These companies all have very clear terms of service, where they reserve the right to remove you for any reason. Using their service is a privilege, not a right. If everyone is “censoring” you, then there must be a good…
Twitter is a private sector business in the US with terms that include reserving the right to remove any content for any reason. They have every right to. If you don’t agree with it, for moral reasons or otherwise,…
CAP_NET_BIND_SERVICE is a root privilege, a distinct one provided by kernel capabilities, granted to a process. In order to use it the container must be permitted to allow its processes to elevate their privileges. If…
Nginx and the like are starting to provide non-privileged versions of their container images. Running as root is lazy and equals container escape, especially when running on anything other than scratch and read only…
They were not more secure, just more isolated. The challenges are different. Containers are just namespaced processes that share the same kernel as the host. A host has access to all container processes, uids, gids,…
Infrastructure should be defined in an easily digestible, human-readable format. Your manifests serve two purposes: define infrastructure and self document. While you can achieve the same infrastructure automation with…
The reason is because object storage is slow and not meant for high performance, which is usually important for large databases. For your S3 example and ignoring IOPS, you are comparing 13ms of latency on local spinning…
A container is not a VM and should ONLY contain the exact files needed to run your app to run securely. Any additional packages increase the security footprint. Every container is one RCE vulnerability away from being…
No, there is no reason for them to do that. Microsoft has proven otherwise over their entire existence.
If you read the post, you’d know that you’ve basically summarized it.
As a whole, we vote for a party. The person on the ballet is that of your riding. They are a Member of Parliament (MP) for your area, and they are affiliated with one of the many parties. The party the receives the most…
Requiring access to your social accounts is laughable. Unless it's directly tied to your job, it's a signal to quickly and politely end the relationship.
It use to be tracked by radio song requests and sales of singles.
I envision a future where CEOs don Guy Fawkes masks before doing press releases.
Mongodb easy; PostreSQL hard. The latter requires extensive planning, which slows you down when features need to go out now.
Deploying TLS in simple environments isn't overly complicated. It's just cost prohibitive.
This is an awkward argument. One of my sites documents how to configure servers, for example. What excuse is there that something like that needs to be encrypted? The most legitimate reason I've heard is for privacy. I…
Tin foil hats a side, I assume it would be an account used only for professional reasons, allowing students to reach out to their teachers. However, if the teacher is incapable of separating personal life from work,…
This isn't software development. Why reinvent the wheel?
Some forms of compliance require end-to-end encryption for certain transmissions. PCI is one that comes to mind.
Slack is terrible for auditing, though. What's wrong with email?
What!? First, it is highly inappropriate for anyone in any leadership or management position to ask anyone to sit on there lap, no matter what their relationship status. Secondly, making any kind of sexual proposition…
These companies all have very clear terms of service, where they reserve the right to remove you for any reason. Using their service is a privilege, not a right. If everyone is “censoring” you, then there must be a good…
Twitter is a private sector business in the US with terms that include reserving the right to remove any content for any reason. They have every right to. If you don’t agree with it, for moral reasons or otherwise,…
CAP_NET_BIND_SERVICE is a root privilege, a distinct one provided by kernel capabilities, granted to a process. In order to use it the container must be permitted to allow its processes to elevate their privileges. If…
Nginx and the like are starting to provide non-privileged versions of their container images. Running as root is lazy and equals container escape, especially when running on anything other than scratch and read only…
They were not more secure, just more isolated. The challenges are different. Containers are just namespaced processes that share the same kernel as the host. A host has access to all container processes, uids, gids,…
Infrastructure should be defined in an easily digestible, human-readable format. Your manifests serve two purposes: define infrastructure and self document. While you can achieve the same infrastructure automation with…
The reason is because object storage is slow and not meant for high performance, which is usually important for large databases. For your S3 example and ignoring IOPS, you are comparing 13ms of latency on local spinning…
A container is not a VM and should ONLY contain the exact files needed to run your app to run securely. Any additional packages increase the security footprint. Every container is one RCE vulnerability away from being…
No, there is no reason for them to do that. Microsoft has proven otherwise over their entire existence.
If you read the post, you’d know that you’ve basically summarized it.
As a whole, we vote for a party. The person on the ballet is that of your riding. They are a Member of Parliament (MP) for your area, and they are affiliated with one of the many parties. The party the receives the most…
Requiring access to your social accounts is laughable. Unless it's directly tied to your job, it's a signal to quickly and politely end the relationship.
It use to be tracked by radio song requests and sales of singles.
I envision a future where CEOs don Guy Fawkes masks before doing press releases.
Mongodb easy; PostreSQL hard. The latter requires extensive planning, which slows you down when features need to go out now.
Deploying TLS in simple environments isn't overly complicated. It's just cost prohibitive.
This is an awkward argument. One of my sites documents how to configure servers, for example. What excuse is there that something like that needs to be encrypted? The most legitimate reason I've heard is for privacy. I…
Tin foil hats a side, I assume it would be an account used only for professional reasons, allowing students to reach out to their teachers. However, if the teacher is incapable of separating personal life from work,…
This isn't software development. Why reinvent the wheel?
Some forms of compliance require end-to-end encryption for certain transmissions. PCI is one that comes to mind.
Slack is terrible for auditing, though. What's wrong with email?
What!? First, it is highly inappropriate for anyone in any leadership or management position to ask anyone to sit on there lap, no matter what their relationship status. Secondly, making any kind of sexual proposition…