* Posts by ShowEvidenceThenObject

7 posts • joined 9 Feb 2017

No, eight characters, some capital letters and numbers is not a good password policy

ShowEvidenceThenObject

IT will not win any support

This is typical - what we see is a lot of legacy stuff trussed up in a security policy with very little time to review or modernise.

Regardless of the policy, we still cannot expect people to support or follow policy without more education, or a hard lesson in cause and effect, such as being fined under GDPR.

We still have two problems. Information usually goes into a single bucket, and the security of it becomes IT's problem to fix, monitor and enforce. IT security has become more complex, and the company's solution is to put in generic access barriers, and an access policy. We expect that to be propogated to the business to read, understand and follow.

IT is my life, but I appreciate not all people are that way; I too would rather that nurses spent their time nursing.

IT will continue to hurt until better systems exist that can classify information correctly, silo it correctly, then put the correct access requirements in place - taking away that decision from general users.

Sure, content management and correctly marked templates are viable, but I've not seen an organisation, private or public, that fully understands how to use information metadata, let alone how to silo and protect it properly.

HPE supercomputer is still crunching numbers in space after 340 days

ShowEvidenceThenObject

Since it was intended to be a test of commercial-off-the-shelf tech, and manages one teraflop - but is that before or after the spectre/meltown patches? I'll volunteer to go if they need them applying to RHEL :)

Have YOU had your breakfast pint? Boffins confirm cheeky daily tipple is good for you

ShowEvidenceThenObject
Pint

Quote opportunities, ahoy

"This evidence should not be taken to support a protective effect of light drinking."

Hah. Too late.

Here's some phish-AI research: Machine-learning code crafts phishing URLs that dodge auto-detection

ShowEvidenceThenObject

When two AIs go to war

Defeating algorithms only takes a little bit of time, brain and experimentation.

What we want is for the detection and generation AIs to get to the logical conclusion more quickly:

"A strange game. The only winning move is not to play."

GCHQ bod tells privacy advocates: Most of our work is making sure we operate within the law

ShowEvidenceThenObject

Sure, when my phone/mobile computing device has backdoors baked in, and it is legal for the security services to get all the information "need, to make [you] secure", the people that really need to be monitored will be aware of it, and won't be using one.

The security services continue to try and socially engineer acceptance (or apathy) for these things, but telling everyone who groks the repeated failings in continuing to use dumb surveillance that "they are part of the problem", will never be a solution.

Morrisons launches bizarre Yorkshire Pudding pizza thing

ShowEvidenceThenObject

No chip spice, no sale

I'll be visiting Morrisons this weekend, but if it's not garnished with the finest chip spice, I will be disappointed.

Aye, the stuff that is mostly MSG and paprika with a lot of other dubious processed extracts.

Cheers!

Cattle that fail, not pets that purr – the future of servers

ShowEvidenceThenObject

Preaching to the converted

I'm a sysadmin. I have to work with tin, but I will work with cloud.

For now, because of the apps, and cost of running these apps in the cloud, tin is still in. However, there are plenty of cloudy app developers out there. Will most businesses engage, change and take risk to enable this move? Not if at all possible, or not quickly.

I'm not a complete sociopath because I still need to interact with the parts of the business that are not. Well, not until they get promoted to management, anyway.

Biting the hand that feeds IT © 1998–2019