Re: Who wasn't targeted
Using Yandex and not targeting russian companies would also be the simplest misdirect. or a misdirected misdirect. do they know that you know that they know that you know?
271 posts • joined 25 Dec 2009
One thing you can rely on bankers for is the ability to maximise profit.
If they paid 18b in fines over the year and still don't have proper governance, there is only one existing fact that can explain it: allowing money laundering and other financial crimes to continue is at least a good deal more profitable than the fines.
I got my introduction to databases in Access 1.1. After moving on to bigger things, I still used Access to model databases for a while. It would link to SQL Server and export table definitions so easily, and may as well have been free in comparison with other data modelling software of those days.
The trend towards hosted K8s like the big 3 do now certainly is a movein that direction. Sure, the fluff around it - management, provisioning and automation might be provider-flavored but if you run your own containers in K8s, that is really fairly portable.
That's a big step up from the microservices offering of a few years back with lambdas, azure functions, service fabrics and so on that certainly was fun to play with but very provider-centric.
Kidding aside, at some point where you have a very large workforce your policies have to choice but to become mostly anonymous: what actions, incentives, bonuses etc. will keep turnover at the lowest. It makes sense, what I want to hear from HR is "employee turnover in the dev team was only 5% this year".
But we have a few heroes too, and we pay special attention to them - tailored policies to keep *them* happy because while i want to retain each and every dev, if I was forced to pick between losing 5 of those "heroes" or 20 others, I'd prefer retaining those 5.
This is what they were bringing attention to I believe: some devs are "more equal" than others ;)
The truth of the matter is that all they care about is bypassing firewalls.
Everybody that uses a browser tends to get universal tcp/443 access, and using a new port for dns over tls would require cooperation from IT admins to work on any corporate network and could easily be messed with by ISP and 'others'.
Going by that, why even have proxies, firewalls, malware scans? Let's just assume everybody is as smart and trustworthy as you and do away with all the babysitting, right?
Let's ignore for a second the fact that a large subset of "everyone" actually *is* IT-illiterate and not able to to properly answer that challenge, even the smartest, most security-conscious person has the occasional moment of inattention and presses the wrong button.
The most dangerous ones are those that think security policies should not apply to them because they *know better*.
"Crunch mode" for games tends to be anything from 6 to 12 weeks before release, since release dates are dictated by marketing / holidays and not actual progress.
In classic games of the past, crunch time ended there (note: often in a lay-off!).
But that's not the reality anymore for all the microtransaction-based games as there are now ongoing weekly or monthly deadlines to provide patches/updates/new loot, so on some cases crunch never really ends as long as the game remains profitable.
... and nothing more than another box-ticking idea.
"My company is safe because people only get internet access and the ability to send out email when they make a business case for it".
*1 year later*
"My company got screwed because it turned out that 99% of employees made a strong business case for communicating with the outside world, so we're putting stricter rules in place and now only 10% of employees retained their access, the rest will have to make a STRONG business case for it following the new rules. NOW we're safe!"
*1 year later*
"Well it happened again ..."
"We're not making quite as much profit as we'd want in this very competitive sector, let's use some of that profit to diversify and grow in a different sector" sounds a lot better than "profits are down, let's fire 15,000 people so we get better dividends", no?
We used to heavily rely on Dyn until they coerced us into a $1000-a-month DNS bill entreprise plan based on some 95th percentile QPS (queries per second) bullshit because our domains were generating more queries per month than a (really, really low) number they had hidden in the fine print of their purchase process.
We moved our domains in a hurry to google's cloud dns while we figured out what to do next but ended up just leaving them there - works well enough, and costs pennies (literally).
The issue with that approach is that eventually the "Do No Evil" add-on you trust could be automatically updated to a "Do Much Evil" version by various means: Hacking of the dev pipeline by an external actor or rogue developer, acquisition of the add-on owner by an entity you would not trust anymore, etc.
"PROTIP : The brilliant idea of changing the RDP port from default 3389 to something else DOES NOT HELP. A portscan will sniff it out and your ass will see a six-pack whoopass."
And yet, we get soooo many client demands for firewall rules to allow various protocols on different ports "because it's more secure" ... :(
At the very least, because a new Windows computer needs something to download Chrome with.
Now, some may decide they don't need to since they'll already have the same engine and the choice to download Chrome will be about "who would you rather have spying on you?"
> It makes you wonder why projector manufacturers aren't doing the same?
To quote yourself, "because the $290 lamp gets very dim after about 1.5 years".
To us it's common sense, to them it's "replacing a perfectly good source of steady income with an option that's both cheaper and long-lasting", a lose-lose.
I don't know, I take the simpler approach and chalk it up to lobbying. A non-US company is taking away money from US companies. US companies buys politicians (let's call lobbying what it is). Politician make a fuss. This time they have the added bonus of being able to tie this to some security issue like they did with Kaspersky, but otherwise it's just standard "international commerce".
WebLogic is the base web server software through which Oracle APEX apps are exposed, right?
That's a perfect recipe for a clusterf**k there - an unproved web server, used mostly to expose drag-and-drop apps created "Using only a web browser and limited programming experience" -- i.e. managed by people with no business building applications in the first place, so probably lacking any ability to secure the thing.
And of course, the icing on the cake:
- If you're not running the latest version, no patch for you (some of those will be years old versions)
- If you're not currently under a support contract, no patch for you (even MS has the common sense to still distribute security update to known pirated copies of Windows)
We might have the beginning of the next next Adobe-scale security mess right there.
"US tech world has suffered from many years of cutting costs"
Indeed. The corporate-profits-above-all-else attitude on "our" only had one inevitable outcome and as emerging economies enter the tech sector with much larger workforces and without (yet) being plagued by the same issues, the 5G Huawei-vs-the-West debacle is likely to only be the first of a long list that might be remembered as a turning point.
US companies lobbying their way to a ban on grounds of "national security" certainly won't work long term or for all types of tech either.
Add to that the different attitudes towards education in the US vs those emerging economies and this is likely to be a long term affair.
"DNA can develop defects -- cancer and mutations are the subject of huge amounts of medical research. Might want to include ECC in your DNA storage technology."
I only very vaguely know what I'm talking about but DNA mutations only occurs on replication / during cell divisions or somesuch right, now "at rest" on its own? Or without I assume external influence like radiation etc. which this storage would be protected against?
Biting the hand that feeds IT © 1998–2020