Outsourcing 101; Bill's Mills; AD Accounts and more
I liked Don Jones’ “Tips & Tricks” column, “Giving
,” in the March issue about the RUNAS command. I’ve been
working like this since the early NT 4.0 days. As Don mentions in the
column, life has gotten a lot easier since Windows 2000 and Windows XP.
But there’s still one thing I just can’t understand. The main feature
of running a program as another user is to reach files and programs with
different privileges. Even though I’m fond of using the command line (I
was born and raised during the DOS era), there’s still some stuff that
just works better with a graphical file viewer. That’s were you get shocked
to find out that you can run any program with the RUNAS command except
Explorer.exe itself! So you can’t use the best file management utility
you have as another user, forcing you to log off and log on as another
user to work with files. Do you know why this is? Or, do you know a good
way to work around this?
—Bruno Horvat, MCSA, MCSE
It’s definitely true that you can’t run Explorer with RUNAS; it won’t
let you run multiple instances of itself. That’s an overlooked area of
functionality with regard to security. What we really need is the old
Windows File Manager that can run as a separate utility! In the meantime,
there are third-party file management tools that may work for you (check
out www.download.com for several), which you could launch under alternate
credentials. Hope it helps!
As a fellow CISSP and reader of Roberta Bragg’s “Security Advisor” column,
I don’t believe March’s “Divide
and Conquer” could have come at a more opportune time. As such, I
have a best practices question regarding the creation of separate super
user accounts for administration. We currently require all domain admins
and higher to have separate accounts for administration purposes and one
for their regular roles, per best practices. However, as it stands now,
regular users who have roles such as help desk and desktop support are
members of the account operators group and use their user accounts for
The question came up due to a theoretical possibility of one of the members
of the account operators group logging on with normal credentials, opening
an infected e-mail and creating a backdoor that captures the logon credentials.
Those credentials could then be used to add or delete regular user accounts,
as well as log on locally to shut down domain controllers. The credentials
could also be used to delete any and all regular user accounts and groups
in the domain. What are your thoughts, Roberta?
—Jack Mackenzie, MCSE:Security, CISSP
Yes, I believe that best practices for administrative accounts should
extend to any account that has privileges that if compromised would...
Well, I see from your note that you get the point. Like everything else,
it’s a question of risk. It sounds like you’ve already answered your own
question. All that remains is to figure out how great the risk of such
an occurrence is and what other groups of users may have a similar situation.
In March’s “Call
Me Certifiable” column, Em C. Pea asked for suggestions on where Microsoft
might best put its cash reserves (now up to $50 billion) to work. You
readers didn't disappoint. Here are some of the responses we liked best.
Just sign Earth over to Bill already and get it done with. Then he can
come up with patches for the ozone layer as well as Windows...
—Brian S., via online
How about cutting down the federal debt, so that we can thank Microsoft for unslaving us, or opening some kind of investment fund that would double all corporate donations toward that same goal—and then force aforementioned corporations into donating by not patronizing them unless they do?
Or, forget the debt. We don’t seem to mind owing our souls; let Microsoft
make social security solvent for all of us baby boomers by opening and
running a trust fund for us.
I think Bill’s next strategy is to take over the oil companies—MS Exxon?
Even Bill doesn’t have enough money to buy the U.S.A. yet, but why should
he when he can control it with oil and software? A gallon of gas would
cost about the same as a Windows software CD—about $200. The rest of the
world would be in poverty trying to buy enough gasoline to get to their
job at MS Texaco, MS California or MS U.S. Congress. Of course, our children
would no longer graduate from high school; they would pick from a variety
of careers. MS Biologist: This person would develop new frontiers of science
to integrate human life into software interests. Microsoft Money Managers:
These people would provide more convenient ways of giving more money to
Bill. MS Medical Doctors would sell people medication to make sure they
don’t rebel against the system. And, of course, there would have to be
MS Prison for people like me who can’t keep their mouths shut.
—Loyal Blair, MCP
It’s actually very simple. Give it to SCO so they can sue over Linux.
—Timothy R. Davidson
In response to Dian Schaffhauser’s “Editor’s Desk” in the April issue,
Bites,” outsourcing is a reality that every sector of the job market
has to face. It’s a fact we have to deal with in a global economy.
What I disagree with is the idea that unions should somehow get involved. Unions have largely been the cause for much of the outsourcing in our country. They don’t negotiate with the best interest of both parties in mind and, therefore, force corporations to look elsewhere. An example is outsourcing in the automotive industry.
If unions get involved in this industry, it would be a compelling reason
for me to transition to another field, not outsourcing.
—Chad A Pirtle, MCP
I’m currently employed as an accountant but was hoping to switch to the IT sector as a database developer. I’m studying to complete an MCDBA/MCSD and am horrified to read the effect that outsourcing has on the IT industry. I’m seriously considering not completing this venture, despite having spent a large sum of money on computer equipment, courses and textbooks—not to mention the time commitment.
You can imagine my disappointment to learn that this dream appears to be in danger of being snatched from in front of me, literally as soon as my efforts are poised to pay off. The idea that salaries in IT are going to collapse and the jobs themselves be exported in large numbers to countries such as India, China and Russia is devastating.
Is the honest advice to anyone in the western high-wage economies, “Don’t
touch IT with a barge pole”?
I don’t think that domestic outsourcing and foreign offshoring are representative of the same problem. U.S.-based companies that compete with one another for the same service contracts at least are competing on a level playing field (skills, personnel, comparable education, and so on) and working from the same cost basis (cost of living, salary expectations,...). Sure, it’s easy to restate the argument that some of these companies aren’t entirely U.S.-based and have divisions overseas and, as such, they should have a competitive cost advantage when bidding contracts as their labor costs are less, but any short-term gain for such companies is illusionary at best and downright detrimental in the long run.
I love working in this field and was hoping it was a career that had
longevity and prosperity, but, for the first time, I’m beginning to have
misgivings about this concept. I imagine I’ll always be able to find work
as a software developer, due to proven experience with multiple platforms,
languages and management experience, but I fear it just won’t pay a living
—Drew Wildner, MCP
There’s a balanced way to do all of this. How many people changed their own oil in their car when they were younger? And now they have the dealership do it. It’s cheaper to have someone do something for you. Globalization is here—you can’t stop it. Yet, as a consultant, I see the limitations of outsourcing; I’m not trying to take money out of my pocket. The truth is, if you do something that most people can’t do, you can’t be everywhere at once. So good IT people will still have a job.
Outsoucing to offshore is another thing. There’s nothing wrong with someone
having a job, if he or she can do it. But can they? Communications is
still a problem—not just language but culture.
San Diego, California
About the Author
Have a question or comment about an article or letter that appeared in MCP Magazine?