD
Then add an a to the beginning for "appleinsider" and, say 2x the domain length to the end (12) -> atQbFjoTlD12
For facebook, it would be ftQbFjoTlD16. Unique and tough to guess, and no dependence on access to a service.
I agree that it would be virtually impossible to guess on its own, but the problem with all such "human rememberable" cyphers using the same cyber method is that if a website gets compromised, say, Apple Insider, I don't think it would take took much effort for an algorithm to figure out there is a pattern, especially with key elements like your first letter of the password and website are 'a' and you used password contains the number '12' which is the exact number of characters on the website. I know you said 2x but your example or Ai is 1x. Even at 2x, or even using some other value, if it's an evenly divisible it could still be an figured out… but that's not where the real trouble would lie.
The real issue is then Mac Rumours was hacked by the same group (or perhaps you used a different password on a different site owned by the same company so the hack was sill a single hack) that the listed your mtQbFjoTlD18 (doing 2x for the value as you intended). With just those two they could find a pattern for all your accounts that use that same pattern.
Now, I'm not saying this is very likely, since hackers will go after the easy prey much less wild animals attacking the youngest, oldest and weakest of the bunch. My point is that it's not a truly good system; it's simply a better system than others. The best system is one that uses unique passwords for each site.
Note: My previous use of an email alias like [email protected] did reference Apple Insider in the 'ai' but the number was random, and, in fact I'm using a s 6 character randomizer for the email aliases I'm changing for user names, where possible.
Apple enterprise servers?
OS X server (and xSan) are intended for small business & specialty applications not as a general enterprise solution.
MS represents less then half of the enterprise servers right now (declining for the last decade or so BTW) The majority are BSD (& variants) and Linux (& varrients).
So... if you were seriously enquiring, there is a wealth of 3rd party (non MS) enterprise software running on those systems.
The damage done to T-mobile, Experian (and Target and Home depot and...) will last for years and likely cost the companies hundreds of millions of dollars (possibly billions?) in direct and indirect costs. Big Business is (finally) getting the message that they simply can't afford to trust MS software in critical applications.
I'm currently taking computer science classes and want to become a network admin or network designer. It is encouraging to know that maybe I wouldn't have to rely on Windows Server, but this is currently all that is being taught at my local community college. I would love to learn OS X server.
One alternative to 1P is to develop an algorithm to produce a password for a given account. My wife and I have a system where we use the first letter of each word of a sentence we can remember, and prepend/append a piece of the domain and something about the domain name length. You end up with a different password for every site, and can easily come up with the password for every site.
For example, my "memorable" sentence could be "The quick brown fox jumped over the lazy dog." -> tQbFjoTlD
Then add an a to the beginning for "appleinsider" and, say 2x the domain length to the end (12) -> atQbFjoTlD12
For facebook, it would be ftQbFjoTlD16. Unique and tough to guess, and no dependence on access to a service.
wouldn't 2x domain length for appleinsider be 24, not 12? that's a pretty cool system there.
I agree that it would be virtually impossible to guess on its own, but the problem with all such "human rememberable" cyphers using the same cyber method is that if a website gets compromised, say, Apple Insider, I don't think it would take took much effort for an algorithm to figure out there is a pattern, especially with key elements like your first letter of the password and website are 'a' and you used password contains the number '12' which is the exact number of characters on the website. I know you said 2x but your example or Ai is 1x. Even at 2x, or even using some other value, if it's an evenly divisible it could still be an figured out… but that's not where the real trouble would lie.
The real issue is then Mac Rumours was hacked by the same group (or perhaps you used a different password on a different site owned by the same company so the hack was sill a single hack) that the listed your mtQbFjoTlD18 (doing 2x for the value as you intended). With just those two they could find a pattern for all your accounts that use that same pattern.
Now, I'm not saying this is very likely, since hackers will go after the easy prey much less wild animals attacking the youngest, oldest and weakest of the bunch. My point is that it's not a truly good system; it's simply a better system than others. The best system is one that uses unique passwords for each site.
Note: My previous use of an email alias like [email protected] did reference Apple Insider in the 'ai' but the number was random, and, in fact I'm using a s 6 character randomizer for the email aliases I'm changing for user names, where possible.
All very true. It's still a security vs. convenience tradeoff, and I'm comfortable for the time being. Not too inconvenient, but pretty secure.
wouldn't 2x domain length for appleinsider be 24, not 12? that's a pretty cool system there.
late night arithmetic is without guarantee :P
I'm currently taking computer science classes and want to become a network admin or network designer. It is encouraging to know that maybe I wouldn't have to rely on Windows Server, but this is currently all that is being taught at my local community college. I would love to learn OS X server.
While OS X server is a nice piece of kit, its primary advantage is that you don't need an IT person to setup or administrate it (for a small business)
That said; If your community college were doing you justice they would be teaching you Linux (and to a lessor extent BSD (AKA Unix)) Linux is very popular in several distro's (red hat being the most popular (primarily because of IBM's pushing it) However BSD is still common and has several key advantages (licensing advantages, stability, responsiveness under heavy loads)
I truly think your community college is doing you a great disservice. Because windows (enterprise servers) are in decline there is a glut of MCSE's, (as is the case in a shrinking market) if all you come out of school knowing is MS server setup and protocol's your chances of actually finding employment in enterprise is slim.
I think if I were (30 years younger &) in school for IT and wanted to put myself in front of the pack, I would get myself a copy of Linux & BSD & install and learn them (multi boot setups are fairly simple to set up) even if my school isn't teaching them (Redhat enterprise and FreeBSD are the leading distributions (however FreeBSD can be confusing to install and configure so perhaps start with PC-BSD (is an easy install & config version of FreeBSD))
While OS X server is a nice piece of kit, its primary advantage is that you don't need an IT person to setup or administrate it (for a small business)
That said; If your community college were doing you justice they would be teaching you Linux (and to a lessor extent BSD (AKA Unix)) Linux is very popular in several distro's (red hat being the most popular (primarily because of IBM's pushing it) However BSD is still common and has several key advantages (licensing advantages, stability, responsiveness under heavy loads)
I truly think your community college is doing you a great disservice. Because windows (enterprise servers) are in decline there is a glut of MCSE's, (as is the case in a shrinking market) if all you come out of school knowing is MS server setup and protocol's your chances of actually finding employment in enterprise is slim.
I think if I were (30 years younger &) in school for IT and wanted to put myself in front of the pack, I would get myself a copy of Linux & BSD & install and learn them (multi boot setups are fairly simple to set up) even if my school isn't teaching them (Redhat enterprise and FreeBSD are the leading distributions (however FreeBSD can be confusing to install and configure so perhaps start with PC-BSD (is an easy install & config version of FreeBSD))
Actually there are some Linux courses offered at some of the community colleges (I live in a medium sized city and there is a network of 4 colleges). One of my IT friends steered me towards Windows Server and said that it would probably be easier to get a career learning that, even though I expressed interest in the beginning of learning Unix/ Linux. I'm only in my first semester (I already have a BA in Media/ Communications and looking to get at least an AS in Computer Science) so still plenty of room to explore what I want to do and let it all fall into place. Thanks for your advice- I've always loathed Windows and everything about it. It's so insecure that you can't even do normal things like you can in OS X- open emails for instance, without all kinds of warnings popping up and strange noises happening and anti- virus software going off like crazy, it's such garbage. And that annoying clicking sound that happens every few seconds in IE.. what the heck is that??
Great post!
A small aside: our friend and often foe in these Forums [@]Gatorguy[/@] has quite often pointed out the fact that it is the credit bureaus and assorted data collection and aggregation agencies that most people don't see, that are the biggest problem to privacy. That Google uses our data for nefarious purposes (to sell ads) and it is their main business model is "in the open" so to speak, and of course you can "opt out" from using any of their services or devices that tie into them. These other aggregators, not so much.
I just heard on the radio this morning that Europe will be cracking down on the collection of and future storage of European citizen's data by FB, Google and Co. For better or worse, our data is not allowed by law to be aggregated nor traded in the manner seen in the US. Yes of course within each nation we have to keep our eye on the secret services, but the premise that our data can be collected, bought and sold is nothing short of dangerous, especially because morals/ethics seem to always take a backseat to greed/money, which in itself leads to lazy/cheap security practises.
FWIW, T-Mobile has been reaching out to customers to provide free credit monitoring service through Experian.