As a IT worker. I'll pass. My pay is higher than my peers, because I could negotiate it. I have more vacation than many of my co-workers, because I could negotiate it. I got promoted 3 months into my new job, because I'm a strong hard worker who gets my job done. None of this would have been possible with a union. I've worked in a union before when I worked at a college. Wages were low (I got a 50k raise when I left), promotions were often seniority based rather than performance based, vacation was set based on experience, etc. A terrible way to live.
Face rec is the one thing holding me back. I've got a 7+ and I love it, but I won't be using a phone that uses my face to unlock. No fingerprint scanner and I'm looking at what other options I have. I just wish there was a phone option that has a fingerprint scanner and is not tied to the google ecosystem. I don't use google products.
auto backup of photos as I take them on my phone. Let's start there. I don't have to worry about syncing my phone when I get home to protect my vacation trip photos. I don't have to worry about dropping my phone off the boat and losing the days photos. I don't have to worry about how much storage I've got left. That's what google has.
The joke of this is that it actually inspired me to finally download all the roms for the systems I love. It's not like there is a legal way for me to download and play these games. Such a pointless waste.
I use VS Code from Microsoft. I love it. It's light weight enough to be useful without a lot of work and powerful enough to get my job done. I used it when I had a windows 10 notebook, I used it on my ubuntu Dell notebook, and I use it now in my new role with my macbook pro.
I disagree. The testing is no more complex than testing random patches in production. In fact once the pipeline is built it is easier as you know the exact same artifact you used for DEV/QA/ETC is what is going in production. Your second argument doesn't hold up for similar reasons. Immutable or not, you still need testing, qa, etc. You simply can't know for sure production looks just like QA without immutable architecture.
But it doesn't have to be that way. DevOps can still have least privilege and separation of duties. Pipelines can auto deploy to dev, push button to QA and require authorized users/quorums/etc to push to production. I know it's not done correctly everywhere, but we can say that about anything. I know a SaaS product that still has manual deploys to dev, QA, and prod done by hand. They do no security audits, their devs cowboy fix issues not caught in QA. Deployment know how is held by 2-3 people who are literally copying files and doing database updates by hand. It's scary shit.
First, you move to immutable infrastructure. Stop patching, start designing to replace. We have a time limit on all VMs and containers to ensure they are replaced regularly to comply with 'patching'. New images are consistent and tested. Patched instances are not. Sure not all systems can meet this, but any workload that fits a container should by default be immutable.
Some workloads will still require patching (active directory for example). Ideally though 80% of your systems are immutable, 10% are able to function as immutable with some careful work, and the last 10% get to be pets we spend all our time trying to euthanize and replace with farm animals.
We leverage devops for everything. If it can't be pipelined it can't be implemented. We even changed AV companies because of a lack of a API. Our image building pipeline even uses test cases to ensure the resulting images really meet the requirements.
We have the opposite. We have a dedicated security engineering team that works along side our engineering teams. We ensure that the security requirements are met and even pair program with the other engineers. I write code every day in my security engineering role. I build pipelines, I write scripts, build recommendations and requirements, and even sometimes get down in the day to day with helping engineering solve complex issues.
Lastly, my masters program included a secure software design course. It was terribly lacking.
We don't need a voters list. We can validate the ID. If the ID is unable to be validated as an official government ID we have bigger issues than voter fraud.
I have Hillary and I did not vote for her. I think she was a terrible choice for president. I have seen no evidence of your claims. So if you are going to make claims like that you are going to need to provide real, audit-able, substantial proof. Otherwise I'm just going to believe you are talking out your ass.
Do you have to believe the election was stolen to want to secure it? It seems both sides agree our elections are in jeopardy and nobody wants to do anything about it.
What is wrong with doubling down on securing our election tools? We have ample proof that outside parties want to manipulate our elections. If they have or have not does not matter, we need to take steps to ensure that our elections are secure and safe. They are literally the most important part of our country. If they are compromised the US is compromised.
I could give a fuck who is president, but I want to know for sure that idiot (be it democrat, republican, or reptilian) was elected properly and without interference from outside parties.
He's an AWS dev and he's actually using cloud9 (which is running a linux virtual machine) and doing his work through a web browser. It works, but it's meh.
I had a dev that used a chromebook for his aws work. It 'worked', but was way more difficult than using a macbook.
"How do you centralize update downloads and approval/deployment? I know you excepted it but that's not acceptable." - You buy enterprise or you use intune
"How do you publish or deploy applications based on group policy?" - GPO software deploy has existed for a long long time. On top of that there are other tools to meet this need that are better than GPO (SCCM, intune, 3rd party tools, etc) This is again no different than any other version of windows.
"Once manually deployed, how do you keep them that way and not get uninstalled during the next quarterly service pack update?" - Again, solved in the first two quite easily.
"How do you standardize a default start menu layout?" - See that link above "Are you pushing admin owned and locked folders to each desktop after the fact?" - Folders do not belong on a desktop. Why do people still do this? " How do users add their own panels and shortcuts to it then?" - The same way they did on literally every other version of windows.
Again with the exception of patch management without enterprise (which is annoying for small companies). Nothing about how you manage windows has changed. The only real difference is more powershell functionality to improve remote management. I manage thousands of endpoints for a living including OSX, Windows, and a few different varieties of linux. This kind of work is trivial in all instances.
I honestly don't have a problem with windows 10. In fact the powershell support has become so great that I'd say windows 10 (with the exception of updates without the enterprise version) is the easiest version of windows for a professional to manage. I also find it odd that IT staff would not be constantly learning and growing their skillset. I'd hope to god they are not managing windows by using RDP or visiting each machine. This is the realm of group policy, powershell, etc. Learn it or get relegated back down to level 1 help desk.
This is only true for as long as people believe it to be. If Trump can get elected that proves that a 3rd party candidate could as well. We just have to get enough facebook likes.
We didn't find much trouble in compliance. Sure we had to write a few policies and work out a procedure for exporting and deleting data from our systems. We did not spend even 25k in work to pull this off. It was fairly trivial for companies that don't make a product out of consumers.
Slashdot Mirror
As a IT worker. I'll pass. My pay is higher than my peers, because I could negotiate it. I have more vacation than many of my co-workers, because I could negotiate it. I got promoted 3 months into my new job, because I'm a strong hard worker who gets my job done. None of this would have been possible with a union. I've worked in a union before when I worked at a college. Wages were low (I got a 50k raise when I left), promotions were often seniority based rather than performance based, vacation was set based on experience, etc. A terrible way to live.
I'm sure it works great, but I don't want to have to point a device at my face to use it.
Face rec is the one thing holding me back. I've got a 7+ and I love it, but I won't be using a phone that uses my face to unlock. No fingerprint scanner and I'm looking at what other options I have. I just wish there was a phone option that has a fingerprint scanner and is not tied to the google ecosystem. I don't use google products.
auto backup of photos as I take them on my phone. Let's start there. I don't have to worry about syncing my phone when I get home to protect my vacation trip photos. I don't have to worry about dropping my phone off the boat and losing the days photos. I don't have to worry about how much storage I've got left. That's what google has.
I've been working to remove google completely from my life. Search was easy, email was easy, storage was easy. Photo/video apps is a bit harder.
Willful disobedience is a valid way to protest an unjust system.
The joke of this is that it actually inspired me to finally download all the roms for the systems I love. It's not like there is a legal way for me to download and play these games. Such a pointless waste.
I use VS Code from Microsoft. I love it. It's light weight enough to be useful without a lot of work and powerful enough to get my job done. I used it when I had a windows 10 notebook, I used it on my ubuntu Dell notebook, and I use it now in my new role with my macbook pro.
Encryption at rest means nothing if the actual mechanism to get to the data isn't secure.
I can encrypt everything at rest, but I could also forget to verify credentials on the system that has the rights to decrypt....
I disagree. The testing is no more complex than testing random patches in production. In fact once the pipeline is built it is easier as you know the exact same artifact you used for DEV/QA/ETC is what is going in production. Your second argument doesn't hold up for similar reasons. Immutable or not, you still need testing, qa, etc. You simply can't know for sure production looks just like QA without immutable architecture.
But it doesn't have to be that way. DevOps can still have least privilege and separation of duties. Pipelines can auto deploy to dev, push button to QA and require authorized users/quorums/etc to push to production. I know it's not done correctly everywhere, but we can say that about anything. I know a SaaS product that still has manual deploys to dev, QA, and prod done by hand. They do no security audits, their devs cowboy fix issues not caught in QA. Deployment know how is held by 2-3 people who are literally copying files and doing database updates by hand. It's scary shit.
First, you move to immutable infrastructure. Stop patching, start designing to replace. We have a time limit on all VMs and containers to ensure they are replaced regularly to comply with 'patching'. New images are consistent and tested. Patched instances are not. Sure not all systems can meet this, but any workload that fits a container should by default be immutable.
Some workloads will still require patching (active directory for example). Ideally though 80% of your systems are immutable, 10% are able to function as immutable with some careful work, and the last 10% get to be pets we spend all our time trying to euthanize and replace with farm animals.
We leverage devops for everything. If it can't be pipelined it can't be implemented. We even changed AV companies because of a lack of a API. Our image building pipeline even uses test cases to ensure the resulting images really meet the requirements.
We have the opposite. We have a dedicated security engineering team that works along side our engineering teams. We ensure that the security requirements are met and even pair program with the other engineers. I write code every day in my security engineering role. I build pipelines, I write scripts, build recommendations and requirements, and even sometimes get down in the day to day with helping engineering solve complex issues.
Lastly, my masters program included a secure software design course. It was terribly lacking.
We don't need a voters list. We can validate the ID. If the ID is unable to be validated as an official government ID we have bigger issues than voter fraud.
I will correct this for you as someone who is not a liberal nor a conservative.
1. Election days are national holidays.
2. The ID is 100% free
3. Getting the ID is registration to vote.
"I hate Hillary" is what I was trying to write. I take full responsibility for not proof reading.
I have Hillary and I did not vote for her. I think she was a terrible choice for president. I have seen no evidence of your claims. So if you are going to make claims like that you are going to need to provide real, audit-able, substantial proof. Otherwise I'm just going to believe you are talking out your ass.
Do you have to believe the election was stolen to want to secure it? It seems both sides agree our elections are in jeopardy and nobody wants to do anything about it.
What is wrong with doubling down on securing our election tools? We have ample proof that outside parties want to manipulate our elections. If they have or have not does not matter, we need to take steps to ensure that our elections are secure and safe. They are literally the most important part of our country. If they are compromised the US is compromised.
I could give a fuck who is president, but I want to know for sure that idiot (be it democrat, republican, or reptilian) was elected properly and without interference from outside parties.
He's an AWS dev and he's actually using cloud9 (which is running a linux virtual machine) and doing his work through a web browser. It works, but it's meh.
I had a dev that used a chromebook for his aws work. It 'worked', but was way more difficult than using a macbook.
"How do you centralize update downloads and approval/deployment?
I know you excepted it but that's not acceptable." - You buy enterprise or you use intune
"How do you publish or deploy applications based on group policy?" - GPO software deploy has existed for a long long time. On top of that there are other tools to meet this need that are better than GPO (SCCM, intune, 3rd party tools, etc) This is again no different than any other version of windows.
"Once manually deployed, how do you keep them that way and not get uninstalled during the next quarterly service pack update?" - Again, solved in the first two quite easily.
"How do you standardize or even create a default profile?" - https://docs.microsoft.com/en-...
"How do you standardize a default start menu layout?" - See that link above
"Are you pushing admin owned and locked folders to each desktop after the fact?" - Folders do not belong on a desktop. Why do people still do this?
" How do users add their own panels and shortcuts to it then?" - The same way they did on literally every other version of windows.
Again with the exception of patch management without enterprise (which is annoying for small companies). Nothing about how you manage windows has changed. The only real difference is more powershell functionality to improve remote management. I manage thousands of endpoints for a living including OSX, Windows, and a few different varieties of linux. This kind of work is trivial in all instances.
I honestly don't have a problem with windows 10. In fact the powershell support has become so great that I'd say windows 10 (with the exception of updates without the enterprise version) is the easiest version of windows for a professional to manage. I also find it odd that IT staff would not be constantly learning and growing their skillset. I'd hope to god they are not managing windows by using RDP or visiting each machine. This is the realm of group policy, powershell, etc. Learn it or get relegated back down to level 1 help desk.
This is only true for as long as people believe it to be. If Trump can get elected that proves that a 3rd party candidate could as well. We just have to get enough facebook likes.
We didn't find much trouble in compliance. Sure we had to write a few policies and work out a procedure for exporting and deleting data from our systems. We did not spend even 25k in work to pull this off. It was fairly trivial for companies that don't make a product out of consumers.
They already said they would delete all EU customer data before the GDPR deadline. So that's not really going to do anything.