Unity is the main reason I have stuck with Ubuntu this long. With that gone it may be time to find a new distro. I have lost confidence in Canonical.
Already I've started to switch my Docker containers from Ubuntu to Alpine Linux. That's made me realize how bloated and complicated Ubuntu often is. It usually takes like half the time to do an uncached build of an Alpine based insane versus an equivalent Ubuntu based image.
Ideally I'd like to find something that has both a minimalist server flavor available, as well as a full desktop flavor. For now that's still very convenient. In a few years I expect it won't matter nearly so much.
In Soviet America, everything is illegal. You are always watched, always under suspicion, always already guilty. Please report to your nearest Gulag camp for a lifetime of state sanctioned forced sodomy. Thank you for your compliance. Good bless America, death to the Russians, and fuck you plebs that's why.
Yes, of course the Russian threat hysteria is comically overblown and mostly about ugly domestic politics.
But also... OF COURSE Kapersky snoops your files. ALL antivirus software snoops. Damn near all proprietary software whatsoever snoops.
Remember, in America we have the best justice money can buy. You have all the rights you can afford to sue for in Federal court. So unless you're a whole fucking lot richer than I am, you have no rights at all. Including the right to privacy.
If you TRUST Symantec and the security state, you're a fool. If you TRUST Kapersky and the Russians, you're a fool. But if you rationally assess that you have less to fear from a foreign tyranny than from the tyranny at home... well, that's just being realistic.
Yup. Source you're not allowed to see = assumed insecure.
Note that for fedgov and affiliated companies, US-owned proprietary software source code may be available for review, custom compilation, etc. For them it may not automatically be considered insecure. For the rest of us... yeah man.
I guess if you really want a 'secure' computer as a civilian, run an obscure OpenBSD fork on funky hardware. And pray a lot.
It's notoriously difficult to get companies to allocate time and money for security-specific projects. So that's out. But there are at least two ways to leverage being the only group that knows/cares about security.
First, you can do an 'assist' move. Your colleague on another team proposes some project that you think is a good idea. If as devops guy you say to the boss, "this project will improve the security of our systems", that's a strong argument in favor of the project. Makes it harder for management to say "no".
Second and more important, you have essentially a veto power, if you learn to use it correctly. If you just say "this proposal is bad for security"... well, someone might or might not listen. But if you pull out the lawyerish CYA language it works a lot better:
"Dear Bossman, In my considered professional opinion proposal X will be severely detrimental to the security of our systems. By going ahead with X, we are exposing both the company and our customers to unnecessary and potentially disastrous risk. Having notified you of this unacceptable risk, I disclaim any and all personal responsibility for any adverse effects that may result."
Make sure it's in writing and in the official company email system. Since covering your ass is an essential part of being a manager, they tend to recognize and respond to that kind of wording. By warning then disclaiming responsibility, you've chucked the responsibility up a level in the org chart. That's very likely to kill proposal X. And if it doesn't, your ass is covered.:)
So you do believe the Efficient Market Lie. Any particular reason? It seems fairly obviously false to me and to most unindoctrinated observers - so I'm wondering what's the basis of your faith?
Ah... You're one of those people who thinks a) "real security" is possible, and b) that "real security" or some approximation thereof is not frightfully expensive.
Indeed. It's time for our industry to grow up. Time for software and IT workers to recognize our real position in the class structure, and start acting with solidarity.
You know that old buzzword "infrastructure as code"? Yeah, that one is actually accurate. In a devops role you write the code that IS the infrastructure.
So yes, you'll write deploy scripts, usually in the form of Ansible playbooks, Dockerfiles, Chef cookbooks, etc. And infrastructure definitions, usually in Terraform's dialect of HCL. You'll configure continuous testing (please stop misusing the phrase "continuous integration") tools and glue them into a build pipeline. And you'll adapt your colleagues' code to work with this style of infrastructure, e.g. 12-factorization.
One thing you will NOT do is build/configure servers by hand. If you have to do that, you're doing it wrong.
In a small company, devops is also usually the only team who know and/or care about security. For some that's a burden. But if you play your politics right, it can be a powerful source of leverage.
Slashdot Mirror
Unity is the main reason I have stuck with Ubuntu this long. With that gone it may be time to find a new distro. I have lost confidence in Canonical.
Already I've started to switch my Docker containers from Ubuntu to Alpine Linux. That's made me realize how bloated and complicated Ubuntu often is. It usually takes like half the time to do an uncached build of an Alpine based insane versus an equivalent Ubuntu based image.
Ideally I'd like to find something that has both a minimalist server flavor available, as well as a full desktop flavor. For now that's still very convenient. In a few years I expect it won't matter nearly so much.
Ah.. So it supports some extended characters, but not Vietnamese.
Swáát shÄ©t!
What's with you people and the obscure Russian slang?
In Soviet America, everything is illegal. You are always watched, always under suspicion, always already guilty. Please report to your nearest Gulag camp for a lifetime of state sanctioned forced sodomy. Thank you for your compliance. Good bless America, death to the Russians, and fuck you plebs that's why.
I, too, learned that in Civics class wheni was 15. Alas reality is far uglier.
They have to. It's DUH LAW!
Hahahahahahahaha! You don't really believe that, do you?
Dude...
Yes, of course the Russian threat hysteria is comically overblown and mostly about ugly domestic politics.
But also... OF COURSE Kapersky snoops your files. ALL antivirus software snoops. Damn near all proprietary software whatsoever snoops.
Remember, in America we have the best justice money can buy. You have all the rights you can afford to sue for in Federal court. So unless you're a whole fucking lot richer than I am, you have no rights at all. Including the right to privacy.
If you TRUST Symantec and the security state, you're a fool. If you TRUST Kapersky and the Russians, you're a fool. But if you rationally assess that you have less to fear from a foreign tyranny than from the tyranny at home... well, that's just being realistic.
Yup. Source you're not allowed to see = assumed insecure.
Note that for fedgov and affiliated companies, US-owned proprietary software source code may be available for review, custom compilation, etc. For them it may not automatically be considered insecure. For the rest of us... yeah man.
I guess if you really want a 'secure' computer as a civilian, run an obscure OpenBSD fork on funky hardware. And pray a lot.
Vlad Putin spit on my shoes while I was walking at the shopping mall. Unprovoked! That bastard!!
It's notoriously difficult to get companies to allocate time and money for security-specific projects. So that's out. But there are at least two ways to leverage being the only group that knows/cares about security.
First, you can do an 'assist' move. Your colleague on another team proposes some project that you think is a good idea. If as devops guy you say to the boss, "this project will improve the security of our systems", that's a strong argument in favor of the project. Makes it harder for management to say "no".
Second and more important, you have essentially a veto power, if you learn to use it correctly. If you just say "this proposal is bad for security"... well, someone might or might not listen. But if you pull out the lawyerish CYA language it works a lot better:
"Dear Bossman, In my considered professional opinion proposal X will be severely detrimental to the security of our systems. By going ahead with X, we are exposing both the company and our customers to unnecessary and potentially disastrous risk. Having notified you of this unacceptable risk, I disclaim any and all personal responsibility for any adverse effects that may result."
Make sure it's in writing and in the official company email system. Since covering your ass is an essential part of being a manager, they tend to recognize and respond to that kind of wording. By warning then disclaiming responsibility, you've chucked the responsibility up a level in the org chart. That's very likely to kill proposal X. And if it doesn't, your ass is covered. :)
So you do believe the Efficient Market Lie. Any particular reason? It seems fairly obviously false to me and to most unindoctrinated observers - so I'm wondering what's the basis of your faith?
It appears they have succeeded in that respect.
Is it not delightful to see baizou turn on their own kind and tear one another to shreds?
Ah... You're one of those people who thinks a) "real security" is possible, and b) that "real security" or some approximation thereof is not frightfully expensive.
How naive.
Build the infrastructure, and developers will use it.
Indeed. It's time for our industry to grow up. Time for software and IT workers to recognize our real position in the class structure, and start acting with solidarity.
For reals, broham?
Sort of, but not quite.
You know that old buzzword "infrastructure as code"? Yeah, that one is actually accurate. In a devops role you write the code that IS the infrastructure.
So yes, you'll write deploy scripts, usually in the form of Ansible playbooks, Dockerfiles, Chef cookbooks, etc. And infrastructure definitions, usually in Terraform's dialect of HCL. You'll configure continuous testing (please stop misusing the phrase "continuous integration") tools and glue them into a build pipeline. And you'll adapt your colleagues' code to work with this style of infrastructure, e.g. 12-factorization.
One thing you will NOT do is build/configure servers by hand. If you have to do that, you're doing it wrong.
In a small company, devops is also usually the only team who know and/or care about security. For some that's a burden. But if you play your politics right, it can be a powerful source of leverage.
A $200k/yr mom & pop store needs air-gapped secure systems? I see...
So all small businesses should just quit and close up shop? Thanks for the insightful suggestion.
Corollary: Capitalists are your enemy.
You don't actually *believe* the Efficient Market Lie, do you?
If you expect to find "unbiased reporting", you will be led like the sheep you are.