I have been saying this for over a decade at this point. The only reason that I have been able to achieve the level of success that I have in my career is because I have been fortunate enough to have had good teachers (bosses) who were willing to pass along their knowledge in the form of on the job training. Being successful in IT requires continually learning and developing skills and abilities. It also requires humility and being willing to learn from, and work with others. There is too much for any one person to know. You can easily get lost in a single segment of IT, be it networking, servers, programming or even project management.
Agreed. I remember it being pretty common knowledge that "Captain Crunch likes little boys" as far back LA 2600 meets in the early to mid-1990s.
That does not make it okay. But this whole "surprise" is not exactly a surprise to anybody who has been around the guy, or involved in the computer underground for any length of time.
The cloud is great for new organizations that not already heavily invested in Windows.
The cloud is great for brand new applications that are written to run there from scratch.
I worked with a couple of different city governments here in America. They have a whole slew of applications that while not all that complex, are Windows only. Applications like permit systems and rec center scheduling tools.
The in house tools do not even scratch the surface of the challenges that come from dealing with a public who is 80%+ Windows based. Even if Munich created all of their forms in some sort of interoperable format like RTF or whatever, they are still going to have to deal with the end users who save them as DOCX. Then there is all of the back and forth and wasted time of explaining to some general contractor, or other lay person why Linux is better than Windows, and why they have to go back and do some "arcane computer voodoo" to get their form back into the "right" format.
Windows is about the ecosystem, not just the OS. Microsoft and everyone who developed every LOB application imaginable in.Net has an insurmountable lead at this point. For the majority of people who use computers to work, but are not IT people, computers = Windows.
Kudos to Munich for spending 15 years learning this lesson the hard way. If any project was going to work, it would have been this one.
Encryption at rest happens on the storage hardware itself. It is there to protect against someone stealing physical drives out of the storage array and reading data off of them. It does not have any affect on the performance of the applications running on top of the storage array.
What you are thinking about that causes a performance hit is database level encryption. For example, newer versions of MSSQL server (at least 2012+) will allow encryption on individual databases, tables and even specific columns. (I am only familiar with MSSQL. I cannot speak to Oracle or others.) While there is a performance hit, your characterization of it as *huge* is a bit dramatic. (https://sqlperformance.com/2015/08/sql-server-2016/perf-impact-always-encrypted)
Somewhat on topic here, the fact that Equifax's data was not encrypted at rest and in the database is beyond belief. My company works with the largest financial institution in the world. They have been doing regular yearly audits of our infrastructure for nearly a decade. Encryption has been on the audit checklist forever and we have been running it since 2012.
The only thing that sucks about encrypted databases from an operational point of view is backing them up. Most enterprise backup systems use some sort of compression and deduplication. As do SANs. Encrypted data does not de-dupe worth a damn. So it is very expensive from a CapEx perspective. But this is Equifax we are talking about. They have all the money in the world, more or less. A couple tens of million dollars for enterprise grade storage and backup is nothing to them.
While I cannot speak for entire generations, I can speak for myself.
In 2003-2004 when I noticed home prices in my neighborhood going through the roof, I started thinking that I should start saving up for a down payment. Around 2005-2006 when people started taking out all sorts of ARMs because they want to get into the "house flipping game", I started questioning whether or not the skyrocketing house valuations were sustainable. After doing some research, I decided to sit on the sidelines.
You beat me to it. Anybody who finds a vulnerability in a widely used app like that is going to way more than $1000 exploiting it on their own for fun and profit.
So PornHub has the "AI" trained to recognize the sex positions. Google and Amazon have the cameras in the bedrooms (and other parts of "private" residences).
What could possibly go wrong?
America's most anally active zip code?
Which neighborhood in America is best for 3-somes?
Is missionary/really/ the most common position in America?
The corporations have their way with Washington every legislative session. It does not matter who sits in the White House, or which party holds the majority of seats in either chamber of Congress.
It seems to me like the CIA has been influencing elections around the world for decades. What is with all the NIMBYism all of a sudden?
And on a related subject, where is all the outrage about Palantir and Cambridge Analytica influencing elections via Social Media?
And on another related subject, does anyone really believe that elections in America are anything more than reality TV-esque "news" programs designed to present the illusion of control to an electorate that is bought and paid for by corporations?
Edge is getting the job done. Firefox is an option. I was an avid Firefox user before I used Chrome. Maybe I am naïve, but I think Microsoft has a stronger security team than Mozilla does.
I know that you are being sarcastic / trolling here. But Brad Smith at Microsoft has pushed back on government overreach very publicly over the last few years. No company is perfect. Having said that, I/know/ that Google is selling my data to advertisers and profiting off of my browsing behavior. I don't/know/ that Microsoft is doing that (unless I use Bing, which I don't).
I don't think it matters, but I'm also using Win10 Enterprise from a work ISO. Not the free upgrade version that they pushed out to everyone and their mom.
One browser is the same as any other these days. As other commenters have pointed out, they all have their security flaws. At this point all I care about is making it harder for Google to maintain the profile that they have built on me.
As for Win10 and being tracked, it doesn't matter anymore. Have any of you guys been paying attention? The NSA has pwnt the entire internet. All of our metadatas are belongs to them. They already know who we are talking to and when we are talking to them. Whether it is via SMS, email, Facebook or face to face. The GPS in the phone is geotagged and cross referenced to everything else.
If you are up to anti-government activities or associated with those who are, you are already on the list and are being actively monitored. And the list of "anti-government" activities is growing every day. The Feds even want records on who "liked" the Facebook page about the J20 inauguration day protest. (As if they don't already know. They are just building the case to prosecute anyone even tangentially involved, or at least threaten them with prosecution.)
It doesn't matter if you're running Linux, Windows or your own home brew OS that you wrote in pure assembly. It doesn't matter if you are running Chrome, Firefox, Edge, Ice Weasel or Lynx. As soon as those packets leave your NIC, it's game over.
I forget which one of the first five Defcon's it was, but I remember sitting in on a presentation where the presenter laid out where all the undersea cables terminate and made the case that it would be pretty easy to destroy them. Keep in mind this was about 20 years ago, so they likely have additional connection points. Or maybe not.
We are currently working with 21ViaNet, the Microsoft Azure partner in mainland China. They will not even allow us to setup a site-to-site VPN from our Azure instance back to our office in the US. I take that back. They will allow it, but they "strongly" recommend against it. They say that they will not be able to guarantee connectivity or SLAs due to the Great Firewall.
We have to use their "managed VPN service" instead. I am sure that it is Great Firewall compliant, complete with MitM capabilities. We do not even want to transfer data out of the country. We are just using it for administration, monitoring and maintenance.
My career started in a similar manner back in the mid-1990s. When I graduated from high school and started community college, my experience with computers and networking was limited to the skills I developed at home with my PC, and a couple of ROP classes that I took through high school on Novell. When I started college, I was able to leverage those skills and knowledge to get a part time job doing IT support.
Twenty years later, I'm an IT architect helping to set strategic direction for a publicly traded firm with nearly 5000 employees. There was obviously a lot of hard work between then and now, but I never got a college degree. I was able to pick up all of the skills that I needed from my employers and by continuing my own education. (Thank you O'Reilly!).
It's only now that I am nearing the Director level that my lack of a college degree is looking like it might be an obstacle to further career growth. Having said that, I'm making nearly $200,000 a year. If my career and salary plateaus here, it is not the end of the world. I am making enough to pay the mortgage and give my kids a solid foundation.
I am going to the place where you realize that your position of "things being worth what people will pay for them" is flawed.
The only reason that works on the internet is because there are too many people doing it, and not enough enforcement to prevent them from doing it. People are inherently selfish. Look at any toddler and you will know the truth of that. Through socialization, we form a society with some rules and structures.
I used the grocery store as an analogy because it is something that everyone can relate to. There are plenty of people out there who, absent penalties and punishment, would steal their food every day. Just because people are willing to steal, does not make what they are stealing worthless.
You seem like the kind of person who never really created anything unique. If you had, you would not be making the inane arguments that you are. You probably have never had any valuable skills that people were willing to you to teach them either. If you do, you would understand that your time is valuable.
Once you are a creator. Once you have developed your own skills to the point where you can do things that few others can, and you have people coming to you wanting you to teach them... you might start to understand why it sucks to get ripped off. Why it sucks to have other people profit from your time and your labor without compensating you for them.
Google is profiting from content that they are not paying the market rate for. That is theft. You can talk all day about how broken copyright is, and how a digital copy of something does not have any value, but all that does is excuse Google for acting like a bunch of scum bags. If all that content that Google is putting up on YouTube is worthless, they should take it down.
If Google was looking out for the artists, they would subtract the cost of running the infrastructure from the ad revenue, keep 5-10% for themselves, and pass the rest along to the artist. That would be a fair deal. 5-10% profit after costs is a killer deal on something that you paid next to nothing to procure and absolutely nothing to produce.
If they wanted to make a point, they could cut ASCAP out completely and send the checks directly to the artists themselves. Let ASCAP go after the artists and make ASCAP enforce the contracts with the artists to get their vig. That would be a real fuck you to the recording industry, while still respecting the content producers.
But they are never going to do anything like that. They are going to end up spending tens if not hundreds of millions in legal costs to protect their YouTube ad revenue. They will settle for pennies on the dollar. ASCAP will take 50%+ of those pennies. The artists will continue to get screwed.
Slashdot Mirror
I have been saying this for over a decade at this point. The only reason that I have been able to achieve the level of success that I have in my career is because I have been fortunate enough to have had good teachers (bosses) who were willing to pass along their knowledge in the form of on the job training. Being successful in IT requires continually learning and developing skills and abilities. It also requires humility and being willing to learn from, and work with others. There is too much for any one person to know. You can easily get lost in a single segment of IT, be it networking, servers, programming or even project management.
Agreed. I remember it being pretty common knowledge that "Captain Crunch likes little boys" as far back LA 2600 meets in the early to mid-1990s.
That does not make it okay. But this whole "surprise" is not exactly a surprise to anybody who has been around the guy, or involved in the computer underground for any length of time.
We will see how that goes.
The cloud is great for new organizations that not already heavily invested in Windows.
The cloud is great for brand new applications that are written to run there from scratch.
I worked with a couple of different city governments here in America. They have a whole slew of applications that while not all that complex, are Windows only. Applications like permit systems and rec center scheduling tools.
The in house tools do not even scratch the surface of the challenges that come from dealing with a public who is 80%+ Windows based. Even if Munich created all of their forms in some sort of interoperable format like RTF or whatever, they are still going to have to deal with the end users who save them as DOCX. Then there is all of the back and forth and wasted time of explaining to some general contractor, or other lay person why Linux is better than Windows, and why they have to go back and do some "arcane computer voodoo" to get their form back into the "right" format.
Windows is about the ecosystem, not just the OS. Microsoft and everyone who developed every LOB application imaginable in .Net has an insurmountable lead at this point. For the majority of people who use computers to work, but are not IT people, computers = Windows.
Kudos to Munich for spending 15 years learning this lesson the hard way. If any project was going to work, it would have been this one.
Encryption at rest happens on the storage hardware itself. It is there to protect against someone stealing physical drives out of the storage array and reading data off of them. It does not have any affect on the performance of the applications running on top of the storage array.
What you are thinking about that causes a performance hit is database level encryption. For example, newer versions of MSSQL server (at least 2012+) will allow encryption on individual databases, tables and even specific columns. (I am only familiar with MSSQL. I cannot speak to Oracle or others.) While there is a performance hit, your characterization of it as *huge* is a bit dramatic. (https://sqlperformance.com/2015/08/sql-server-2016/perf-impact-always-encrypted)
Somewhat on topic here, the fact that Equifax's data was not encrypted at rest and in the database is beyond belief. My company works with the largest financial institution in the world. They have been doing regular yearly audits of our infrastructure for nearly a decade. Encryption has been on the audit checklist forever and we have been running it since 2012.
The only thing that sucks about encrypted databases from an operational point of view is backing them up. Most enterprise backup systems use some sort of compression and deduplication. As do SANs. Encrypted data does not de-dupe worth a damn. So it is very expensive from a CapEx perspective. But this is Equifax we are talking about. They have all the money in the world, more or less. A couple tens of million dollars for enterprise grade storage and backup is nothing to them.
While I cannot speak for entire generations, I can speak for myself.
In 2003-2004 when I noticed home prices in my neighborhood going through the roof, I started thinking that I should start saving up for a down payment. Around 2005-2006 when people started taking out all sorts of ARMs because they want to get into the "house flipping game", I started questioning whether or not the skyrocketing house valuations were sustainable. After doing some research, I decided to sit on the sidelines.
And what do you know? *pop* went the bubble.
YMMV
100% of millennials have never been personally affected by a commodity bubble bursting.
Sometimes people have to learn lessons the hard way.
You beat me to it. Anybody who finds a vulnerability in a widely used app like that is going to way more than $1000 exploiting it on their own for fun and profit.
So PornHub has the "AI" trained to recognize the sex positions. Google and Amazon have the cameras in the bedrooms (and other parts of "private" residences).
What could possibly go wrong?
America's most anally active zip code?
Which neighborhood in America is best for 3-somes?
Is missionary /really/ the most common position in America?
The corporations have their way with Washington every legislative session. It does not matter who sits in the White House, or which party holds the majority of seats in either chamber of Congress.
I did not mention either candidate in my post.
It seems to me like the CIA has been influencing elections around the world for decades. What is with all the NIMBYism all of a sudden?
And on a related subject, where is all the outrage about Palantir and Cambridge Analytica influencing elections via Social Media?
And on another related subject, does anyone really believe that elections in America are anything more than reality TV-esque "news" programs designed to present the illusion of control to an electorate that is bought and paid for by corporations?
Edge is getting the job done. Firefox is an option. I was an avid Firefox user before I used Chrome. Maybe I am naïve, but I think Microsoft has a stronger security team than Mozilla does.
I know that you are being sarcastic / trolling here. But Brad Smith at Microsoft has pushed back on government overreach very publicly over the last few years. No company is perfect. Having said that, I /know/ that Google is selling my data to advertisers and profiting off of my browsing behavior. I don't /know/ that Microsoft is doing that (unless I use Bing, which I don't).
I don't think it matters, but I'm also using Win10 Enterprise from a work ISO. Not the free upgrade version that they pushed out to everyone and their mom.
I guess I'm just an idiot then. An idiot who found all of the extensions that I needed for Edge.
One browser is the same as any other these days. As other commenters have pointed out, they all have their security flaws. At this point all I care about is making it harder for Google to maintain the profile that they have built on me.
As for Win10 and being tracked, it doesn't matter anymore. Have any of you guys been paying attention? The NSA has pwnt the entire internet. All of our metadatas are belongs to them. They already know who we are talking to and when we are talking to them. Whether it is via SMS, email, Facebook or face to face. The GPS in the phone is geotagged and cross referenced to everything else.
If you are up to anti-government activities or associated with those who are, you are already on the list and are being actively monitored. And the list of "anti-government" activities is growing every day. The Feds even want records on who "liked" the Facebook page about the J20 inauguration day protest. (As if they don't already know. They are just building the case to prosecute anyone even tangentially involved, or at least threaten them with prosecution.)
It doesn't matter if you're running Linux, Windows or your own home brew OS that you wrote in pure assembly. It doesn't matter if you are running Chrome, Firefox, Edge, Ice Weasel or Lynx. As soon as those packets leave your NIC, it's game over.
Hate to break it to you, but I'm not a shill. I have a feeling that we've had this discussion before.
I guess not going along with group think is enough to be labeled a shill these days.
I recently switched to Edge from Chrome because I am doing everything I can to step away from Google.
The only Chrome extension that I use that was not available in Edge is Privacy Badger. I went with Ghostery instead.
Other than that, they had everything else I use. LastPass. Adblock Plus. etc.
I forget which one of the first five Defcon's it was, but I remember sitting in on a presentation where the presenter laid out where all the undersea cables terminate and made the case that it would be pretty easy to destroy them. Keep in mind this was about 20 years ago, so they likely have additional connection points. Or maybe not.
I wonder if the NSA has tapped it yet.
We are currently working with 21ViaNet, the Microsoft Azure partner in mainland China. They will not even allow us to setup a site-to-site VPN from our Azure instance back to our office in the US. I take that back. They will allow it, but they "strongly" recommend against it. They say that they will not be able to guarantee connectivity or SLAs due to the Great Firewall.
We have to use their "managed VPN service" instead. I am sure that it is Great Firewall compliant, complete with MitM capabilities. We do not even want to transfer data out of the country. We are just using it for administration, monitoring and maintenance.
In a random twist, I am actually watching this season of GoT via DVR with the wife in the living room, on a real television.
I posted a survey on my favorite torrent site to see if anyone there has received ISP notices. So far, no response.
How about you folks out there in /. land? Anybody received any notices for torrenting GoT?
Thank you for this recommendation!
My career started in a similar manner back in the mid-1990s. When I graduated from high school and started community college, my experience with computers and networking was limited to the skills I developed at home with my PC, and a couple of ROP classes that I took through high school on Novell. When I started college, I was able to leverage those skills and knowledge to get a part time job doing IT support.
Twenty years later, I'm an IT architect helping to set strategic direction for a publicly traded firm with nearly 5000 employees. There was obviously a lot of hard work between then and now, but I never got a college degree. I was able to pick up all of the skills that I needed from my employers and by continuing my own education. (Thank you O'Reilly!).
It's only now that I am nearing the Director level that my lack of a college degree is looking like it might be an obstacle to further career growth. Having said that, I'm making nearly $200,000 a year. If my career and salary plateaus here, it is not the end of the world. I am making enough to pay the mortgage and give my kids a solid foundation.
I am going to the place where you realize that your position of "things being worth what people will pay for them" is flawed.
The only reason that works on the internet is because there are too many people doing it, and not enough enforcement to prevent them from doing it. People are inherently selfish. Look at any toddler and you will know the truth of that. Through socialization, we form a society with some rules and structures.
I used the grocery store as an analogy because it is something that everyone can relate to. There are plenty of people out there who, absent penalties and punishment, would steal their food every day. Just because people are willing to steal, does not make what they are stealing worthless.
You seem like the kind of person who never really created anything unique. If you had, you would not be making the inane arguments that you are. You probably have never had any valuable skills that people were willing to you to teach them either. If you do, you would understand that your time is valuable.
Once you are a creator. Once you have developed your own skills to the point where you can do things that few others can, and you have people coming to you wanting you to teach them... you might start to understand why it sucks to get ripped off. Why it sucks to have other people profit from your time and your labor without compensating you for them.
Google is profiting from content that they are not paying the market rate for. That is theft. You can talk all day about how broken copyright is, and how a digital copy of something does not have any value, but all that does is excuse Google for acting like a bunch of scum bags. If all that content that Google is putting up on YouTube is worthless, they should take it down.
If Google was looking out for the artists, they would subtract the cost of running the infrastructure from the ad revenue, keep 5-10% for themselves, and pass the rest along to the artist. That would be a fair deal. 5-10% profit after costs is a killer deal on something that you paid next to nothing to procure and absolutely nothing to produce.
If they wanted to make a point, they could cut ASCAP out completely and send the checks directly to the artists themselves. Let ASCAP go after the artists and make ASCAP enforce the contracts with the artists to get their vig. That would be a real fuck you to the recording industry, while still respecting the content producers.
But they are never going to do anything like that. They are going to end up spending tens if not hundreds of millions in legal costs to protect their YouTube ad revenue. They will settle for pennies on the dollar. ASCAP will take 50%+ of those pennies. The artists will continue to get screwed.