In the early days SPARC was one of the only platforms that you could run x64 Java. Linux x64 was considered unstable and untested at the time.
So we bought massive SPARC boxes to host java apps. A lot of java apps at once. And yes the performance was garbage. A dedicated engineer at least just constantly on the lookout for performance issues.
I still remember one team going OK we built those new linux boxes for you. Only to find out they built them with 32bit linux. They simply would not build them x64. I had to remind them that the whole point of the project was to evaluate java on x64 intel. When they finally did rebuild them properly the initial performance tests were amazing. That company never looked back after that point.
The big reason they waited so long was they wanted/needed to migrate existing customers onto exa or cloud platforms. If they just killed it quickly they would effectively be loosing those customers, probably forever.
Also OracleDB was one of the only reasons to buy SPARC anymore. Database shops hate platform change in general. No one ever got fired for buying SPARC for the DB environment.
Lets face it Sun made mistakes. These mistakes made it ripe for take over and plundering by Oracle.
The biggest mistake was Linux. When Red Hat launched no one took it seriously. Red Hat legitimised Linux in the eyes of industry. Companies faced with massive expansions of internet equipment simply could not afford the iron from SUN / HP / IBM. These small start ups went to Linux. One such startup was Google. All of a sudden massive new companies emerged on a platform that was not enterprise iron. Overnight Dell become a major player in the server room.
What did Sun do about this? Nothing. Even when faced with new unit sales that were almost zero compared to just a few years before sun still did nothing. Sun released Solaris for x86/64. But completely forgot to get 3rdparty shops and it's on internal application development teams to port to it. They only thing that ran on the x86/64 Solaris was open source software. Stuff that was already running on much cheaper x86/64 gear. Sun limped on for a few years making the occasional uplift sale for existing gear in the field.
Then Oracle pounced. Suns mistakes led to this point. They sold for far less than they were worth. Why? The market lost all faith in Sun's ability to generate a cash flow. Thus the negative impact on asset value.
Oracle saw something it liked very much. Java. Oracle instantly went on a predatory path of trying to extract money out of Java. We all know how well that went. Oracle just recently announced that they are looking to open source the Java EE specification. This predatory cash grab caused some other interesting market changes. The explosion of new languages resulted and they got market share. Ruby on rails in my opinion would have never had as much success as it once did with out Oracles legal threats over java usage.
Oracle also needed to save it's DB division. At that point Oracle DB pretty much was only ever deployed on pricey Sun gear. Also Sun owned the control of MySQL. Which was growing at an astonishing speed. This threat needed to be squashed at all costs. In my mind these were the real reasons for Oracles purchase of Sun.
There were some other assets that Oracle was looking to sell off. But in the end Oracles taint reduced their value to zero. OpenOffice comes to mind.
I still remember the day when Oracle purchased Sun. There was an audible groan in the office. Execs around the world were scrambling to find alternatives to many products. Sun certified engineers instantly saw there pricey certificates devalue in an instant.
The only reasons Oracle has kept Solaris and SPARC alive for so long are: 1. Uplift purchases still come in. But not many. These can be counted in 1000's world wide. Basically nothing. 2. The platform became part of the Exadata/Exalogic platform. ( An an holy creation in my mind. )
The current model of mix mode delivery is complete BS. Because it allows the installations to have such truncated capacity out to the nodes that it is impossible to upgrade in the future.
I sit here and think, Aus has missed a huge opportunity to get a head a solve a lot of upcoming social problems. Now we have to pay to fix this mess for at least 30 years.
The NBN when first conceived and actually started to roll-out was basically a great network. Fiber to the home.
Then the politicians got involved.
The end result is that for a lot of Aussies. OK a LOT OF AUSSIES. the max speed they will get is less than 25mbs. For a lot of people this is actually a downgrade in service. There is no option to stay with the old service btw.
And to top it off. The build out is not putting enough fiber in the street to eventually run fiber to the home. So it the whole damn thing needs to be redone again. And it needs to start being redone before the NBN rollout is complete. Because that's how long the broken NBN is taking to rollout.
Programmers are not considered "professionals" by standard bodies. They do not have the power or responsibility to reject or overrule management. If management wants to cut corners, reduce testing, end run around process etc. Then there is basically nothing they can do about it other than quit.
To make programmers liable would result in a massive change in the industry. With the most noticeable impact being a dramatic increase in TTM and a massive blowout in costs. The industrial lobby would never allow this to happen. Nations that do not subscribe to these responsibility requirements will almost instantly become the new IT super shops.
By making the company and not the developer liable you enable countries to actually have an IT industry.
Civil engineering must occur in each nation. Software development does not. This simple fact makes liability very difficult to implement. Second reason is the calculation of damages. With civil engineering the cost of a problem is relatively easy to calculate. In IT systems where most companies hide the impact of a fault the ability to calculate impact cost is near impossible. Thus to compare civil eng with software dev is not a good comparison.
One of my biggest hates in modern trends in UX was to have hidden controls, magic corners and symbols with overloaded meanings.
You had to have magical knowledge to use these controls. Windows 8 being the biggest offender with magic corners with no visual indicator that lead to essential controls needed for normal operation. Windows 8 made my blood boil the instant I tried to use it. Unity was near useless unless you knew the name of the application you wanted, and for those of us with dyslexia it was a near impossible interface to use.
This none-sense of form over function resulting in hiding function in obscure locations was always a doomed model. There was also the none-sense drive to unify touch interfaces and keyboard mouse interfaces as one UX experience. The fundamental issue here is the UX form grew out of the input devices we had. punch cards -> card loader and status lights. keyboard -> terminal interfaces keyboard + mouse -> graphical windowed UI's touch -> tiled interfaces with gesture controls.
The UX world was in love with the touch interface and believed it would be the only interface. "There can only be one." Basically every UX went this path. Windows, IOS, Windows mobile, Win 8.x/10, Gnome, Unity. OSX almost fell into this trap as well but at least Apple product tested this option and realised it sucked for certain device types.
When Ubuntu/Canonical decided they were going after the mobile market, tablet and phone they decided to completely ditch the ageing X system and rebuild the whole UX technology stake and model it around touch. In the Linux world the reaction was swift. Gnome3 with similiar ideas at around the same time. Over night MATE and Cinnamon were born. Linux Mint distro shot up the popularity charts to become arguably the most popular desktop distro. Gnome felt the hit the hardest with a mass defection of developer talent into the MATE and Cinnamon camps. This ultimately hurt Canonical as well developers simply avoided Unity.
Hopefully people will come to realise that the UX is tied to the input methodology/technology. Having two UX shells on a system is not the end of the world as a matter of fact I would prefer this model. Where the shell is tied to input device and or user preference.
Now the first piece of the puzzle is what kind of developer are you? Because requirements and needs will vary dramatically. More generally where will you code or content run? - The browser? - Mobile device as an app? - Server side on a scaled web platform? - Backoffice processing? - Are you a Platform specialist as oppose to Software specialist? EG PaaS or SaaS.
Does your organisation need to mix and match these skills in order to deliver? These question are actually the requirements that drive setting up you development environment. I could give you what I think is the gold standard of environments. With out a doubt it would most likely not at all meet you needs. So what I'm going to do is lay out some of my requirements and some of the solutions I use. But I'm not going to actually reveal what it is that I develop.
1. My golden rule is never use the host OS on your machine for development. Development is basically an exercise of increasing disk clutter as you try new things work on this and that etc. It basically drags your host OS to a fast rebuild and lost downtime while you get the host backup to a working state for development. The host OS is generally reserved for the corp stuff. So all the apps they require etc. Generally developers hate those restricted environments of the corp OS anyway.
I have a laptop I still use everyday for tasks that has never been rebuilt. It's now 5 years old. It runs windows 7 as the host OS. I do almost everything in VM's on this box.
2. Generally I use virtualbox but vmware is good as well. Now I tend to establish a VM build that gets me up and running with my core tools via some flavor of automation. Vagrant has been king here for ages. Now when I mean I use these environments I mean I run my IDE and build pipelines in them. I never produce code on my host OS.
3. Each branch of code is a new VM set of hosts. I never re-use vm hosts. The hosts must come up to a spec that is useful quickly. All artefacts I need must come out of repo's as required. So if a branch closes I nuke the vm's associated with it.
4. VM generally are two disk volumes. The first volume is always the OS build. The second volume is used for all artefacts and development. 3rdparty tools are aimed at the first volume. In house tools come from the second volume. This allows me to have nice small and tight vm's on the limited laptop but actually mount the disk sucking volumes over the network. Where speed is required I set the OS to do a lot of caching of the remote volume. This spreads the network hit out over time and doesn't hurt me.
5. I stick to the rule that all software installs come from OS specific packages. NO BROWN BAG / TAR / ZIP transfer BS. Every piece of code must go through to a package in order to be installed for even the most basic testing. No shortcuts. Always iterate the whole pipeline.
6. Optional, I run a private network with in my host for the VM's. That I either have bridged or nat'd to the corp network. My gateway host runs bind, a firewall, and any other service I require. This way I do not violate the corp policies for unsanctioned hosts on the network.
So in general I only use Linux as my development host OS. But this may not work for everyone. Certain app builder environments just don't work in Linux, for example.
Note it is very easy to do this on a middle spec'd machine. The VM's are small. Very small actually the disk foot print is generally about 4Gig up to 10Gig per OS volume. I can run most of the VM's headless thus next to nothing in graphics resources. The RAM footprint is usually the big ones hit about 2Gig. But more often than not they are sitting around 750Meg. So I can run a lot of VM's comfortably on an 8Gig laptop. The big disk storage comes from NAS type devices on the corp network so I can operate OK on as little as 128Gig of disk. But I tend to want 512GB or 1TB locally.
One of the really nice things about using VM environments is when you are
Actually that's not true and the man in the middle design is horrible for many reasons.
The better inspection tools will use a lollipop design where the terminating https device spans than traffic to another device for traffic analysis. Traffic that requires modification can then be routed through the lollipop device on a case by case basis.
Ok this is going to sound like a shameless plug for Linux.
Win 7 was my last used OS from MS. I do have a win 8.1 VM I use on very rare occasions. ( Win 10 won't install as an upgrade on it. ) Win 8.1 was possibly the worst operating system I have ever worked with. What's with these invisible hot spots on the screen that you must magically know exist. Hot spots that just happen to be where the close on a window is. The tiles that are of No use to anyone that every used a computer. And the nightmare navigation of tiles menus and dialogues that essentially have no flow. The command line still after all these years is so utterly broken that only professional that live in the OS would understand it.
Now you have a Windows 10 that is like the article points out is simply and ad machine. Ad's which I expressly do not want to see. Do not want to have at all. Ads that eat resources. Ads that are yet another vector for infection and attack on my computers.
I want none of this garbage. Over the years I have used well probably all the major OS's out there. Some minor forks probably not. I have basically migrated everything to a Linux OS of some flavor. ( Some BSD in there ) And I've automated all of them. All my hosts do automatic updates, All hosts are scanned for the bad dudes. Even my routers and modems are now Linux. I've implemented a DNS blackhole for ads and malware. I've implemented backups and snap shots of all hosts. And I have built a central Network/Device health status that monitors basically everything.
All for the cost of the hardware alone.
Most of the shops I work in the first thing I do with the corp issued laptop is to clone the horrible MS OS nightmare they have on it to a VM image and run it as a VM on the same host. I then replace the original OS with a Linux variant. Now all of a sudden I have the ability to do all the corp BS stuff but I also have the ability to run my own development and test lab on that corp issued laptop.
Windows has gone down this path of making my computing life a royal pain in the backside. Where as Linux in the last few years has become fantastic OS for small tasks, server tasks, and even as a desktop. It's almost like MS doesn't want our business. Without MS as the OS there is very little if anything compelling me to purchase and use the other MS office tools. MS office tools are pretty horrible but since they don't play well at all with the whole computing eco system these days I really have no need to use them. So if the OS is annoying as hell and the alternatives aren't and the apps I use run on all OS's and/or browsers why do I need MS anymore?
( Excuse the typo's I'm dyslexic so it's difficult to see errors. )
Good lord this is fear based propaganda. Good lord the English speaking world is being overrun by right wing fear mongers AGAIN.
Yes anyone that mods a game would have just SOME of the skills requisite to performing cyber crime. Those same skills would most likely be applied to just being blue/white collar wage earning paying taxes worrying about the mortgage in 15 years time.
The missing piece of this puzzle is simple morals. How about just teaching respect and morality to children. I dare say this will have a far more positive impact on society and crime rates than this fear non-sense.
The head phone jack has been great. It did the trick. And for a lot of people if not most it still does. To change to another jack format is just stupid. It'll be excessively costly for consumers and frankly a waste.
I however have switched to wireless I use standard headphones with a bluetooth wireless receiver. And I love it. Why? Well my phone has become so much more than an audio device (phone,music,books). It's now my credit card, subway pass, door key etc. My phone is constantly being removed and put back into a pocket. The number of time my head phone wires have gotten caught on the odd thing here and there and caused my phone to go flying me to look like I have been yanked by the back of my head and have had my headphones ripped forcibly from my head are countless. All this stopped instantly once I went to a bluetooth receiver. I use the headphones I like and the controls for my audio and phone are now on the receiver. I don't even have to bring my phone out for audio tasks. They are so small I can place the receiver on my sleeve, in my pocket, clipped to my jeans where ever. I can move it around so that it doesn't get in the way of what I am doing.
And the best part is the receiver is only $25. I have a couple of them. One extra in the bag just in case the batteries die. But they rarely do.
Apple software installs effectively trash your carefully configured machine. How many WTF moments have I had just after a simple update and realise that my personal content has now magically moved. To where? Pictures and Videos I take of the family all of a sudden are assimilated into the Apple sphere. My preferences for video audio, homepage, picture, editing etc all trashed.
And in most case it's damn near impossible to remove. Thus being relegated to un-used software that is slowly dying in a dark corner of the hard-drive.
Do you have any concept of how much 2.5 billion is?
The average person in the United States will make a grand total of $3.4 million in just one life time. That's 735 lifetimes of money. All upfront. 1% interest on $2.5 billion is $25,000,000. This guy makes more on 1% interest in a year than the average person makes working in 7 lifetimes. That's 1%. Do you know how hard it is to only make 1% interest. Banks are going to borrow from this guy.
He he were to covert this into 1 dollar bills and stack them in a single pile. The pile would be:
895000 feet
169.5 miles.
This guy could achieve low earth orbit by simple stacking money and standing on it.
NFL players make on average 1.9 million. This make Mr. Minecraft equal to 24 NFL pro teams. Yep this guy makes as much a 2/3 of the entire league. Sorry he made that in one pay day.
What exactly is there to horde? This guy isn't an idiot. He's stupidly rich. Like Richie Rich rich. $70,000,000 our of $2,500,000,000 is still $2,430,000,000. That's multiple billions here still.
Most countries if they had 2.5 billion could pay off the entire countries debt.
If you think this guy is still an idiot I suggest you look in a mirror first.
NFC has taken off in Aus in a big way. With most retail outlets having terminals that take Paypass/Tap&Go ( NFC payment brand names here ) accepted across competing financial institutions.
There is zero chance Apple will make any headway here asking retailers to forgo the already established infrastructure. Also basically asking retailers to stump up money to install another payment network. Given the existing network was no additional cost to them.
Apple is making a mistake here. I don't think it will hurt them too much but Apple Pay will certainly not be a reason for market share growth of the platform. The larger screens most certainly will give them some growth but not this ridiculous shackle.
Yes, was curious to understand reasoning behind position.
I would have thought that that the need for firewalls was self evident.
The industry is full of bad ultimately harmful ideas which see widespread adoption for locally optimal reasons. It is far from self-evident to me firewalls do not fall squarely into this category.
You are stating that firewalls are harmful. What back this statement up?
The smart devices we use today all tend to have a variation on mainstream OS's. All of which come with some form of host based firewall. Thus the management of these devices from a firewall perspective is even easier. So much so that it is now possible for most marginally technical people to ensure they are properly configured at least at the time of device activation / installation.
I think today anything claiming to be a "smart device" needs no firewall because it accepts no incoming connections. It operates by calling home to the vendor. If you want to access your "smart device" you connect to the vendors server and ask nicely to please access your own gear. A mega ultra cloud firewall...!!1!!!!1!
More generally would be interested in understanding why a device with a specific purpose is more secure when it listens for commands through an internal firewall vs the same listener without? Is a bluetooth headset more secure behind a Bluetooth firewall? Perhaps a concrete example...
Smart device do not only initiate connections. If you use a stock OS as a base for you smart device you are also accepting the fact that these devices will also implement service listeners. You may have a crack team of coders that does a very good job of inspecting each service and only allowing the bare minimum and none that have rogue listeners. But your developers are not always able to review each line of code that is used in patches moving forward. Things change. And they should change. As things improve a good vendor will patch these devices. So Where am I going to invest my effort. I'm going to invest effort into making sure my product works perfectly. If I spend a tiny amount of time ensuring that things are blocked with a firewall I don't have to worry if some changes in apps and services that I'm not in total control of all of a sudden have listeners. I could care less if the firewall is blocking them. This means I'm investing far less effort into on going maintenance and getting the same secure result. Easy win for me.
The interesting thing is you do have a firewall on bluetooth. You do if you use bluetooth to carry IP traffic. This is of course if you use a firewall. So yah you are more secure from bad blue tooth devices if you have a firewall.
Why do you feel firewalls are effective? There seems to be an implicit assumption that firewalls are effective... what makes that true?
What if all the worlds firewalls were thrown in the trash heap and in their place systems were configured to accept only Authenticated, Authorized, Integrity protected, Encrypted inquiries from acceptable locations?
Would that world have better or worse security outcomes than todays world? I think no question it would be better.
No more making security decisions by ports and trivially spoofed address headers or checking worthless boxes on a compliance chart only to have the whole house of cards collapse when Debbie in accounting clicks on the wrong untrusted email message with spoofed from header.
Instead of administrators configuring ports and addresses in firewalls what if they instead spent that same time managing the only thing that means squat in a secure system... TRUST
It is not like the technology does not exist. People ignore it because it is easier to hide behind their precious firewalls. So they allow it and b
I would have thought that that the need for firewalls was self evident. Especially in a business context. Even more so in this context were financial transactions are being processed.
The smart devices we use today all tend to have a variation on mainstream OS's. All of which come with some form of host based firewall. Thus the management of these devices from a firewall perspective is even easier. So much so that it is now possible for most marginally technical people to ensure they are properly configured at least at the time of device activation / installation.
How many times have we heard stories about POS terminals at places like McDonald's being compromised and the bad guys scoop tons of customer data. Far too many is the answer. These devices had little to no protection at all from would be bad guys. Simple protections put in place like firewalls go a long way to addressing these vulnerabilities. Are they perfect. Of course not. But they are a lot better than having nothing. Today these protections can be implemented in a manor that has almost no impact on how people do business. Which means that when implemented correctly they will not cause any additional labor on the part of the end user in order to ensure that they remain secure.
Since it cause none or very little impact on the way you do business why wouldn't you implement these simple safe guards?
Data breaches and losses are a significant threat to companies. Small one more so than the large ones. Small companies fold when bad things happen. It's a trivial insurance policy that shockingly very few actually implement.
I do a ton of infrastructure builds. From a few boxes to 1000's of VM's. There is no excuse for no firewalls.
If a vendor is disabling the firewall then they should absolutely be approached. If the clown you are talking to says that's the way it's done then go over his head. Tell your boss.
Be gently of course. Doing the run around my hair is on fire dance is not going to win any one over.
You can even help the vendor. There are a ton of tools for all OS's that will help you determine the port that need to be open. Simply run up the software and scan the open ports. Tada you have a simple set of fire wall rules at least. Are they perfect? Of course not they can be improved on. But it's something at the very least. I'm not overly a fan of point to point rules in firewalls as they are self defeating in the long run. ( This is a longer story )
So yes host firewalls should always be enabled. And the rules you use better be documented.
Puppet is not orchestration. This problem is an orchestration problem. A very simple one but still orchestration.
Puppet is declarative which can mean it has no order to events. Most people make use of some screwball dependency chain in puppet giving the illusion of orchestration.
Use something Ansible if you want to orchestrate a change
This company has been a lowbrow bottom feeder since the beginning.
At first glance the pricing looks OK. But soon you realize you are fenced in. You find out your domain is held hostage by lack of features. Features that are ransomed off.
Buying Go-Daddy is purely a speculative exercise that is not backed by history or sane projections.
I was very active back in the early days of 5.0 development. I fought for this and lost.
I always struggled with the non-nonsensical @{} ${}..... style. It was difficult to mentally process. Long chains of dereferencing would be especially complicated.
Slashdot Mirror
In the early days SPARC was one of the only platforms that you could run x64 Java. Linux x64 was considered unstable and untested at the time.
So we bought massive SPARC boxes to host java apps. A lot of java apps at once. And yes the performance was garbage. A dedicated engineer at least just constantly on the lookout for performance issues.
I still remember one team going OK we built those new linux boxes for you. Only to find out they built them with 32bit linux. They simply would not build them x64. I had to remind them that the whole point of the project was to evaluate java on x64 intel. When they finally did rebuild them properly the initial performance tests were amazing. That company never looked back after that point.
The big reason they waited so long was they wanted/needed to migrate existing customers onto exa or cloud platforms. If they just killed it quickly they would effectively be loosing those customers, probably forever.
Also OracleDB was one of the only reasons to buy SPARC anymore. Database shops hate platform change in general. No one ever got fired for buying SPARC for the DB environment.
Lets face it Sun made mistakes. These mistakes made it ripe for take over and plundering by Oracle.
The biggest mistake was Linux. When Red Hat launched no one took it seriously. Red Hat legitimised Linux in the eyes of industry. Companies faced with massive expansions of internet equipment simply could not afford the iron from SUN / HP / IBM. These small start ups went to Linux. One such startup was Google. All of a sudden massive new companies emerged on a platform that was not enterprise iron. Overnight Dell become a major player in the server room.
What did Sun do about this? Nothing. Even when faced with new unit sales that were almost zero compared to just a few years before sun still did nothing. Sun released Solaris for x86/64. But completely forgot to get 3rdparty shops and it's on internal application development teams to port to it. They only thing that ran on the x86/64 Solaris was open source software. Stuff that was already running on much cheaper x86/64 gear. Sun limped on for a few years making the occasional uplift sale for existing gear in the field.
Then Oracle pounced. Suns mistakes led to this point. They sold for far less than they were worth. Why? The market lost all faith in Sun's ability to generate a cash flow. Thus the negative impact on asset value.
Oracle saw something it liked very much. Java. Oracle instantly went on a predatory path of trying to extract money out of Java. We all know how well that went. Oracle just recently announced that they are looking to open source the Java EE specification. This predatory cash grab caused some other interesting market changes. The explosion of new languages resulted and they got market share. Ruby on rails in my opinion would have never had as much success as it once did with out Oracles legal threats over java usage.
Oracle also needed to save it's DB division. At that point Oracle DB pretty much was only ever deployed on pricey Sun gear. Also Sun owned the control of MySQL. Which was growing at an astonishing speed. This threat needed to be squashed at all costs. In my mind these were the real reasons for Oracles purchase of Sun.
There were some other assets that Oracle was looking to sell off. But in the end Oracles taint reduced their value to zero. OpenOffice comes to mind.
I still remember the day when Oracle purchased Sun. There was an audible groan in the office. Execs around the world were scrambling to find alternatives to many products. Sun certified engineers instantly saw there pricey certificates devalue in an instant.
The only reasons Oracle has kept Solaris and SPARC alive for so long are:
1. Uplift purchases still come in. But not many. These can be counted in 1000's world wide. Basically nothing.
2. The platform became part of the Exadata/Exalogic platform. ( An an holy creation in my mind. )
I completely agree with you.
The current model of mix mode delivery is complete BS. Because it allows the installations to have such truncated capacity out to the nodes that it is impossible to upgrade in the future.
I sit here and think, Aus has missed a huge opportunity to get a head a solve a lot of upcoming social problems. Now we have to pay to fix this mess for at least 30 years.
The NBN when first conceived and actually started to roll-out was basically a great network. Fiber to the home.
Then the politicians got involved.
The end result is that for a lot of Aussies. OK a LOT OF AUSSIES. the max speed they will get is less than 25mbs. For a lot of people this is actually a downgrade in service. There is no option to stay with the old service btw.
And to top it off. The build out is not putting enough fiber in the street to eventually run fiber to the home. So it the whole damn thing needs to be redone again. And it needs to start being redone before the NBN rollout is complete. Because that's how long the broken NBN is taking to rollout.
Programmers are not considered "professionals" by standard bodies. They do not have the power or responsibility to reject or overrule management. If management wants to cut corners, reduce testing, end run around process etc. Then there is basically nothing they can do about it other than quit.
To make programmers liable would result in a massive change in the industry. With the most noticeable impact being a dramatic increase in TTM and a massive blowout in costs. The industrial lobby would never allow this to happen. Nations that do not subscribe to these responsibility requirements will almost instantly become the new IT super shops.
By making the company and not the developer liable you enable countries to actually have an IT industry.
Civil engineering must occur in each nation. Software development does not. This simple fact makes liability very difficult to implement. Second reason is the calculation of damages. With civil engineering the cost of a problem is relatively easy to calculate. In IT systems where most companies hide the impact of a fault the ability to calculate impact cost is near impossible. Thus to compare civil eng with software dev is not a good comparison.
One of my biggest hates in modern trends in UX was to have hidden controls, magic corners and symbols with overloaded meanings.
You had to have magical knowledge to use these controls. Windows 8 being the biggest offender with magic corners with no visual indicator that lead to essential controls needed for normal operation. Windows 8 made my blood boil the instant I tried to use it. Unity was near useless unless you knew the name of the application you wanted, and for those of us with dyslexia it was a near impossible interface to use.
This none-sense of form over function resulting in hiding function in obscure locations was always a doomed model. There was also the none-sense drive to unify touch interfaces and keyboard mouse interfaces as one UX experience. The fundamental issue here is the UX form grew out of the input devices we had.
punch cards -> card loader and status lights.
keyboard -> terminal interfaces
keyboard + mouse -> graphical windowed UI's
touch -> tiled interfaces with gesture controls.
The UX world was in love with the touch interface and believed it would be the only interface. "There can only be one." Basically every UX went this path. Windows, IOS, Windows mobile, Win 8.x/10, Gnome, Unity. OSX almost fell into this trap as well but at least Apple product tested this option and realised it sucked for certain device types.
When Ubuntu/Canonical decided they were going after the mobile market, tablet and phone they decided to completely ditch the ageing X system and rebuild the whole UX technology stake and model it around touch. In the Linux world the reaction was swift. Gnome3 with similiar ideas at around the same time. Over night MATE and Cinnamon were born. Linux Mint distro shot up the popularity charts to become arguably the most popular desktop distro. Gnome felt the hit the hardest with a mass defection of developer talent into the MATE and Cinnamon camps. This ultimately hurt Canonical as well developers simply avoided Unity.
Hopefully people will come to realise that the UX is tied to the input methodology/technology. Having two UX shells on a system is not the end of the world as a matter of fact I would prefer this model. Where the shell is tied to input device and or user preference.
Now the first piece of the puzzle is what kind of developer are you? Because requirements and needs will vary dramatically. More generally where will you code or content run?
- The browser?
- Mobile device as an app?
- Server side on a scaled web platform?
- Backoffice processing?
- Are you a Platform specialist as oppose to Software specialist? EG PaaS or SaaS.
Does your organisation need to mix and match these skills in order to deliver? These question are actually the requirements that drive setting up you development environment. I could give you what I think is the gold standard of environments. With out a doubt it would most likely not at all meet you needs. So what I'm going to do is lay out some of my requirements and some of the solutions I use. But I'm not going to actually reveal what it is that I develop.
1. My golden rule is never use the host OS on your machine for development. Development is basically an exercise of increasing disk clutter as you try new things work on this and that etc. It basically drags your host OS to a fast rebuild and lost downtime while you get the host backup to a working state for development. The host OS is generally reserved for the corp stuff. So all the apps they require etc. Generally developers hate those restricted environments of the corp OS anyway.
I have a laptop I still use everyday for tasks that has never been rebuilt. It's now 5 years old. It runs windows 7 as the host OS. I do almost everything in VM's on this box.
2. Generally I use virtualbox but vmware is good as well. Now I tend to establish a VM build that gets me up and running with my core tools via some flavor of automation. Vagrant has been king here for ages. Now when I mean I use these environments I mean I run my IDE and build pipelines in them. I never produce code on my host OS.
3. Each branch of code is a new VM set of hosts. I never re-use vm hosts. The hosts must come up to a spec that is useful quickly. All artefacts I need must come out of repo's as required. So if a branch closes I nuke the vm's associated with it.
4. VM generally are two disk volumes. The first volume is always the OS build. The second volume is used for all artefacts and development. 3rdparty tools are aimed at the first volume. In house tools come from the second volume. This allows me to have nice small and tight vm's on the limited laptop but actually mount the disk sucking volumes over the network. Where speed is required I set the OS to do a lot of caching of the remote volume. This spreads the network hit out over time and doesn't hurt me.
5. I stick to the rule that all software installs come from OS specific packages. NO BROWN BAG / TAR / ZIP transfer BS. Every piece of code must go through to a package in order to be installed for even the most basic testing. No shortcuts. Always iterate the whole pipeline.
6. Optional, I run a private network with in my host for the VM's. That I either have bridged or nat'd to the corp network. My gateway host runs bind, a firewall, and any other service I require. This way I do not violate the corp policies for unsanctioned hosts on the network.
So in general I only use Linux as my development host OS. But this may not work for everyone. Certain app builder environments just don't work in Linux, for example.
Note it is very easy to do this on a middle spec'd machine. The VM's are small. Very small actually the disk foot print is generally about 4Gig up to 10Gig per OS volume. I can run most of the VM's headless thus next to nothing in graphics resources. The RAM footprint is usually the big ones hit about 2Gig. But more often than not they are sitting around 750Meg. So I can run a lot of VM's comfortably on an 8Gig laptop. The big disk storage comes from NAS type devices on the corp network so I can operate OK on as little as 128Gig of disk. But I tend to want 512GB or 1TB locally.
One of the really nice things about using VM environments is when you are
Actually that's not true and the man in the middle design is horrible for many reasons.
The better inspection tools will use a lollipop design where the terminating https device spans than traffic to another device for traffic analysis. Traffic that requires modification can then be routed through the lollipop device on a case by case basis.
Ok this is going to sound like a shameless plug for Linux.
Win 7 was my last used OS from MS. I do have a win 8.1 VM I use on very rare occasions. ( Win 10 won't install as an upgrade on it. ) Win 8.1 was possibly the worst operating system I have ever worked with. What's with these invisible hot spots on the screen that you must magically know exist. Hot spots that just happen to be where the close on a window is. The tiles that are of No use to anyone that every used a computer. And the nightmare navigation of tiles menus and dialogues that essentially have no flow. The command line still after all these years is so utterly broken that only professional that live in the OS would understand it.
Now you have a Windows 10 that is like the article points out is simply and ad machine. Ad's which I expressly do not want to see. Do not want to have at all. Ads that eat resources. Ads that are yet another vector for infection and attack on my computers.
I want none of this garbage. Over the years I have used well probably all the major OS's out there. Some minor forks probably not. I have basically migrated everything to a Linux OS of some flavor. ( Some BSD in there ) And I've automated all of them. All my hosts do automatic updates, All hosts are scanned for the bad dudes. Even my routers and modems are now Linux. I've implemented a DNS blackhole for ads and malware. I've implemented backups and snap shots of all hosts. And I have built a central Network/Device health status that monitors basically everything.
All for the cost of the hardware alone.
Most of the shops I work in the first thing I do with the corp issued laptop is to clone the horrible MS OS nightmare they have on it to a VM image and run it as a VM on the same host. I then replace the original OS with a Linux variant. Now all of a sudden I have the ability to do all the corp BS stuff but I also have the ability to run my own development and test lab on that corp issued laptop.
Windows has gone down this path of making my computing life a royal pain in the backside. Where as Linux in the last few years has become fantastic OS for small tasks, server tasks, and even as a desktop. It's almost like MS doesn't want our business. Without MS as the OS there is very little if anything compelling me to purchase and use the other MS office tools. MS office tools are pretty horrible but since they don't play well at all with the whole computing eco system these days I really have no need to use them. So if the OS is annoying as hell and the alternatives aren't and the apps I use run on all OS's and/or browsers why do I need MS anymore?
( Excuse the typo's I'm dyslexic so it's difficult to see errors. )
Good lord this is fear based propaganda. Good lord the English speaking world is being overrun by right wing fear mongers AGAIN.
Yes anyone that mods a game would have just SOME of the skills requisite to performing cyber crime. Those same skills would most likely be applied to just being blue/white collar wage earning paying taxes worrying about the mortgage in 15 years time.
The missing piece of this puzzle is simple morals. How about just teaching respect and morality to children. I dare say this will have a far more positive impact on society and crime rates than this fear non-sense.
The cracker is the actual password DB's were safe. Just some developer wrote the affected sections to log file as well. In the clear BTW.
Always audit the log file.
The head phone jack has been great. It did the trick. And for a lot of people if not most it still does. To change to another jack format is just stupid. It'll be excessively costly for consumers and frankly a waste.
I however have switched to wireless I use standard headphones with a bluetooth wireless receiver. And I love it. Why? Well my phone has become so much more than an audio device (phone,music,books). It's now my credit card, subway pass, door key etc. My phone is constantly being removed and put back into a pocket. The number of time my head phone wires have gotten caught on the odd thing here and there and caused my phone to go flying me to look like I have been yanked by the back of my head and have had my headphones ripped forcibly from my head are countless. All this stopped instantly once I went to a bluetooth receiver. I use the headphones I like and the controls for my audio and phone are now on the receiver. I don't even have to bring my phone out for audio tasks. They are so small I can place the receiver on my sleeve, in my pocket, clipped to my jeans where ever. I can move it around so that it doesn't get in the way of what I am doing.
And the best part is the receiver is only $25. I have a couple of them. One extra in the bag just in case the batteries die. But they rarely do.
I have to completely agree.
Apple software installs effectively trash your carefully configured machine. How many WTF moments have I had just after a simple update and realise that my personal content has now magically moved. To where? Pictures and Videos I take of the family all of a sudden are assimilated into the Apple sphere. My preferences for video audio, homepage, picture, editing etc all trashed.
And in most case it's damn near impossible to remove. Thus being relegated to un-used software that is slowly dying in a dark corner of the hard-drive.
As we will have destroyed the biosphere and will have had to retreat to the underside.
Do you have any concept of how much 2.5 billion is? The average person in the United States will make a grand total of $3.4 million in just one life time. That's 735 lifetimes of money. All upfront. 1% interest on $2.5 billion is $25,000,000. This guy makes more on 1% interest in a year than the average person makes working in 7 lifetimes. That's 1%. Do you know how hard it is to only make 1% interest. Banks are going to borrow from this guy. He he were to covert this into 1 dollar bills and stack them in a single pile. The pile would be: 895000 feet 169.5 miles. This guy could achieve low earth orbit by simple stacking money and standing on it. NFL players make on average 1.9 million. This make Mr. Minecraft equal to 24 NFL pro teams. Yep this guy makes as much a 2/3 of the entire league. Sorry he made that in one pay day. What exactly is there to horde? This guy isn't an idiot. He's stupidly rich. Like Richie Rich rich. $70,000,000 our of $2,500,000,000 is still $2,430,000,000. That's multiple billions here still. Most countries if they had 2.5 billion could pay off the entire countries debt. If you think this guy is still an idiot I suggest you look in a mirror first.
NFC has taken off in Aus in a big way. With most retail outlets having terminals that take Paypass/Tap&Go ( NFC payment brand names here ) accepted across competing financial institutions. There is zero chance Apple will make any headway here asking retailers to forgo the already established infrastructure. Also basically asking retailers to stump up money to install another payment network. Given the existing network was no additional cost to them. Apple is making a mistake here. I don't think it will hurt them too much but Apple Pay will certainly not be a reason for market share growth of the platform. The larger screens most certainly will give them some growth but not this ridiculous shackle.
Do you mean the position that we need firewalls?
Yes, was curious to understand reasoning behind position.
I would have thought that that the need for firewalls was self evident.
The industry is full of bad ultimately harmful ideas which see widespread adoption for locally optimal reasons. It is far from self-evident to me firewalls do not fall squarely into this category.
You are stating that firewalls are harmful. What back this statement up?
The smart devices we use today all tend to have a variation on mainstream OS's. All of which come with some form of host based firewall. Thus the management of these devices from a firewall perspective is even easier. So much so that it is now possible for most marginally technical people to ensure they are properly configured at least at the time of device activation / installation.
I think today anything claiming to be a "smart device" needs no firewall because it accepts no incoming connections. It operates by calling home to the vendor. If you want to access your "smart device" you connect to the vendors server and ask nicely to please access your own gear. A mega ultra cloud firewall...!!1!!!!1!
More generally would be interested in understanding why a device with a specific purpose is more secure when it listens for commands through an internal firewall vs the same listener without? Is a bluetooth headset more secure behind a Bluetooth firewall? Perhaps a concrete example...
Smart device do not only initiate connections. If you use a stock OS as a base for you smart device you are also accepting the fact that these devices will also implement service listeners. You may have a crack team of coders that does a very good job of inspecting each service and only allowing the bare minimum and none that have rogue listeners. But your developers are not always able to review each line of code that is used in patches moving forward. Things change. And they should change. As things improve a good vendor will patch these devices. So Where am I going to invest my effort. I'm going to invest effort into making sure my product works perfectly. If I spend a tiny amount of time ensuring that things are blocked with a firewall I don't have to worry if some changes in apps and services that I'm not in total control of all of a sudden have listeners. I could care less if the firewall is blocking them. This means I'm investing far less effort into on going maintenance and getting the same secure result. Easy win for me.
The interesting thing is you do have a firewall on bluetooth. You do if you use bluetooth to carry IP traffic. This is of course if you use a firewall. So yah you are more secure from bad blue tooth devices if you have a firewall.
Why do you feel firewalls are effective? There seems to be an implicit assumption that firewalls are effective... what makes that true?
What if all the worlds firewalls were thrown in the trash heap and in their place systems were configured to accept only Authenticated, Authorized, Integrity protected, Encrypted inquiries from acceptable locations?
Would that world have better or worse security outcomes than todays world? I think no question it would be better.
No more making security decisions by ports and trivially spoofed address headers or checking worthless boxes on a compliance chart only to have the whole house of cards collapse when Debbie in accounting clicks on the wrong untrusted email message with spoofed from header.
Instead of administrators configuring ports and addresses in firewalls what if they instead spent that same time managing the only thing that means squat in a secure system ... TRUST
It is not like the technology does not exist. People ignore it because it is easier to hide behind their precious firewalls. So they allow it and b
Do you mean the position that we need firewalls?
I would have thought that that the need for firewalls was self evident. Especially in a business context. Even more so in this context were financial transactions are being processed.
The smart devices we use today all tend to have a variation on mainstream OS's. All of which come with some form of host based firewall. Thus the management of these devices from a firewall perspective is even easier. So much so that it is now possible for most marginally technical people to ensure they are properly configured at least at the time of device activation / installation.
How many times have we heard stories about POS terminals at places like McDonald's being compromised and the bad guys scoop tons of customer data. Far too many is the answer. These devices had little to no protection at all from would be bad guys. Simple protections put in place like firewalls go a long way to addressing these vulnerabilities. Are they perfect. Of course not. But they are a lot better than having nothing. Today these protections can be implemented in a manor that has almost no impact on how people do business. Which means that when implemented correctly they will not cause any additional labor on the part of the end user in order to ensure that they remain secure.
Since it cause none or very little impact on the way you do business why wouldn't you implement these simple safe guards?
Data breaches and losses are a significant threat to companies. Small one more so than the large ones. Small companies fold when bad things happen. It's a trivial insurance policy that shockingly very few actually implement.
I do a ton of infrastructure builds. From a few boxes to 1000's of VM's. There is no excuse for no firewalls.
If a vendor is disabling the firewall then they should absolutely be approached. If the clown you are talking to says that's the way it's done then go over his head. Tell your boss.
Be gently of course. Doing the run around my hair is on fire dance is not going to win any one over.
You can even help the vendor. There are a ton of tools for all OS's that will help you determine the port that need to be open. Simply run up the software and scan the open ports. Tada you have a simple set of fire wall rules at least. Are they perfect? Of course not they can be improved on. But it's something at the very least. I'm not overly a fan of point to point rules in firewalls as they are self defeating in the long run. ( This is a longer story )
So yes host firewalls should always be enabled. And the rules you use better be documented.
Here for the super lazy
http://lmgtfy.com/?q=becquerel...
This pattern only works for single nodes.
if you have a complex infrastructure you can't rely on this pattern alone.
Puppet is not orchestration. This problem is an orchestration problem. A very simple one but still orchestration.
Puppet is declarative which can mean it has no order to events. Most people make use of some screwball dependency chain in puppet giving the illusion of orchestration.
Use something Ansible if you want to orchestrate a change
This company has been a lowbrow bottom feeder since the beginning.
At first glance the pricing looks OK. But soon you realize you are fenced in. You find out your domain is held hostage by lack of features. Features that are ransomed off.
Buying Go-Daddy is purely a speculative exercise that is not backed by history or sane projections.
I was very active back in the early days of 5.0 development. I fought for this and lost.
I always struggled with the non-nonsensical @{} ${} ..... style. It was difficult to mentally process. Long chains of dereferencing would be especially complicated.
I'm very pleased to see this finally make it in.