I bought a Canon M100 mirrorless in that price range and I have to disagree. Maybe a $1000 phone can come close, but you can't change lenses on a phone so I don't see how a phone camera can match what you can do with a $500 camera.
The 1080p 60fps is not quite as good as what you get in a 3 year old iPhone. It's fine I guess. It's fine. I'm going to guess the video has some arbitrary limit to record only 10 minutes at a time.
Still this is kind of what I was looking for. Thank you for the advice.
I am sooo happy with my new Canon M100. I got tired of carrying a big SLR, this is quite a nice portable size. Phone cameras are pretty good these days, but no match for a SLR or Mirrorless with a decent lens.
As someone who works in a no-code platform company, my view confirmed by a look at our revenues is the author is way off. low-code no-code platforms are booming and will continue to for a long time. There are several reasons
1 - there is a huge backlog of business processes which can be made more efficient with apps
2 - there is deficiency in developers, but a surplus of knowledge workers
3 - IT departments are unable to solve all users app needs
4 - enterprises are mananaging far too many SaaS 'point solutions'
5- most importantly, ROI and TCO make low-code platforms very attractive.
6 - the ability to quickly customize business process applications is incredibly important. Low-code platforms provide this
7 - technologies like webhooks are making it easier for low-code app builders to create sophisticated apps tied to multiple cloud and on prem data sources and systems.
I am amazed, everything you said is completely true and yet you are totally wrong. Sure your company is doing really well right now. You might even cash out or leave before it goes downhill but it will go downhill.
Low-Code, No-Code is too immature to build a long term sustainable business. It will ebb and flow for decades to come. Always getting closer to solving this list of problems (and the problems are real) until one day we as a society learn to understand where the value boundaries are for digital products. I don't see that happening in the next 50 years.
Quick Base has been running its no code platform for almost 2 decades and does not tie you to an information or vendor silo - happy to integrate with many cloud and data integrations.
SSO is important for enterprise.. but github presents a challenge where devs usually have pre-existing personal accounts which are added to company github accounts, rather than the company account being used.
Well, won't that require a different identity? My personal email account is funny-nickname@gmail but my work email is my-real-name@work. Github used to allow/encourage multiple identities but then changed it because it was super confusing and hard to manage. Maybe they've fixed that now. :/
They fixed some awkward "custom routing" screens a while ago. I've been using my single account with different companies for years now. I just make sure my git `config.email` is set right, set GitHub to route notifications for work repos to my work email, and it's done.
I've also been the admin on those Business accounts. It's easy.
That's what people used to do before because there were no good options to provision separate work accounts for people. With the new for business model I'm guessing we'll see people being issued work accounts and keeping their personal GitHub accounts completely separate, which might be a good thing.
Developers have the same identity no matter who they work for.
It makes sense to separate access ("this person has access to Example Corp's repos only as long as they work for Example Corp") from identity ("this person owns this account").
Introducing single-sign-on as one way to simplify login, and potentially as a second-factor for gaining access to repositories run by the business, makes sense. Making developers create entirely separate accounts doesn't.
But it's not just about having access to example corp. If I log in to GitHub from my work laptop then my company technically has access to my personal GitHub account and the repos of any other organization I happen to belong to. It goes the other way around to. If an attacker hacks my personal laptop and I'm logged into GitHub then they have access to all of my companies repositories.
There are perfectly valid reasons for segregating accounts so that there is complete separation between them.
It does if I am logged in on a company laptop and they control access to that laptop. (This is hypothetical in this case, I happen to know that the particular company I work at does not have any backdoors on my laptop).
It is the first scenario not the second. The person is gaining access to the GitHub organization via SAML SSO. They are bringing their own identity and do not lose access.
10+ year info sec veteran here. I think first order of business is do you want to be a specialist or a generalist? Application security is but one piece (albeit in many cases a very important piece). I chose generalist and I am happy to have done so. Today I am diving into Strict Transport Security, yes, but also working with HR and IT on our employee onboarding and off-boarding process, reviewing vendor and customer contracts and federal compliance requirements. Privacy, Regulations and Law, Compliance, IT and infrastructure security, corporate IT security, and yes application security - every day I deal with all of the above and I love that. And a great foundation into all the things a security person may do, I cannot recommend the CISSP enough go for the CISSP (or, alternatively, CISA) certification.
The CISSP is a certification designed to give managers a high-level understanding of the different areas of security. For some stupid reason, HR people think it's the gold standard of technical certifications. Unless a person has is an absolute beginner, they probably won't learn anything technical.
I literally can't think of a single person I talk to in security --- and I talk to lots of security people --- who will mount a defense of the CISSP certification. Most of the people I know see it as a plague on the industry.
(I'm 22+ years in the industry, for whatever that's worth.)
There's nothing wrong with the CISSP for what it is, a wide gamut glance into InfoSec, but a lot of hiring managers have been led to believe it holds high technical merit. A few years ago I took a job with my then shiny new CISSP and I was uncomfortably flattered a bit at how much awe it held with people who had no idea what it even was. They assumed I was a master hacker when neither my work nor my resume suggested any such thing.
I think what it tells employers, who don't know better, is that the person is a Certified Information Systems Security Professional, and they might have heard all government security employees must have one, so it must mean that the people are extremely skilled. In this, I'm not qualified to say but my hunch is, not very likely based on a few untechnical people I know in the last few years who passed the test successfully.
What it should tell employers however is that the person is capable of critical thought and has a light familiarity with a wide range of security concepts.
Why should I have to pay a pretty significant amount of money at the start of my career to buy a piece of paper that suggests I'm capable of critical thought? In fact: isn't doing the exact opposite of that actually doing a better job of demonstrating critical thinking skills?
6 months in Iraq isn't enough for vet status. If you didn't live through the Vietnam War of tye 70s, if you never saw the AK-47 in action, you arent a vet.
