Anon witnesses excellent security
-
OPNsense is also a viable alternative.
Tried that for awhile at home, just didn't seem as robust. Also, you can get Netgate hardware if the company doesn't want a 10-yo Dell running the edge.
-
My boss went so far as to buy Macs because we have "special needs" (we don't) because otherwise we'd be forced to use the corporate locked down crap. I'm not a big fan of macos (prefer Linux), but root access sure is nice.
I had to move to a Mac because of iOS development. Now I'm stuck with a Mac because the fucking thing refuses to break.
-
Often times when you pay for the product, you are still the product.
I'm the product in the sense that poo is the product of the intestines.
-
insert thats the neat part meme
Eventually it was decided I would write Javascript on a web page I made. Skills I never declaired having I told them I was a java dev.
Javascript is a part of Java, duh!
-
Tried that for awhile at home, just didn't seem as robust. Also, you can get Netgate hardware if the company doesn't want a 10-yo Dell running the edge.
I've had opnsense running for 7 years without a single issue. It might be the most reliable part of my whole setup.
-
I hate sites that make me constantly change passwords. it's been shown time and time again that making users change passwords often decreases security by a pretty large factor, and yet a lot of sites still do it
Interesting, stopped seeing this a while back. Forced change after the inevitable hack though of course
-
It's not more secure, it's so they can offload blame and have people to sue if/when something ugly happens. Liability control, essentially.
We had to pay for fucking Docker container licenses at my last job because we needed an escalation to the vendor in case our SMEs couldnt handle things (they could), and so we had a vendor to blame if something out of our control happened. And that happened: we sued Mirantis when shit broke.
Ever hear how the suit turned out, generally?
-
I hate sites that make me constantly change passwords. it's been shown time and time again that making users change passwords often decreases security by a pretty large factor, and yet a lot of sites still do it
Our workplace did that. You had to change every month and you weren't allowed to just add a digit. It meant that people started writing their passwords on post-its stuck to the monitor.
Mind you, back in the 90s your password was the same as your username. It was very handy, because if someone went home leaving a document locked, you could just log in and unlock it. Our first "proper" IT professional was horrified.
-
Everyday my misnathropy is justified
Print the fucking t-shirt man. I'll buy one for every day of the week.
-
Don't forget your new 32 character/symbol/number/nordic rune passwords that will need to be changed every 17 days.
And don't forget required 2-factor authentication, in an age where that becomes 1-factor authentication as soon as someone has your phone, because both factors are accessible there!
2FA is utterly worthless in the age of smartphones, and whenever my employer tries to implement it, I refuse and tell them that, if they want me to do 2FA, they can either provide me with a work phone, or they can give me a USB key that is just going to sit in my desk drawer.
-
And don't forget required 2-factor authentication, in an age where that becomes 1-factor authentication as soon as someone has your phone, because both factors are accessible there!
2FA is utterly worthless in the age of smartphones, and whenever my employer tries to implement it, I refuse and tell them that, if they want me to do 2FA, they can either provide me with a work phone, or they can give me a USB key that is just going to sit in my desk drawer.
wrote last edited by [email protected]which still requires someone to swipe the phone and the owner not recognizing it long enough to do a remote wipe. I am not someone who hangs on the smartphone 8 hours per day, and even i would realize my phone is gone within 15 - 30 minutes, giving an attacker a pretty small time window to act.
e: and they have to break into the phone as well - if it's updated, that might buy more than enough time
-
Every day I wake up I thank God I'm not an MBA
MBAs would just buy an LLM software subscription to fix it
-
Interesting, stopped seeing this a while back. Forced change after the inevitable hack though of course
Could be because OWASP now actively recommends against periodic password changes.
Ensure credential rotation when a password leak occurs, at the time of compromise identification or when authenticator technology changes. Avoid requiring periodic password changes; instead, encourage users to pick strong passwords and enable Multifactor Authentication Cheat Sheet (MFA). According to NIST guidelines, verifiers should not mandate arbitrary password changes (e.g., periodically).
-
Vim? Oh wow. I'd be looking into a USB Keyboard that types the entire source code of vim into the machine, assuming there isn't an easier option.
Fork vim, rename it, sell it back to your company
-
I could really see companies just fork open source and give it a tweak like UI or new switches...
Terrible.
New wealth redistribution method?
-
At one point my company made us buy Eclipse from a vendor because free software was not allowed. It had no tweaks or support, just out of date Eclipse that I had to wait for purchasing to get
Whenever I hear about shit like this I wonder if I should just start a company and package free software lol. Could like donate a bunch of the profit to the actual projects.
-
Tried that for awhile at home, just didn't seem as robust. Also, you can get Netgate hardware if the company doesn't want a 10-yo Dell running the edge.
Bought some of the higher end negate routers for work. 1u rack mount. Five locations all linked with fail over tunnels. I run our filter and monitoring on them as well . Pfblockng works great for general purpose filtering. When you filter porn you really need a lot of ram. The intel boards they have are a little finicky on the type of SFP you can install but other than that they work great.
-
Fork vim, rename it, sell it back to your company
Donate cost back to vim
-
OPNsense is also a viable alternative.
Sure, I've tried it but honestly there wasn't much difference. I use pfsense because its what I started with. I imagine if you started with opnsense it would be the same thing. I use pfsense+ licensing for all the routers at work and that makes the higher ups happy that its has commercial support if needed.
-
As if the Eulas don’t make it all arbitration?
What software company allows liability for mistakes in a EULA?
Companies and individuals play by different rules.
When a big company purchases software a team of people from both parties (whose entire job and career are based on doing this) negotiate with each other to decide exactly who is liable for what and to what degree.
When you purchase software you agree to let the company fuck you over at their leisure because you literally do not have enough hours in the day to even read everything you agree to, let alone understand it, let alone argue with it. And even if you did you don't have enough bargaining power to make a large company care.
