It may not be a dark corner of the web, but I'm finding that I'm getting a lot of value from my YouTube Red subscription. No, you don't get the professionalism of a true cable show, but there are a lot of interesting things to go watch. Amazon Prime Video is another one.
Since Hollywood is supposedly threatening to strike, maybe they should take a few years off. That way, we can see some more indie content that isn't following the same cookie-cutter format in lockstep.
I wouldn't trust Geek Squad anyway. A while back, I bought a tablet at Best Buy, and asked GS to stick a screen protector on it. It took them -hours- to do that, and to boot the job was not really impressive, with obvious globs of dust stuck between the plastic and screen.
If they can't get such a basic thing done, why would I trust them with anything more complicated?
You would be surprised. When I was looking for work a few months ago, knowing the exact tool was a deal breaker. If you didn't know Bamboo, the interview was over, for example. Or, if you GitLab and GHE, but not BitBucket, you were shown the door.
In my personal experience, Apple stuff is still widely regarded as high end in a lot of workplaces. Should Apple be able to step into the enterprise, it would definitely be a large market. It isn't like Apple hasn't been there, because with the XSan, Apple was the #2 selling storage vendor for a while (long time ago, but still notable.)
Ideally, Apple should spin the enterprise division off, similar to Filemaker/Claris. That way, the toymaking arm can focus on new shinies while a dedicated company can work on what enterprises need. Heck, take the XServe... it may not have been a hit, but it was a very solid piece of equipment for its time. Done right, Apple could keep a premium price point and compete with things like UCS, but it would take some design (perhaps a hypervisor in the BIOS so machines can be racked/stacked/wired, turned on, and immediately be ready for taking VM or distributed storage loads), but with all the cash in Apple's war chest, they could buy Nutanix or StarWind Software and be in the enterprise game in no time.
It really depends on the company. Almost all organizations say "we use Agile methodology", and it can mean either little or nothing, or a lot.
For example, one place I worked at was proud of their "Agile" system. However, I wound up spending 4-6 hours a day in stand-up meetings which were a combination of a confessional, Celebrity Apprentice blamestorm/tattlefest with people wringing their hands on how others are blocking them, and long speeches as each member defended themselves and tried to point the blame about why little was getting done, as well as the SCRUM master wanting in-depth explanations about what people are doing with every single ticket assigned to them.
Another place I worked at last year had their stand-ups be just significant notable issues, and would never last more than 5-10 minutes.
Are there any plans or products to help with IoT security?
RedHat is one of the few companies that can step in and do something in regards to device security, even when device makers have little to no interest in this topic, as to them, security has no ROI, or as one IoT company exec told me, "the only person that has ever made money from a padlock is the lock maker."
Being able to lure IoT vendors to use secure tools wouldn't just benefit them, but it would benefit the Internet in a whole. Even something like manifest lists that interact with FirewallD to ensure a device is only able to communicate with authorized devices and cannot take input/output from rogue sources would improve the IoT ecosystem tremendously.
Ideally a phone should be like a computer. It might come with a default OS/firmware, but one should be given the option to change things easily. For example, if I want a Google-free experience, I should be able to have a device loaded with Amazon's store natively, Alexa present, and so on. Or, perhaps F-droid as the store/repository of choice with no commercial presence by any companies if I so chose.
Sometimes, you can replace some things. Nova Launcher, a custom keyboard go on any new Android phone I have so I have the same UI regardless of brand. However, there are still a ton of underlying apps that shouldn't be there. Yes, one can firewall them with root access, but the ideal is to have nothing on the phone unless it is absolutely needed.
tl;dr, have a default bloatware experience the phone ships as default, but have an option to be able to load something custom and usable. If I don't want a part of the Amazon ecosystem, I throw on GApps.
That is a sure failure on HR's part right there. When it is common knowledge that a certain person is causing good people to prepare their three envelopes, HR needs to get involved and either have management put the offending person in a place that they can't keep harming the corporate infrastructure, or even better, give them the boot.
The Time Capsule's functionality hasn't really been added to. Yes, Apple does update the firmware every so often, but fundamentally, the device hasn't seen any fundamental improvements. Even an el cheapo 1 drive NAS like a Synology DS115 gets significant new stuff every so often. The "old" Apple would have had a Time Capsule automatically copy data to a cloud provider (be it iCloud or another), and if a Mac needed a restore, it would first try to hit the TC, then would redirect to where the cloud data is stored. Apple could make some money in selling multi-drive Time Capsules with built in RAID and the ability to back themselves up to the cloud (client-side encrypted, with a Secure Enclave built into the NAS) for peace of mind. People would pay a premium for a dual-drive TC with RAID 1, a good filesystem, encryption, backups to iCloud, and the ability to install a new Mac from the LAN. However, Apple seems uninterested in this market segment.
The MBP? A Dell XPS 13 is a better MBP than a 2016 13" MBP on the hardware front. The software front, it is obvious that macOS has the hind teat when it comes to improvements. Windows is winding up ahead of macOS just because Apple hasn't done anything to keep it going. While Apple might offer one or two new doodads, Microsoft adds functionality almost anywhere. The WSL is a nice thing, for example. Plus, Microsoft keeps upping its game on security. The Edge browser is supposedly going to be placed in its own Hyper-V VM, completely separating it from the OS. On the virtualization front, W10 comes with Hyper-V, while Apple has absolutely nada for this. The most significant thing in macOS is APFS... but that is mainly so iOS has better encryption, as opposed to be something designed for Macs only.
I would hate to have a desktop Mac. The Mac Mini hasn't been touched in years, and the last refresh was a four core to two core downgrade. The Mac Pro, Apple's flagship machine? Will it be five years before it sees a refresh? For a flagship machine, Apple should rebrand the canister Mac Pro as a high end desktop box, and make a true E-7 Xeon Mac Pro in the traditional tower case with closed loop water cooling.
The iPod Touch gets some items, every so often. Because of that, it does work well as an emergency authentication device, because apps work on it, although the platform is definitely not as popular as it used to be. However, with some work, it isn't dead yet. Apple could pitch it as a method of recovering access to websites and such should one lose their phone, especially with 2FA protected by a Secure Enclave chip.
The iPhone and the iPad are the only two items that are "blessed" by Apple, and it is pretty obvious that they have this status. They are the only devices that get significant new functionality every year, and have a constant refresh cycle.
I would agree here. F/OSS tends to be about "scratching an itch", but I would say developers of a lot of projects have pride in their work and go above and beyond the call of duty. One example is Borg Backup, which I've been following. Even though nobody is funding the project, it is active and has matured a lot from the Attic fork it once was. This type of code quality where even attacks in theory are fixed is pretty much nonexistent in the private sector for the most part.
It is a reflection of the software development methodology in general. MongoDB is supposed to be fast... like taking a car, yanking all the seats, the windows, the doors, the hood and trunk, all but one brake pad, and saying that it is a performance monster. Of course, the fact that it has been rendered worthless for tasks that need audibility and security is beside the point.
The ironic thing is that you don't have to run MongoDB to get MongoDB functionality. PostgreSQL can do the same thing, except it has a proven track record of security.
The real question... why bother with MongoDB at all, unless something like Splunk requires it? There are better solutions available, both F/OSS and non.
I wouldn't blame the devs. They know where the money is buttered, and that is placating people who scream the loudest, which tends to be marketing and sales. A sales guy clenches a new contract, but told the customer the product has "xxx" feature. It really doesn't, so dev has to cough that feature up ASAP or else the sale gets lost. Management looks at security and the time it takes to do it right versus cur corners, sees that it doesn't bring any revenue, and tells the dev staff that security can be strapped on later after the sale is made.
In a number of places, the devs are in an offshore sweatshop, and really don't know any better. Tell them to code a widget, they do that. They will not know, nor care about defensive programming because it takes time away from doing code quantity.
The person to blame are the PMs who pooh-pooh security because they think it has no ROI.
From what I've seen, IBM wants to pull away from AIX because they know that the POWER8 market is shrinking, and so is AIX. This isn't to say that AIX is bad -- it is arguably extremely secure and mature, just like Solaris. However, the market in general is moving from Big Iron to x86-64, to VMs, to cloud based VMs, to serverless services (AWS Lambda), and from pets to cattle, where backups basic redundancy are viewed as a bother [1] and not an official need.
IBM isn't dumb. Softlayer OpenStack will be an effective competitor to AWS in a few revs, and for some tasks, it is effective now. They know that a lot of businesses want only one piece of server hardware locally, and that's the edge switch/router to connect their workstations to the cloud provider.
This is not to say AIX is dead by any means. However, IBM is following the money, and that is to be a cloud provider, guaranteeing income monthly.
[1]: A few months, during a job interview, I was told by one of the interviewers, "asking a cloud based startup about backups and uptime is like asking Tesla about what length and material their buggy whips are made from." Needless to say I went elsewhere.
There are places which will throw gold and encrust gems on anything. A few years ago, there was a place selling gold flecks in a capsule so one could have blingy poop.
The fact that the phone is expensive and has Trump's name on it is notable, but if someone wanted the same thing with someone else's face, I'm sure Goldgenie would be more than happy to do that.
As for a phone, an iPhone 7 is OK... but if one is going to spend the big bucks, why not a phone from Vertu? Might as well have the name recognition as well.
The iPhone 4 had this as well. This is more of an iOS feature. Set a password (not a PIN), and if your password has all numbers in it, you will get a PINpad, not a full A-Z typewriter allowing you to type in your code and hit the enter button, no matter the length.
I wouldn't say splitting stuff into different processes is wrecking Firefox. In fact, the Edge browser will end up being split off into a completely separate Hyper-V VM (Windows Defender Application Guard.) The advantage of separating at this level is that malware has a layer between it and hardware, where it can't just flash bogus firmware to a keyboard because the keyboard input is virtualized, for example.
The more separation between the browser and the rest of the OS, the better. The ideal would be something like Qubes OS, with COW used to allow multiple browser instances that don't take up much RAM (although rowhammer protection will be needed.) We have firewalls to keep untrusted stuff from the Internet well away from internal machines; we should do the same with web browsers that are in constant contact with potentially malicious stuff.
In the past, I would have said the same thing. However, when I look at the market, I wonder, what would be the real solution that someone else can offer. The only company that even comes close to having the cloud data centers, a decent client OS, application support, and some sort of framework is Apple... and Apple appears to not give a rat's ass about anything enterprise anymore.
The ironic thing... I could see Apple nailing this contract if they had wanted to. It might have taken throwing up some FedRAMP/FISMA compliant OpenStack support for computing, but all the other puzzle pieces are in place.
Correction, "who is to say" is what was meant. Is MS perfect? No. However, they have gone from dinosaur to a company which moves and evolves fast. The fact that they are able to step in and handle the DoD's needs is a good example. I'm no MS fan, but I do give them credit for being able to do what needs done.
With virtually every single company out there going head over heels for anything cloud related, one of the things MS brings to the table is a decent ironclad cloud offering. Server backups? DPM to an array, then to Azure. Desktops? DPM as well. AV? Endpoint Manager handles that fairly well.
Then, there is Windows 10 LTSB, and that can be something useful, as it will not be sprouting ads or new features come every 6-12 months.
Now, is this good or bad? Who is to day. However, MS seems to be able to step into markets and make money faster than Apple these days, not to mention offering some actual innovations that are not just RDF hype.
There are CM tools. In theory, one could use Puppet or Ansible with groups of desktops. However, in general, both of these tools are "push" methods which don't work well with mobile devices or computers, while GPOs tend to be pull based, so a client behind a number of NATs would still be able to work.
I would assert that this is the case as well. For massive numbers of Windows boxes, GPOs and policies are the best way out there to keep everything under control. Tools like SCCM and SCOM don't hurt either, especially when it comes to ensuring consistency of patches across large numbers of machines.
This isn't to say that CM tools like Puppet, Chef, et. al., don't have their place, but for desktops, the management tools available for Windows arguably suck the least.
I would say probably both. Part of it was being skittish about the mentioned clearance problem (which couldn't be blamed on a battery maker), part of it is that the press would make it into a major issue, especially on a flagship device. So, Samsung went overboard to pull those devices off the market.
One side note. It is the solstice today, so a good chunk of the world has cooler temperatures. Come summer, I'd expect some batteries to overheat possibly adding more bad press.
Slashdot Mirror
It may not be a dark corner of the web, but I'm finding that I'm getting a lot of value from my YouTube Red subscription. No, you don't get the professionalism of a true cable show, but there are a lot of interesting things to go watch. Amazon Prime Video is another one.
Since Hollywood is supposedly threatening to strike, maybe they should take a few years off. That way, we can see some more indie content that isn't following the same cookie-cutter format in lockstep.
I wouldn't trust Geek Squad anyway. A while back, I bought a tablet at Best Buy, and asked GS to stick a screen protector on it. It took them -hours- to do that, and to boot the job was not really impressive, with obvious globs of dust stuck between the plastic and screen.
If they can't get such a basic thing done, why would I trust them with anything more complicated?
You would be surprised. When I was looking for work a few months ago, knowing the exact tool was a deal breaker. If you didn't know Bamboo, the interview was over, for example. Or, if you GitLab and GHE, but not BitBucket, you were shown the door.
Makes me wonder if in a few years, Agile and SCRUM will be like how TQM was in the 1990s.
In my personal experience, Apple stuff is still widely regarded as high end in a lot of workplaces. Should Apple be able to step into the enterprise, it would definitely be a large market. It isn't like Apple hasn't been there, because with the XSan, Apple was the #2 selling storage vendor for a while (long time ago, but still notable.)
Ideally, Apple should spin the enterprise division off, similar to Filemaker/Claris. That way, the toymaking arm can focus on new shinies while a dedicated company can work on what enterprises need. Heck, take the XServe... it may not have been a hit, but it was a very solid piece of equipment for its time. Done right, Apple could keep a premium price point and compete with things like UCS, but it would take some design (perhaps a hypervisor in the BIOS so machines can be racked/stacked/wired, turned on, and immediately be ready for taking VM or distributed storage loads), but with all the cash in Apple's war chest, they could buy Nutanix or StarWind Software and be in the enterprise game in no time.
It really depends on the company. Almost all organizations say "we use Agile methodology", and it can mean either little or nothing, or a lot.
For example, one place I worked at was proud of their "Agile" system. However, I wound up spending 4-6 hours a day in stand-up meetings which were a combination of a confessional, Celebrity Apprentice blamestorm/tattlefest with people wringing their hands on how others are blocking them, and long speeches as each member defended themselves and tried to point the blame about why little was getting done, as well as the SCRUM master wanting in-depth explanations about what people are doing with every single ticket assigned to them.
Another place I worked at last year had their stand-ups be just significant notable issues, and would never last more than 5-10 minutes.
Are there any plans or products to help with IoT security?
RedHat is one of the few companies that can step in and do something in regards to device security, even when device makers have little to no interest in this topic, as to them, security has no ROI, or as one IoT company exec told me, "the only person that has ever made money from a padlock is the lock maker."
Being able to lure IoT vendors to use secure tools wouldn't just benefit them, but it would benefit the Internet in a whole. Even something like manifest lists that interact with FirewallD to ensure a device is only able to communicate with authorized devices and cannot take input/output from rogue sources would improve the IoT ecosystem tremendously.
Ideally a phone should be like a computer. It might come with a default OS/firmware, but one should be given the option to change things easily. For example, if I want a Google-free experience, I should be able to have a device loaded with Amazon's store natively, Alexa present, and so on. Or, perhaps F-droid as the store/repository of choice with no commercial presence by any companies if I so chose.
Sometimes, you can replace some things. Nova Launcher, a custom keyboard go on any new Android phone I have so I have the same UI regardless of brand. However, there are still a ton of underlying apps that shouldn't be there. Yes, one can firewall them with root access, but the ideal is to have nothing on the phone unless it is absolutely needed.
tl;dr, have a default bloatware experience the phone ships as default, but have an option to be able to load something custom and usable. If I don't want a part of the Amazon ecosystem, I throw on GApps.
That is a sure failure on HR's part right there. When it is common knowledge that a certain person is causing good people to prepare their three envelopes, HR needs to get involved and either have management put the offending person in a place that they can't keep harming the corporate infrastructure, or even better, give them the boot.
iPhone, check.
MBP, check.
iPad, check.
iPod Touch, check.
Time Capsule, check.
The Time Capsule's functionality hasn't really been added to. Yes, Apple does update the firmware every so often, but fundamentally, the device hasn't seen any fundamental improvements. Even an el cheapo 1 drive NAS like a Synology DS115 gets significant new stuff every so often. The "old" Apple would have had a Time Capsule automatically copy data to a cloud provider (be it iCloud or another), and if a Mac needed a restore, it would first try to hit the TC, then would redirect to where the cloud data is stored. Apple could make some money in selling multi-drive Time Capsules with built in RAID and the ability to back themselves up to the cloud (client-side encrypted, with a Secure Enclave built into the NAS) for peace of mind. People would pay a premium for a dual-drive TC with RAID 1, a good filesystem, encryption, backups to iCloud, and the ability to install a new Mac from the LAN. However, Apple seems uninterested in this market segment.
The MBP? A Dell XPS 13 is a better MBP than a 2016 13" MBP on the hardware front. The software front, it is obvious that macOS has the hind teat when it comes to improvements. Windows is winding up ahead of macOS just because Apple hasn't done anything to keep it going. While Apple might offer one or two new doodads, Microsoft adds functionality almost anywhere. The WSL is a nice thing, for example. Plus, Microsoft keeps upping its game on security. The Edge browser is supposedly going to be placed in its own Hyper-V VM, completely separating it from the OS. On the virtualization front, W10 comes with Hyper-V, while Apple has absolutely nada for this. The most significant thing in macOS is APFS... but that is mainly so iOS has better encryption, as opposed to be something designed for Macs only.
I would hate to have a desktop Mac. The Mac Mini hasn't been touched in years, and the last refresh was a four core to two core downgrade. The Mac Pro, Apple's flagship machine? Will it be five years before it sees a refresh? For a flagship machine, Apple should rebrand the canister Mac Pro as a high end desktop box, and make a true E-7 Xeon Mac Pro in the traditional tower case with closed loop water cooling.
The iPod Touch gets some items, every so often. Because of that, it does work well as an emergency authentication device, because apps work on it, although the platform is definitely not as popular as it used to be. However, with some work, it isn't dead yet. Apple could pitch it as a method of recovering access to websites and such should one lose their phone, especially with 2FA protected by a Secure Enclave chip.
The iPhone and the iPad are the only two items that are "blessed" by Apple, and it is pretty obvious that they have this status. They are the only devices that get significant new functionality every year, and have a constant refresh cycle.
I would agree here. F/OSS tends to be about "scratching an itch", but I would say developers of a lot of projects have pride in their work and go above and beyond the call of duty. One example is Borg Backup, which I've been following. Even though nobody is funding the project, it is active and has matured a lot from the Attic fork it once was. This type of code quality where even attacks in theory are fixed is pretty much nonexistent in the private sector for the most part.
It is a reflection of the software development methodology in general. MongoDB is supposed to be fast... like taking a car, yanking all the seats, the windows, the doors, the hood and trunk, all but one brake pad, and saying that it is a performance monster. Of course, the fact that it has been rendered worthless for tasks that need audibility and security is beside the point.
The ironic thing is that you don't have to run MongoDB to get MongoDB functionality. PostgreSQL can do the same thing, except it has a proven track record of security.
The real question... why bother with MongoDB at all, unless something like Splunk requires it? There are better solutions available, both F/OSS and non.
I wouldn't blame the devs. They know where the money is buttered, and that is placating people who scream the loudest, which tends to be marketing and sales. A sales guy clenches a new contract, but told the customer the product has "xxx" feature. It really doesn't, so dev has to cough that feature up ASAP or else the sale gets lost. Management looks at security and the time it takes to do it right versus cur corners, sees that it doesn't bring any revenue, and tells the dev staff that security can be strapped on later after the sale is made.
In a number of places, the devs are in an offshore sweatshop, and really don't know any better. Tell them to code a widget, they do that. They will not know, nor care about defensive programming because it takes time away from doing code quantity.
The person to blame are the PMs who pooh-pooh security because they think it has no ROI.
From what I've seen, IBM wants to pull away from AIX because they know that the POWER8 market is shrinking, and so is AIX. This isn't to say that AIX is bad -- it is arguably extremely secure and mature, just like Solaris. However, the market in general is moving from Big Iron to x86-64, to VMs, to cloud based VMs, to serverless services (AWS Lambda), and from pets to cattle, where backups basic redundancy are viewed as a bother [1] and not an official need.
IBM isn't dumb. Softlayer OpenStack will be an effective competitor to AWS in a few revs, and for some tasks, it is effective now. They know that a lot of businesses want only one piece of server hardware locally, and that's the edge switch/router to connect their workstations to the cloud provider.
This is not to say AIX is dead by any means. However, IBM is following the money, and that is to be a cloud provider, guaranteeing income monthly.
[1]: A few months, during a job interview, I was told by one of the interviewers, "asking a cloud based startup about backups and uptime is like asking Tesla about what length and material their buggy whips are made from." Needless to say I went elsewhere.
There are places which will throw gold and encrust gems on anything. A few years ago, there was a place selling gold flecks in a capsule so one could have blingy poop.
The fact that the phone is expensive and has Trump's name on it is notable, but if someone wanted the same thing with someone else's face, I'm sure Goldgenie would be more than happy to do that.
As for a phone, an iPhone 7 is OK... but if one is going to spend the big bucks, why not a phone from Vertu? Might as well have the name recognition as well.
The iPhone 4 had this as well. This is more of an iOS feature. Set a password (not a PIN), and if your password has all numbers in it, you will get a PINpad, not a full A-Z typewriter allowing you to type in your code and hit the enter button, no matter the length.
I wouldn't say splitting stuff into different processes is wrecking Firefox. In fact, the Edge browser will end up being split off into a completely separate Hyper-V VM (Windows Defender Application Guard.) The advantage of separating at this level is that malware has a layer between it and hardware, where it can't just flash bogus firmware to a keyboard because the keyboard input is virtualized, for example.
The more separation between the browser and the rest of the OS, the better. The ideal would be something like Qubes OS, with COW used to allow multiple browser instances that don't take up much RAM (although rowhammer protection will be needed.) We have firewalls to keep untrusted stuff from the Internet well away from internal machines; we should do the same with web browsers that are in constant contact with potentially malicious stuff.
MeWe is another one as well. It isn't as popular, but has some decent groups on it.
In the past, I would have said the same thing. However, when I look at the market, I wonder, what would be the real solution that someone else can offer. The only company that even comes close to having the cloud data centers, a decent client OS, application support, and some sort of framework is Apple... and Apple appears to not give a rat's ass about anything enterprise anymore.
The ironic thing... I could see Apple nailing this contract if they had wanted to. It might have taken throwing up some FedRAMP/FISMA compliant OpenStack support for computing, but all the other puzzle pieces are in place.
Correction, "who is to say" is what was meant. Is MS perfect? No. However, they have gone from dinosaur to a company which moves and evolves fast. The fact that they are able to step in and handle the DoD's needs is a good example. I'm no MS fan, but I do give them credit for being able to do what needs done.
With virtually every single company out there going head over heels for anything cloud related, one of the things MS brings to the table is a decent ironclad cloud offering. Server backups? DPM to an array, then to Azure. Desktops? DPM as well. AV? Endpoint Manager handles that fairly well.
Then, there is Windows 10 LTSB, and that can be something useful, as it will not be sprouting ads or new features come every 6-12 months.
Now, is this good or bad? Who is to day. However, MS seems to be able to step into markets and make money faster than Apple these days, not to mention offering some actual innovations that are not just RDF hype.
There are CM tools. In theory, one could use Puppet or Ansible with groups of desktops. However, in general, both of these tools are "push" methods which don't work well with mobile devices or computers, while GPOs tend to be pull based, so a client behind a number of NATs would still be able to work.
I would assert that this is the case as well. For massive numbers of Windows boxes, GPOs and policies are the best way out there to keep everything under control. Tools like SCCM and SCOM don't hurt either, especially when it comes to ensuring consistency of patches across large numbers of machines.
This isn't to say that CM tools like Puppet, Chef, et. al., don't have their place, but for desktops, the management tools available for Windows arguably suck the least.
I would say probably both. Part of it was being skittish about the mentioned clearance problem (which couldn't be blamed on a battery maker), part of it is that the press would make it into a major issue, especially on a flagship device. So, Samsung went overboard to pull those devices off the market.
One side note. It is the solstice today, so a good chunk of the world has cooler temperatures. Come summer, I'd expect some batteries to overheat possibly adding more bad press.