I love getting to play with these OSes that I never got to touch 20 years ago, so thanks for this! Now that you've got NeXTStep, have you considered Rhapsody?
If the lesson the author is ultimately trying to convey is "You can't trust cloud infrastructure providers to protect your data, especially Microsoft." My answer is, "Okay. What can a company do when there is no choice?" The number of enterprise-grade applications that are cloud-only offerings is only increasing. Regardless of whether or not my company actually wants to to own the risk of storing its data in a third party, the day is coming where they have to choose to accept the risk that comes with storing data in the cloud, or re-inventing someone else's wheel at great development and operational cost.
> "Okay. What can a company do when there is no choice?" The number of enterprise-grade applications that are cloud-only offerings is only increasing.
I'd be curious to know what kind of problems could be only solved through a cloud-only solution. It's a honest question; I'm not old enough to remember actually using mainframes but in my days companies had their own IT staff, gear and storage.
I understand that hiring a IT team of 3 could not be viable for a small 10 people startup, but I'm sure there are solutions in between before being forced to entirely surrender everything to someone else's data center.
Software security is a good example. Lets say you work for a large company, you have 50K repos in your git instance, and you have 10K developers on staff churning out all of that software from the mundane to the mission critical. You want to provide a means for your developers to be good citizens to get out in front of security vulnerabilities.
Building an in house solution to do this is extremely costly in every way imaginable, from the extreme expertise needed, to the ability to do it at a very large scale.
There are a number of vendors out there who provide great software to do things like scan source code, scan dependencies, or scan a live environment for vulnerabilities. The best of those vendors have cloud-only solutions.
You're stuck either accepting the risk that, at the very least, vulnerabilities about your software would be potentially exposed for the world to see, or installing an inferior product on-premise. That potential risk is even greater if your customers depend on you to store things like private and/or financial data.
Hum... We are still dealing with the last cloud-based security scanner that injected malware into every large IT related company, and still discovering what companies are completely hacked because of it but are hiding this.
> Okay. What can a company do when there is no choice?
The company can recognize that "there is no choice" is not a valid option. There are many choices if the company actually cared to invest into choices. That requires learning and actually vetting your vendors though. That's hard work. Good luck getting people to do hard work.
I've been through multiple vendor vetting processes at my company, and there has always been a line drawn at whether or not the company's data is stored with the vendor in the cloud. My company is very cloud averse due to the nature of the business, and the kind of data they store. The vendor products that make that cut are usually not the best, and if they have a cloud offering, it's almost always superior to their on-premise offering. Every time I go through this process, it shifts even further in the direction of more + better cloud offerings, and fewer on-premise offerings.
You can implement security measures on top of what is provided by Microsoft. If you have encryption at rest and you hold the keys locally, for example, even this high-level leak would not expose you.
That said, good luck implementing and managing that in a large organization.
I'm not versed in reading biomedical studies, but I'm curious about this. A successful in vitro test would not necessarily mean that the medicine could overcome other biological challenges such as the blood-brain barrier for delivering medication to brain tumors. Is my assumption correct?
An actual car (not an NFT) is in the design stages at a company run by DeLorean's daughter, who happens to also be an accomplished cyber security professional. https://dngmotors.com/
I’ve felt this too in my 40s. I generally don’t recommend books that might be considered self-help, but a recent book by Arthur Brooks called “From Strength to Strength” was really helpful for me to understand what’s happening to me, and how to embrace the use of crystallized intelligence in my later career. If that doesn’t interest you, you can find some interviews with him about the subject and book in a few places by search.
Well, this article is a hypothetical, but fire-proof safes are, like anything with "proof" in the name, not fire-proof, merely fire-resistant. It's theoretically possible for a lightning to strike in the worst possible place and trigger an unusually hot fire, one that exceeds the maximum tolerance for your safe. House fires can apparently hit 1500F, and if you've cheaped out on your safe then you might be in trouble (e.g., the Amazon Basics Fire Safe "can protect your belongings at 1200 F for 20 minutes").
As a LockPickingLawyer fan, I sometimes wonder if these “fire-proof” safes would actually withstand a fire, as there is so much bullshit labelling going on.
For anyone confused about heat and temperature (which in everyday speech get often mixed up) here is a good thermodynamics recap about the definition.[0]
A lightning strike can heat up the air around it because of its relatively high electrical resistance; up to 50k degrees[1].
The change in temperature (average kinetic energy of the air molecules) itself can be seen in the lighting flash (creating for split seconds an awesome "plasma channel", effectively ripping apart the molecules in its dendritic way through hundreds of MV) and consequently heard (if near enough) as a pressure wave, a quick rolling thunder rumble.
Relative to the vast amount of air around a typical lightning discharge event with its characteristic current flow [2] this "temperature" cannot sustain itself so it disperses very quickly. However under the right conditions (flammable materials, humidity etc.) this can jumpstart the chemical process of "burning". Because of the multitude of variables this ain't straightforward [3] as often depicted in movies. So, no the lightning itself cannot "damage" the integrity of a safe but the secondary effects of the environment around it i.e. continuing heat source.
(For convenience I've left out the scenarios regarding possible EMP damage and its secondary effects).
Replace "house hit by lightning" with "house hit by missile strike and now occupied by the Russian Army", a very real scenario nowadays, and you have the same problem again.
The 2017 Tubbs wildfire burned so hot that it melted fireproof safes, as I understand it. Something about 50-100mph winds and incompetent forest fuel management making the fire burn extra hot?
> In the meantime, please rest assured that my home is still standing. But, if you can, please donate generously to the DEC's Ukraine Humanitarian Appeal
Great work! I think it would be helpful to tag static analyzer tools that are dedicated to security with a security tag (SAST tools like, Brakeman, Fortify SCA, Checkmarx CxSAST, Coverity, etc.) OWASP lists a bunch here: https://owasp.org/www-community/Source_Code_Analysis_Tools
