Re: No relation
Remember these same commentards said Joe was "Sharp as a tack", and that any speculation about his lack of mental acuity was a "conspiracy theory". Geniuses these clowns are I tell ya.
231 publicly visible posts • joined 18 Mar 2011
Huh? I've been running various OpenBSD versions on various KVM versions for years, both in KVM-based clouds, as well as a guest on my own private plain-old CentOS 7.9 server as daily driver at work. What issue are you seeing with installing recent OpenBSD versions on KVM?
This guy is talking about something he knows nothing about. Not surprising given he's a sec company CEO. United Health only *recently* acquired Change and had not at all come close to integrating Change's networks with UNH's, which is why the impact was limited to Change Healthcare's network only, where yes, they did not use MFA for a lot of their internal systems (and still don't). However, UNH themselves has MFA across the board, and is heads-and-shoulders above their peers with regards to operational security.
28 dependencies you say? Sounds like you're using a system guided by a fool's philosophy (as you almost allude to) the symptom of one is including systemd by default. You keep deflecting from this fact, but the truth is, people with years of security research experience have been sounding the alarm on systemd for a better part of a decade...and here we are.
Here's what sshd is supposed to look like on any sane OS:
$ sudo ldd $(which sshd)
/usr/sbin/sshd:
Start End Type Open Ref GrpRef Name
000007a716e25000 000007a716f21000 exe 1 0 0 /usr/sbin/sshd
000007a9a3c39000 000007a9a3e73000 rlib 0 1 0 /usr/lib/libcrypto.so.52.0
000007a99f989000 000007a99f9a1000 rlib 0 1 0 /usr/lib/libutil.so.17.0
000007a928576000 000007a928595000 rlib 0 1 0 /usr/lib/libz.so.7.0
000007a97b991000 000007a97ba8a000 rlib 0 1 0 /usr/lib/libc.so.97.1
000007aa15be8000 000007aa15be8000 ld.so 0 1 0 /usr/libexec/ld.so
Not quite: Change Healthcare is not a health insurer. The health insurer that owns them as of a couple of years ago, actually has its shit together with regards to security and network design. Change Healthcare itself is a Healthcare Tech services provider...the techies that should've known better, didn't. The whole place is a shitshow, but for sure their systems are a mess.
Yes, just *IMAGINE* if any other legacy car company's CEO had kept it business as usual while customers' ability to steer was completely impeded!...oh wait, this has literally happened to every car manufacturer on the planet. You complain about "MONTHS"...how about Toyota's latest that went on over a decade: https://static.nhtsa.gov/odi/rcl/2021/RCMN-21E103-0897.pdf
Only took Toyota 15 years to file a recall for this one. Good job guys! I wish this was the only power-steering recall for Toyota cars recently, but sadly, it is not.
This one's up there with the hitting-brakes-causes-car-to-accelerate bug Toyota had, which killed many many people, or the faulty-airbag-deployment-can-kill-you issue. No idea why the ignorant keep claiming that Toyota remains the highest quality car manufacturer, but there ya go. I personally prefer horse/ox/goat buck and buggy for my transport needs. No wasteful and deadly manufacturing processes, no exhaust or noise, and it runs on lunch/grass/brush.
*Clutches Pearls* Say it ain't so!! Not *THEE* Joe Rogan!!! That right wing nationalist that supported Bernie Sanders and Tulsi Gabbard presidential runs?!!! You orange-man-bad people, have completely lost your minds and are absolutely divorced from facts. Get off the internet.
It is indeed very bizarre to see these newer-generations-of-Reg-writers (where did the rational, older folks go?) pick on a failing social media site as if it was tech-news-worthy, for no other reason than them disagreeing with personal opinions of the owner. The reg has gone to shit. Guess they gotta pay for hosting *somehow*.
No doubt about it, as someone who runs both Power and SPARC gear, I cannot believe people continue to pay the IBM POWER premium. The cost is staggering. The management software/middleware, just plain terrible. But hey, at least they started packaging OpenSSH with AIX 7.3. Only took em 20 years to catch on. :-D
Hah! Yes indeed...apparently the election-is-going-to-be-hacked mis-information is coming from the 'right wing' according to this article...hmmmm...let us see what they say after the GOP sweeps. I'm going to guess the 'left-wing' will be the one spreading the 'election was hacked' mis-information as they did during their Russiagate years.
Now I've seen everything. The first cloud provider, realizing most of its 'valuable' customers are hybrid-cloud, and are likely to stay that way forever, is going after their on-prem competition. This will not end well for Amazon, but I'm glad they're at least trying. Google is doing the same thing, but is pointing their customers looking for a physical 'as-a-service' offering to HPE. Much more pragmatic move in my opinion.
"Selling the Gateways through the channel means AWS has the muscle to challenge on-prem storage vendors like never before."
^^^ This is a bit of a stretch. Amazon's storage box cannot hold a candle to any existing large storage array. They're decades behind.
"The Great Resignation, which began in spring last year and continued until the fall when the quit rate in the US climbed to a two-decade peak, is forcing companies to consider ways to retain valued staff."
Ways to retain valued staff are varied, but mostly boil down to this one thing: give your people raises to *at least* match the real-world inflation. In the US this would've been between 12-16% last year. I work at one of these tech behemoths, and by and large, everyone got 2% (unless you threatened to quit). Why would I not scale down my productivity by 10-14% in such a market as dictated by market conditions?
I agree, this struck me as an odd way to start this review. As if setting us up for the rest of what is to come.
Frankly, if my choice of network kit (some bits I'm in charge of currently) comes up and it's between Cisco (way overpriced, and with known backdoors, and a very poor security record) and Huawei (moderately priced, "alleged" backdoors [none alleged by actual infosec pros but by beaurocrats], and *some* bungled releases from a security perspective), it'll be an easy one to make.
Hmmmm. The best thing for *everyone* for the *long term* (as in hundreds, thousands of years) is no vaccination, and very little medicating of society period (yes, that means people will die). If you want targeted vaccines for the feeble among us, go right ahead, but it makes zero long-term sense to mass-vaccinate healthy people, especially the young.
Nah...I was involved in helping google figure out basic data center power, DC cooling, Linux, UNIX, storage issues after they acquired a company I worked at, and proceeded to screw the pooch on a thoughtlessly executed data center migration (that was wholly based on marketing of the new location [in their words - "to enable us to hire younger engineers"], *NOT* on any technical requirements post-acquisition). They truly don't know what they're doing when it comes to data center ops compared with companies who had been doing it 6+ decades. Their engineers I worked with believed all workloads were easy to understand and troubleshoot. It was beautiful watching them scramble as they failed to understand one protocol after another. :-P
>For just one, where are all of these new experts with access to every app's source code supposed to come from?
I was one of these "experts" as you call them. It was part of my sysadmin gig. Maintain the tool chain, audit new toolchain requests, continuously audit the infrastructure, move slow especially when devs want you to move fast, etc. This wasn't exactly a safety-critical industry either - we made consumer electronics - tvs, computers, phones, cable set-top boxes, walkie talkies, etc.
Most of us were laid off, I suppose you can just re-hire us from the unemployment lines?
The goal is not to get access to *every app's source code*, the goal is to not even allow the app onto your network to begin with. It's really not that hard man. This place where I worked at was around 2004 timeframe, and it was for sure happening decades before then in safety-critical work spaces. Lets stop making excuses for doing the responsible and prudent thing, for the sake of cheap, low-quality and often unsafe goods.