HackerTrans
TopNewTrendsCommentsPastAskShowJobs

nanocode

no profile record

comments

nanocode
·2 anni fa·discuss
What you wrote sounds a bit like "As a minor I have lived in asbestos building and I can assure you I was not harmed". How do you know?

As far as I know, there are many scientific studies that disprove what you've said - and that porn has, in fact, a harmful effect on young minds. Of course there are many other harmful things that we nevertheless accept, like alcohol, cars or cigarettes. So maybe we can, as a society, decide that letting kid watch porn is OK and not worth the alternative (privacy intruding regulations). But arguing that it's not harmful at all is not, I believe, scientifically justified.
nanocode
·2 anni fa·discuss
I think we can split hairs and nitpick this a lot but... Nowadays most often setup is that you join a VPN (a very isolated one), and you use it for the same purpose as you would proxy. But from your machine's point of view, you're using a separate network for your default gateway. Using proxy is usually more involved, and you can configure it in your application. In fact, you can do both and sometimes it makes sense (like using tor socks proxy over vpn).
nanocode
·2 anni fa·discuss
>Autonomous robots with cameras and guns could be installed everywhere

At this point I'm not even sure if you're sarcastic. Or are you an agent of the upcoming robot uprising? Who knows!
nanocode
·2 anni fa·discuss
Well if I could shake my magic wand and instantly convert all my (and other) C code to some kind of MemorySafeC code, I would. Unfortunately, there is no such magic wand, and all we can do is to rewrite tens of millions of lines of C code to another language with different tradeoffs and different compatibility. It is, in other words, usually not possible.
nanocode
·2 anni fa·discuss
On the other hand, WAFs are another kind of security theater. They won't stop any determined attacker. Usually you just need to change your payload to make it work. Unless you tweak the rules a lot, to the point where you could encode then in your application as well (for example "user_id" field in the POST data must consist only of decimal numbers)
nanocode
·2 anni fa·discuss
Well that's clearly false. GDPR fines for data breach (when there is enough negliglence) (or even inproper handling of data breach) can be pretty severe. At least in theory, in practice the enforcement depends on the country and the fines are usually nowhere near the legal limit. But there is a penalty.
nanocode
·2 anni fa·discuss
>If I'm honest, most security engineers suck. 90% are crappy IT Admins or Compliance Monkeys who did CISSP and maybe worked for PWC or an MDR for 1-2 years and don't know the difference between NFTables and NTFS

As a security engineer, I agree. I hang up and work with really skilled people, so sometimes I'm shocked when I work with a client's it security engineer and they barely know how to use a terminal. Sometimes don't even have a way (or skill) to use SSH. Not to mention that I code/script every day, and most "standard" big company security engineers just use ready made tools.

Sorry for the rant.

>I don't give a rat's ass that you like using Mosh or xyz project on GitHub (not trying to pick on Mosh). >I don't care that you feel restricted by having to use MacOS laptops and SSHing into a CoLo protected behind ZPA when you'd rather use ArchLinux on your work laptop.

I somehow agree with your examples, but not sure if I agree with the overall idea behind your messages (as written). People have different workflows, and forcing everyone to the same mediocre one will just hurt productivity. Of course there need to be standards, but if people feel restricted by having jump through hoops on unfamiliar operating systems and spend a lot of time and frustration fighting them... Then they're probably right. You should listen and give way more than rat's ass to engineers problems.
nanocode
·2 anni fa·discuss
You realise you're posting under a scientific study conducted by Association for the Development of Motorcycling, the Polytechnic University of Bucharest and a noise emission specialist from Netherlands In the study somebody actually tried to measure this. You need a stronger rebuttal than "this is total garbage lol". You can make your own scientific study if you believe this results are for some reason incorrect, or at least try to point out where the study made a mistake.
nanocode
·2 anni fa·discuss
I don't know about all conferences, but in my line of work most conferences cost up to $2000 or even more (for example "late tickets" to a conference I'm attending in June cost $3000). I guess enough people (or rather, employers) consider it valuable enough to pay this price.