How can this feature be added back in? I'd find it handy.
That's what always pisses me off about these morally outraged complainers, they project their own biases and don't give a crap that there are other people who find the feature useful.
Some years ago one of the dating sites (match.com?) added "obese" to their list of body types. Some people were all offended that fatties were going to be excluded from dating now that the site allowed them to be identified. These people apparently only considered the possibility that large people would be discriminated against. It never occurred to their prejudiced little minds that some people are interested in seeking bigger people to date.
That's certainly the feeling I'm getting. The startup I work for used to use Rackspace's dedicated hardware service. They were a pain to deal with and moved way too slowly when we needed something. It took them about a month(!) to get me a new VM and we experienced several network outages a year.
Then we got a bunch of AWS credits from one of our investors and moved everything over. What a breath of fresh air! We could build out new environments whenever we wanted instead of waiting for a third-party to work a ticket and we only pay for what we use. Rackspace eventually came out with their cloud service, but I don't know why you'd ever use them instead of Amazon's AWS or Google's Compute Cloud, or Microsoft's Azure.
There are not many uses where the cloud works, because of the security concerns, not just security of keeping eyes away but security of keeping the data intact.
And yet people are using cloud services, like AWS, to build HIPAA compliant applications. The security concerns are not that much different than an on-premises deployment. AWS even offers a GovCloud these days.
If your processes depend on humans never making a mistake, then they are doomed to failure!
Humans are not infallible beings, they will make mistakes. Your processes need to anticipate those mistakes and be able to recover gracefully from them.
If you've got ten operations employees and ten developers, an you replace them with eight people doing the same work, then that's DevOps.
Ummm, no? I'm the DevOps lead at my company, but we still have an entire staff of developers.
Devops is supposed to be a group that has experience with both production operations and development. You're supposed to involve them in the development process early so they can keep the developers from doing dumb things from an operational point of view and painting themselves into a corner.
I spend my time deploying new infrastructure, managing the monitoring, alerting and metrics collection systems and doing software releases. I also have to educate developers about how to use tools/services properly. I have noticed that people without production experience tend not to be so detail oriented, especially developers with no admin experience. They will totally trash your environments if you let them.
I'm posting this late and no one will probably see it, but I'm wondering how many of you are doing egress filtering on your networks?
I have noticed that a lot of places use a default policy of passing all traffic out, but that's not very wise. I assume it's done for the sake of convenience to avoid support calls from people who can't write firewall rules. I would highly recommend not allowing any traffic out unless it's absolutely necessary and has been filtered. A lot of places pass HTTP/HTTPS traffic directly to the Internet so you can get software updates, but you should probably be using proxies that only allow whitelisted sites to be contacted. Better yet is to deploy new servers instead of patching live ones and give them no outside access.
If someone does manage to get shell access on your host, then your egress filtering should prevent them from opening a remote shell using something like nc. Yeah, they can still trash the internal network, but it's going to be a major PITA without an interactive shell.
Regarding the NSA contractor, it sounds like Kaspersky AV was working as designed. It detected the malware the contractor was working on and sent the file back to Kaspersky Labs for analysis. It sounds to me like the NSA's security policy needs some work if a contractor can download classified files to a non-secure computer.
Now as far as Kaspersky AV scanning for classified documents, that's certainly plausible but where's the evidence? Not running the software on sensitive computers sounds like good policy, but there's a lot of software that shouldn't be run on those types of systems. That being said, how do we know all foreign made computers themselves haven't been compromised at the factory?
Meh. I took a job at a web startup in 1996 while I was a sophomore studying computer science in the College of Engineering. I learned way more from that job than I did from my course work. I was the sysadmin, web master, DBA and application developer for that company. I learned Perl, how to admin an Irix server, DNS (named), Apache httpd and MySQL.
I did learn quite a bit from my classes, I really enjoyed my technical electives in computer architecture and operating systems, but you're only learning maybe 25% of what you really need to know in order to work independently in industry. Then you've got all that time wasted on general education requirements; things that you should have learned in high school.
I ended up dropping out of my college program when I did a graduation check and found I had a deficiency. I already had a job and was fed up with school at that point, so I just said to hell with the degree and went on with my life. You know what I discovered? No one (except large, rigid corporations) gives a shit about your degree, they only care about what you can bring to the table.
Agreed. Just use a proper hardware or virtual MFA device.
Codes sent via SMS don't really count as a second factor (it's another "something you know" like your username and password and not a "something you have") and they can be captured during transmission. NIST has been recommending against them since July of 2016.
FaceID is also going to work great for government agents trying to get access to your device. Now all they have to do is have you look at the phone. It's just as bad as the fingerprint reader is as far as legally compelled unlocking goes (at least in the U.S.).
I get that FaceID is really for the people who wander around with their phones totally unlocked, but lets not pretend it's a secure way to protect your device. You also open yourself up to being remotely surveilled by not blocking the forward-facing camera. Just keep it simple and use a long password that can't be guessed.
I just got back $117,000 (25th percentile) to $169,000 (75th) for a United States based DevOps/SysAdmin role with a BA/BS and 20+ years experience. Additional keywords were: C, Java, Perl, Python and AWS.
The low and high salaries shown seem a bit high for the Chicago market, but not by that much. The key is to avoid the companies that think they can low-ball offers for talented people and important roles. I'm sure there's lots of places throwing out offers from $70,000 to $90,000 and think they don't need to pay any more than that.
I would recommend people consider some contract work in order to get a good idea what salary your local market supports. The agency recruiters should be able to negotiate way better than you can initially. Once you have a contract in hand, then you have a much better idea what a company is willing to pay. Remember to add in the recruiter's percentage when determining your real billing rate. You do need to remember to factor in the costs of things like benefits and taxes paid by your employer when negotiating, but I would start by asking for the hourly rate I had times 2,000 hours of work in a year and go from there.
You can get a $15 dollar plan with unlimited cellular voice and texting through Republic Wireless. If you want cellular data as well, add $5 for a GB/month. They let you bring your own device, so you can use one of the cheaper Android phones.
Selling bags of pre-crushed fruit and vegetable juice is great if they can do it efficiently and cheaply, there was no reason to tack on some $400 machine to remove the juice from the bag.
Doesn't bottled juice already solve this problem? One of the people involved with Juicero was even from Bolthouse Farms.
Bitcoin is backed only by demand for Bitcoin, and therefore can drop to absolute worthlessness on a whim, versus a complete collapse of governing authority.
People keep saying that, but here we are in 2017 and BTC is trading at more than $4,000 USD.
Back during the Cuban Missile Crisis President Kennedy put forward the U-2 photos showing the missile sites. He didn't hide behind the whole sources and methods thing.
If someone's not willing to present their evidence, then you probably shouldn't trust them unless they have demonstrated they can be trusted. The three letter agencies have all demonstrated they cannot be trusted.
Family? What family? I'm just over 40 and I'm finally feeling like a success both personally and professionally. I have pursued my interests, have developed my technical skills and have invested in my future. The only problem is that I have spent all of my time working on improving myself and almost no time on relationships with the opposite sex.
Now I'm faced with potentially having no heir to all the wealth I will have accumulated. I never imagined it would be as difficult to meet people at my age as it is; I guess it was a bit foolish to have expected the college life to last forever.
That's why I switched to doing Admin/DevOps. I got tired of working on the same stupid projects long-term as a software developer.
I already had a diverse background from working for smaller companies where I was doing sysadmin and DBA work in addition to software development, so I eventually made the switch away from the development team completely. Now I'm at a startup handling all of the infrastructure build-out, monitoring and support needed to support the development team. I find it much more interesting to have a variety of tasks to work on each day instead of just cranking out more code in the same language I've been using for years.
Slashdot Mirror
How can this feature be added back in? I'd find it handy.
That's what always pisses me off about these morally outraged complainers, they project their own biases and don't give a crap that there are other people who find the feature useful.
Some years ago one of the dating sites (match.com?) added "obese" to their list of body types. Some people were all offended that fatties were going to be excluded from dating now that the site allowed them to be identified. These people apparently only considered the possibility that large people would be discriminated against. It never occurred to their prejudiced little minds that some people are interested in seeking bigger people to date.
That's certainly the feeling I'm getting. The startup I work for used to use Rackspace's dedicated hardware service. They were a pain to deal with and moved way too slowly when we needed something. It took them about a month(!) to get me a new VM and we experienced several network outages a year.
Then we got a bunch of AWS credits from one of our investors and moved everything over. What a breath of fresh air! We could build out new environments whenever we wanted instead of waiting for a third-party to work a ticket and we only pay for what we use. Rackspace eventually came out with their cloud service, but I don't know why you'd ever use them instead of Amazon's AWS or Google's Compute Cloud, or Microsoft's Azure.
There are not many uses where the cloud works, because of the security concerns, not just security of keeping eyes away but security of keeping the data intact.
And yet people are using cloud services, like AWS, to build HIPAA compliant applications. The security concerns are not that much different than an on-premises deployment. AWS even offers a GovCloud these days.
If your processes depend on humans never making a mistake, then they are doomed to failure!
Humans are not infallible beings, they will make mistakes. Your processes need to anticipate those mistakes and be able to recover gracefully from them.
If you've got ten operations employees and ten developers, an you replace them with eight people doing the same work, then that's DevOps.
Ummm, no? I'm the DevOps lead at my company, but we still have an entire staff of developers.
Devops is supposed to be a group that has experience with both production operations and development. You're supposed to involve them in the development process early so they can keep the developers from doing dumb things from an operational point of view and painting themselves into a corner.
I spend my time deploying new infrastructure, managing the monitoring, alerting and metrics collection systems and doing software releases. I also have to educate developers about how to use tools/services properly. I have noticed that people without production experience tend not to be so detail oriented, especially developers with no admin experience. They will totally trash your environments if you let them.
I'm posting this late and no one will probably see it, but I'm wondering how many of you are doing egress filtering on your networks?
I have noticed that a lot of places use a default policy of passing all traffic out, but that's not very wise. I assume it's done for the sake of convenience to avoid support calls from people who can't write firewall rules. I would highly recommend not allowing any traffic out unless it's absolutely necessary and has been filtered. A lot of places pass HTTP/HTTPS traffic directly to the Internet so you can get software updates, but you should probably be using proxies that only allow whitelisted sites to be contacted. Better yet is to deploy new servers instead of patching live ones and give them no outside access.
If someone does manage to get shell access on your host, then your egress filtering should prevent them from opening a remote shell using something like nc. Yeah, they can still trash the internal network, but it's going to be a major PITA without an interactive shell.
Regarding the NSA contractor, it sounds like Kaspersky AV was working as designed. It detected the malware the contractor was working on and sent the file back to Kaspersky Labs for analysis. It sounds to me like the NSA's security policy needs some work if a contractor can download classified files to a non-secure computer.
Now as far as Kaspersky AV scanning for classified documents, that's certainly plausible but where's the evidence? Not running the software on sensitive computers sounds like good policy, but there's a lot of software that shouldn't be run on those types of systems. That being said, how do we know all foreign made computers themselves haven't been compromised at the factory?
Meh. I took a job at a web startup in 1996 while I was a sophomore studying computer science in the College of Engineering. I learned way more from that job than I did from my course work. I was the sysadmin, web master, DBA and application developer for that company. I learned Perl, how to admin an Irix server, DNS (named), Apache httpd and MySQL.
I did learn quite a bit from my classes, I really enjoyed my technical electives in computer architecture and operating systems, but you're only learning maybe 25% of what you really need to know in order to work independently in industry. Then you've got all that time wasted on general education requirements; things that you should have learned in high school.
I ended up dropping out of my college program when I did a graduation check and found I had a deficiency. I already had a job and was fed up with school at that point, so I just said to hell with the degree and went on with my life. You know what I discovered? No one (except large, rigid corporations) gives a shit about your degree, they only care about what you can bring to the table.
...and Obama sent money to an NGO to interfere in Israel's election in order to hurt Benjamin Netanyahu.
Agreed. Just use a proper hardware or virtual MFA device.
Codes sent via SMS don't really count as a second factor (it's another "something you know" like your username and password and not a "something you have") and they can be captured during transmission. NIST has been recommending against them since July of 2016.
FaceID is also going to work great for government agents trying to get access to your device. Now all they have to do is have you look at the phone. It's just as bad as the fingerprint reader is as far as legally compelled unlocking goes (at least in the U.S.).
I get that FaceID is really for the people who wander around with their phones totally unlocked, but lets not pretend it's a secure way to protect your device. You also open yourself up to being remotely surveilled by not blocking the forward-facing camera. Just keep it simple and use a long password that can't be guessed.
How is that fusion drive any better than just having a smaller, primary SSD and a large secondary spinning platter disk?
I just got back $117,000 (25th percentile) to $169,000 (75th) for a United States based DevOps/SysAdmin role with a BA/BS and 20+ years experience. Additional keywords were: C, Java, Perl, Python and AWS.
The low and high salaries shown seem a bit high for the Chicago market, but not by that much. The key is to avoid the companies that think they can low-ball offers for talented people and important roles. I'm sure there's lots of places throwing out offers from $70,000 to $90,000 and think they don't need to pay any more than that.
I would recommend people consider some contract work in order to get a good idea what salary your local market supports. The agency recruiters should be able to negotiate way better than you can initially. Once you have a contract in hand, then you have a much better idea what a company is willing to pay. Remember to add in the recruiter's percentage when determining your real billing rate. You do need to remember to factor in the costs of things like benefits and taxes paid by your employer when negotiating, but I would start by asking for the hourly rate I had times 2,000 hours of work in a year and go from there.
You can get a $15 dollar plan with unlimited cellular voice and texting through Republic Wireless. If you want cellular data as well, add $5 for a GB/month. They let you bring your own device, so you can use one of the cheaper Android phones.
Selling bags of pre-crushed fruit and vegetable juice is great if they can do it efficiently and cheaply, there was no reason to tack on some $400 machine to remove the juice from the bag.
Doesn't bottled juice already solve this problem? One of the people involved with Juicero was even from Bolthouse Farms.
Who calculates the capital gains taxes on all of those transactions?
That point becomes irrelevant very quickly when you realize that most people make far more transactions in the $9 range than the $9M range.
Then they should be using LTC for those transactions and not BTC.
Bitcoin is backed only by demand for Bitcoin, and therefore can drop to absolute worthlessness on a whim, versus a complete collapse of governing authority.
People keep saying that, but here we are in 2017 and BTC is trading at more than $4,000 USD.
My employer's payroll company allows employees to be paid out in BTC. Many Europeans can get paid in BTC by using Bitwage.
Overstock, Expedia, NewEgg and Dish accept BTC payments.
If you're sending money overseas, BTC will get there faster and at a lower cost.
Back during the Cuban Missile Crisis President Kennedy put forward the U-2 photos showing the missile sites. He didn't hide behind the whole sources and methods thing.
If someone's not willing to present their evidence, then you probably shouldn't trust them unless they have demonstrated they can be trusted. The three letter agencies have all demonstrated they cannot be trusted.
So don't buy a damn DJI quadcopter if you don't like their restrictions!
DJI is doing this for liability reasons and I have absolutely no problem with it as the owner of a Mavic Pro.
If you don't like it, go buy your gear somewhere else.
You're right, it's better for DJI to refuse to include these features so agencies like the FAA can just ban amateur quadcopter pilots outright.
Family? What family? I'm just over 40 and I'm finally feeling like a success both personally and professionally. I have pursued my interests, have developed my technical skills and have invested in my future. The only problem is that I have spent all of my time working on improving myself and almost no time on relationships with the opposite sex.
Now I'm faced with potentially having no heir to all the wealth I will have accumulated. I never imagined it would be as difficult to meet people at my age as it is; I guess it was a bit foolish to have expected the college life to last forever.
That's why I switched to doing Admin/DevOps. I got tired of working on the same stupid projects long-term as a software developer.
I already had a diverse background from working for smaller companies where I was doing sysadmin and DBA work in addition to software development, so I eventually made the switch away from the development team completely. Now I'm at a startup handling all of the infrastructure build-out, monitoring and support needed to support the development team. I find it much more interesting to have a variety of tasks to work on each day instead of just cranking out more code in the same language I've been using for years.