This could be a long essay. Or a ripping rant. But let me be brief for a change: if the DIY Internet is every going to flourish more widely, we’re going to have to get rid of “system administrators.” It’s time for us to control our own firewalls, servers, and IP pipes; intermediation by “network professionals” might have been okay 10 years ago, but DIY innovation requires instantaneous rollout and waiting around for uninterested third party technocrats to give us permission to implement introduces enough friction into the system to grind creativity to a halt.
What would the elements of a new model be, Peter? How do you see individual control over these types of things working for programmers vs. the end-user who still needs to be led through this sort of stuff? This isn’t a snotty comment; as an unenlightened end-user I’m curious.
My flippant response is, take it — it’s yours. You wanna fiddle with these often poorly documented devices and try to satisfy both the users who want to, well, use the network and the higher-ups who worry about abuse and misuse? By all means. Dunno how much time you’ll have for creativity … .
Heh, still raging about the fiasco at the Confed Centre, eh Peter? The problem isn’t that SysAdmins are getting in peoples way, it’s more along the lines of end users can’t be trusted to do what’s in their own best interest. As the graphs at http://isc.sans.org/survivalhi… show, an unpatched Windows machine won’t last 30 minutes on the Internet, and most users don’t know what Windows Update even is, let alone know how to use it. And don’t even get me started on network printing….
Even still, I’m very surprised Mike (the SysAdmin at the Confed Centre) doesn’t have a DMZ outside of the firewall that you could have used for your Skype work.
I’m not really raging about the Centre (and I’m not raging at all about Mike — he did as much as he could). I’m reacting to 20 years of stories from really interested, creative people — librarians, artists, designers, artists — working in institutions with a top-heavy IT infrastructure that affords them no controls over their means of digital production. There’s got to be a better way.
I don’t want to sound totally unsympathetic, btu I have been on both sides of this issue. Given two people, a creative type who wants to try [fill in the buzzword] and a network technician or sysadmin, who will get canned if the network goes down or is penetrated?
What this tells me, if there is a 20 year history of this, is that the creatives are not making a good case for what they want to do, to either integrate these services into the existing infrastructure or get a simple sandbox/DMZ set up so they can experiment to their heart’s content. In many cases, they could get what they want with a simple DSL connection and their own switch to plug into: this would be a fine testbed, if they could be trusted not to cross-connect with the institution’s network. 10 years ago, this required pulling in a dedicated circuit, but times have changed. Once they can demonstrate that this stuff is useful/essential/not likely to wreck anything, it would be less of a problem to get it implemented.
But no sysadmin/network technician wants to be harassed by someone saying, “we just need to poke one little hole in the firewall” with no backup, no nothing.