Posts by Doctor Syntax

Re: ReCoilLess

"The British Army is there to defend from external threats and not some Covidiots that fail to social distance when a little tipsy."

There's at least one Covidiot closer to Boris than that but he's more likely to be the one with his finger on the trigger.

Re: "we will never be able to avoid outages entirely"

"I don't have to look embarassed and explain to a supplier that I've not received their email if they were unable to send it in the first place!"

You're relying on the supplier and yourself having the same, unreliable email provider and further, on the supplier having just one email provider without having any fallback. Even as a private individual I have my own domain email but also an ancient Hotmail address. The Contact page on a website that comes back to me is duplicated on gmail and outlook addresses.

Re: Protect the NHS

"Help the aged - once we were just like you!"

And, if you're lucky*, one day you'll be just like us.

* And sensible, although that may also be down to luck.

Re: Call me Mr Cynical but...

How?

Remember that this is a system which, for security reasons, does not present any user data relating to the app to central servers.

Re: Call me Mr Cynical but...

one has to wonder how thorough the testing requirements analysis was.

Re: Police told not to download Covid app

I think they're anticipating a load of false positives what could easily leave the entire force self-isolating.

You have a marketing department that doesn't have access (probably inducing access they really shouldn't have) to names and addresses of customers and a lot of other contacts?

Explain to someone sufficiently senior to be on the hook when the shit hits the fan that they are on said hook and that it's their problem, not yours.

"I suggested that that server be disconnected from the work network"

Better still - it should never have been connected in the first place.

One client has a completely separate network for production data which included a lot of PII, some of it quite sensitive, which was being processed for their clients. In fact it was a condition of the contracts for the services they provided. Yes it was a little inconvenient to have to go - escorted - to the server room to find out what the problem was on incoming data* but it was just the way things had to be done and quite right too. (The same client also had pen-testing to see if staff could be inveigled into spilling data over the phone. They couldn't.)

* Thanks to the tame software house used by one of The Usual Suspects who rotated freshly qualified but untrained developers in on a 6 monthly cycle to make the same mistakes the last lot made.

"only after which process was whatever process granted"

And who then actioned that? What actual obstacles existed to prevent them granting such access to themselves at any time? If there are none then they have potential access which, as Lee points out, is no different from actual access.

Re: The sub-header: ever seen a Trello board...

"At a previous organisation Trello was rolled out by means of an unexpected mass-emailing from an external organisation inviting one to follow a URL and log in at an external website with one's company credentials."

How not to do that - and anything else.

Re: Opportunity Cost of lockouts

I think you're describing a situation where people who should be on a project team aren't. Lax security isn't a solution to non-security problems.

Re: Employ people you trust, trust people you employ

And many more before and since.

Re: Jumping through hoops for access

"There should be three levels of access:

1) no access

2) permanent access

3) "on-demand" access"

Access to what? Your three levels only tackle a small fraction of the job.

This reminded me of a time when I had to do a security review of a business. One of the points I raised was the excessive time taken to scan documents into the document server. They weren't available when needed.

Re: .. all the access they ask for ..

" The amount of time this person spends explaining, repeatedly and in depth, to people why they can't have all the access they ask for and why such access would be a really, really bad idea is astonishing"

Write it out once and give them a copy instead of spending time explaining.

"We could give ourselves access, but we don't."

These are the sort of trusted people to employ.

Re: Employ people you trust, trust people you employ

And the person who you trust clicks a booby-trapped email and their excessive access lets the destruction spread.

Then you start to wonder whether open access was a good idea. Experience is a dear teacher. Do you really want to learn lessons like that the expensive way?

Re: Sadly... this is the beginning of the end

"To all the posters saying there are plenty of distros that don't use systemd -- how many of them are ones that you'd be happy to give to your non-techy parents or your great-aunt Lucy?"

Ignoring the implied ageism - I may well be older than your parents, I did provide a couple of cousins with Zorin but that was a long time ago.

But let's qualify this: statement:

"most people who learn to use Windows once can - for the most part - go anywhere else, sit down at a computer, and do their thing"

Which Windows? The Windows UI has changed a good deal over the years. How many complaints have there been here over just that thing. And not only the OS, the applications as well - remember all the complaints over the introduction of the ribbon? In fact if you sat down in front of my laptop you might wonder for a moment which variation of Windows it was running. W95 and KDE both seem to have started by adopting a good deal of the Unix CDE interface and IBM's CUI so there are quite strong resemblances between them. and other Unix/Linux window managers. In consequence the differences between any given Windows version and many* Linux UIs is not really greater than that between different versions of Windows.

* There is a good deal of flexibility but generally KDE based implementations usually default to having the main menu pop up from the bottom left with the panel (task bar) etc on the bottom. I'm not sure what the most common Gnome layout is these days but most distros using it used to put that sort of stuff at the top of the screen. But hey, if you want your task bar down the right hand side that's possible.

Re: Sadly... this is the beginning of the end

As I replied to Jake, I use Devuan. However, it was about 11 months between the release of the upstream, Debian Buster and Devuan Beowulf as stable. Of the two which is going to be used fro application development?

Re: Sadly... this is the beginning of the end

Yes, Jake. I know about Slackware. Personally I use Devuan. But these are not the mainstream distros. It's more likely that anyone developing mainstream applications will be using Ubuntu or one of its derivatives - it seems to be getting quite common to see .debs offered for Ubuntu but not Debian.

Re: ROTFL!

"most open source software is pretty limited, ugly, and not user-friendly"

So you've still not tried it for yourself.

Re: Am I the only one?

all kernel code will currently be looked at carefully by non-microsoft employees.

FTFY

Re: Sadly... this is the beginning of the end

It's getting hard to find a distro that doesn't use systemd. In consequence it will be increasingly common to find applications assuming that one of other of its tentacles is available for use.

Re: No one seems to be talking about other ports.

There'll be customs checks/no customs checks (it's a quantum thing) at Liverpool and Cairnryan for travel to that other part of the UK in NI. That means that the A75 will also become a lorry park.

Re: There is always Monaco

Perhaps this could be kept up until there aren't any Brexiteers left in Britain.

Re: More queues?

"and the rule of law"

Does this still allow breaking international law under certain limited and specific circumstances?

Re: Phew! We're safe then!

"static linking and fat packages"

Maybe it's worth while to start looking a bit more sympathetically at those. The trade-offs between the financial costs of on-disk storage and memory use vs security might have changed in the last few years.