Na, my experience is that Defender is fine with users downloading browsers and “updates” from random Russian sites. It’s happy to let the users install that software and only bothers to log a “hey, maybe this was bad” alert some time later. Edge, on the other hand, loses it’s shit when you visit the official download sites for Chrome or FireFox.
BLUF: It’s been a mixed bag, but I would call it “worth it”.
I’ve used Ubuntu a bit before. That’s what my home server runs on and has for years. Granted, most of it’s functions live in Docker containers. I also used both Debian (via Kali) and Ubuntu at work (yes, I know Ubuntu is Debian based, but it’s also big enough to have it’s own dedicated ecosystem). I work in Cybersecurity and use Linux based tools for image acquisition, digital forensics and data recovery. Kali makes for a great “it just works” system to validate vulnerabilities and poke at a network. And, between a lot of tools targeting Ubuntu and frameworks like SANS SIFT, Ubuntu gets used a lot. I also supported several Red Hat based servers at work for various tools. I’m far from an expert on Linux, but I can usually hold my own.
In a lot of ways, Arch wasn’t an obvious choice for me. And I seriously considered going with Ubuntu (or another Debian based OS (e.g. PopOS)) at first. It’s worth mentioning that my primary use for my desktop is video games. So, that heavily effected my choices. That said, the reasons for choosing Arch ended up being:
One of the things I did, which was really helpful, was a “try before you buy” setup. I was coming from Windows 10. And, as mentioned above, gaming was my main use case. So, that had to work for me to make the jump. Otherwise, I was going to milk Windows 10 for as long as possible and then figure things out when it went EOS. So, I installed Arch on a USB 3.0 thumbdrive and left my Windows OS partition alone. I also mounted my “Games” drive (M.2 SSD) and installed games to that. It was still NTFS, but that only created minor bumps in the road. Running that configuration for a couple months proved out that Arch was going to work for me.
When it came time to fully change over, I formatted my Windows OS partition as ext4, setup the correct folder structure and rsync’d everything from the thumbdrive to it. So, everything was the way I’d had it for those couple months. I did have an issue that my BIOS refused to see the OS partition on the SATA SSD I used for my OS partition; but, that was MSI’s fault (I have an MSI motherboard). And that was resolved by changing where GRUB is located in my /boot partition.
Overall, I’ve been happy with the choice I made. Arch hasn’t always been easy. Even the Official Install Guide seems to come from a RTFM perspective. But, if you’re willing to put the time into it, you will learn a lot or you won’t have a functional system. And you’ll end up with a system where you can fire up a packet capture and have a really good idea of what each and every packet is about. As for gaming, so far I’ve had exactly one game which didn’t run on Linux. That was Call of Duty 6, which I was considering giving a go to play with some folks I know. But, Activision’s Anti-Cheat software is a hard “no” on Linux. So, I had to pass on that. Otherwise, every game I have wanted to play either had native Linux support or worked via Proton/WINE.
You only get a short time with the pointy end of the spear and then once a sword wielder is inside your range, you’ve got an unwieldy stick and they have a sword. Good for stand off melee maybe but prob not.
Yes, but getting in close without getting stabbed is really hard.
Here’s an actual example of modern HEMA folks giving it a lot of goes:
https://www.youtube.com/watch?v=uLLv8E2pWdk
I have a Cuisinart grind and brew, which is pushing a decade old at this point. Love the thing and will replace it with something similar if it dies before I do. But, I use Ubuntu on my server and Arch on my desktop. So, not this meme fits, but it is funny.
That sounds more like a feature than a bug. I remember when Twitter was actually useful. You could sort by “new” as the default and your feed only included stuff from people you followed. And then it went to complete shit with the sort defaulting to “fuck your preferences”, sponsored content and your feed being littered with click bait, paid content and all the other bits of enshitification. And that is all built on the algorithmic selection of content.
I don’t see in what way having a PSN account would make Horizon Zero Dawn safer on PC.
It’s safer for Sony’s stock price, as they can report higher numbers of people on the PlayStation Network and greater “player engagement”. What, you thought this was about improving the experience for the customer? No one gives a fuck about them.
Step one, take a deep breath and realize that, unless you own the company, killing yourself to save it is dumb.
That said, there are some things you can do to try and improve thing:
Learn to “talk business”. Yup, this one sucks, but it’s also the only way you are ever going to get traction. Take that Windows 7 system, why do you want to upgrade it? “Because security”, right? Well, how does that translate into costs to the business? Because, businesses don’t care about security. I work in cybersecurity for a large (Fortune 500) company and upper management has given exactly zero fucks about security for a very long time. They only started coming around when that lack of security starting costing them real money. They still give zero fucks about security, but they do care about risks to the business and what that might cost them. Having security and money linked in their heads means we can actually implement better security. You need to put the lack of security of that Windows 7 system in terms of dollars potentially lost. Something like the Annualized Loss Expectancy. If that box gets popped, how much would it reasonably cost the business to recover from? Is that something which you expect to happen once a year, once every five years? These numbers will be mostly made up and wildly inaccurate. But, the goal is to just get in the right ballpark. How does that cost compare with the cost to upgrade? What about other possible mitigating controls you could use to protect it? Does it need to have internet access? Could you VLAN it off into it’s own little world and keep it running with reduced risk? Give management the expected costs of that system becoming patient zero in a ransomware outbreak and then give them several options and the associated costs (upfront and ongoing) to secure it. Have multiple options. A high cost one (e.g. replace the box), a low cost one (FW and VLAN controls) and the one you actually want right in between (OS Upgrade). Managers are like children, they need to feel like they made a choice, even if you steered them into it.
Next, don’t try to boil the ocean. You’re not going to fix everything, everywhere, all at once. Get some small wins under your belt and prove to management that you aren’t going to break the business. Show that you aren’t just some greenhorn cowboy who is going to break the business because you think you are so smart. If you can make a plan for that Windows 7 system, show the costs involved and actually get the job done smoothly, then you might be able to move on to other things. Sure, you might actually be right; but, you could also end up breaking a lot of stuff in your quest to have perfect security (which you’ll never actually achieve). Take one one or maybe two things at a time. It’s a slow process and it leaves things broke far longer than you will like, but it builds trust and gets more action than just screaming about everything at everyone. Slow is steady, steady is fast.
Moving on, be aware that you probably don’t know everything about the business, and the business functioning is paramount. Why does everyone have local admin? Because that’s the way it’s always been and it has always worked. If you start pulling those permissions back, what processes get broken? This is a tough one, because it means documenting other people’s processes, many of which probably only exist in the heads of those people. How often are people moving around critical files using CIFS and the share. It’s fucking stupid, but there’s a good chance that the number is greater than zero. You pull local admin from people, and now work doesn’t get done. If work doesn’t get done, the business loses money. You need to have a plan which shows that you have considered these things. Design a slow rollout which phases local admin rights out for the users who are least likely to affect the business. Again, slow is steady, steady is fast.
And thins brings us to another point, auditors are your friends. No really, those folks who come in and ask you where all your documentation is and point out every single flaw in your network, ya, they deserve hugs not hate. You’re in healthcare, where does your business fall on regulations like HIPAA (US-centric but similar regulations may apply in other countries)? 'Cause nothing says, “fuck your wallet” to a business quite like failing an audit. If you can link the security failures of the business to required audit controls, that’s going to give you tons of ammunition to get stuff done. I’ve watched businesses move mountains to comply with audit controls. Granted, it all becomes “checkbox security” at some point; but, that is vastly better than nothing.
All that said, company loyalty is a sucker’s game. I’m guessing you’re early in your career and an early IT career likely means job hopping every 3 years or so. Unless you get a major promotion and associated pay bump in that time, it’s probably time to move on. Later in your career, this can slow down as you top out in whatever specialization you choose (or you get lured in by the siren song of management). So, there is that to consider. It might just be time to go find greener pastures and discover that pastures are green because the cows shit all over them. But, it can feel better for a while. Having your resume up to date and flying it out there usually doesn’t hurt. Don’t job hop too fast or you start to look like a risk (I stick to a 1 year minimum). But, don’t stick around trying to save a sinking company.
Along with that, remember that you don’t own the company; so, don’t let it own you. When you get to the end of your day, go the fuck home. Don’t let the business consume your personal time in actions or thoughts. If they place burns, that’s the owner’s problem, not yours. Do your best while on the clock, do try to make positive changes. But, killing yourself to make the owner just a bit richer makes no sense. The only person who is ever going to truly have your best interests in minds is you, don’t lose sight of them. Say it with me, “Fuck you, pay me”
So, where to go from here? Well, you sound like you have a good plan at the moment:
I am also looking into getting my Linux+ (currently only have my A+)
Sounds solid. If you care about security, let me recommend poking your head into the cybersecurity field. I’m am absolutely biased, but I feel it’s a fantastic field to be in right now. Following up the Linux+ with the Sec+ can be a great start and maybe the Net+. The A+, Net+, Sec+ trifecta can open a lot of doors. And you now have some IT/systems background, which I always suggest for folks (I look for 3-5 years in IT on resumes). As a lead, I get to be in on interviews and always ask questions about networking, Active Directory, email security and Linux. I don’t expect entry level analysts to know everything about all of them; but, I do expect them to be able to hold a conversation about them.
Good luck, whatever path you choose.
This “transformational technology,” as he says, will “accelerate the velocity of development and unlock truly novel game experiences that will surprise, delight, and inspire players.”
Oh look, buzzword salad. Apparently though, the Netflix execs bought it. Not that I thought that Neflix has any business trying to run a game studio in the first place. But, this sounds like the same sort of bullshit which has cause many companies to burn billions of dollars on “blockchain”. I suspect this “AI driven” drivel is going to end up in the same landfill as ET and NFTs.
The diver probably has some food on him, which the stingray is trying to get.
I visited Stingray City in Grand Cayman a lot of years back. Part of the tour package was that they gave you small squid to feed to the stingrays, and they would climb up you, out of the water for that snack. Also, there were a lot of stingrays in the area. We were instructed to shuffle our feet as we walked, to avoid stepping on one. The swimmer in the picture only needed to hang out for a bit before one or more stingrays would have come over, looking for any handouts.
That said, the experience of Stingray City was absolutely worth it. Between that, and snorkeling at the barrier reef, I have a lot of fond memories of my time at Grand Cayman.
War rarely decides who’s right, just who’s left.
Can we follow this up by murdering most of the generic Top Level Domains (gTLD)? I have yet to see anything except spam and malware coming out of the .top domain.
there wouldn’t be any reason to tweak and replace it all constantly.
There really wasn’t.
There is the legal concept of Mens Rea which has to do with the mental state of the person committing the act. And I think that applies in this case. Archeology has generally been about learning and providing knowledge of previous cultures. While the methods, mindset and actions of 18th and early 19th century treasure hunters left a lot to be desired, some of them did make some reasonable attempt at documenting their finds and preserving the context to provide that knowledge. Modern archeologists go to painstaking lengths to properly document finds and preserve as much knowledge as possible from finds. Grave robbers do none of this. Their motivations generally revolve around personal gain and they will destroy any context and knowledge in their attempt to make money.
Consider your own reading on the Valley of the Kings. Where did all of the information we have on the Pharaohs in those tombs come from? It’s from the work of the archeologists documenting everything found in those tombs. While there is certainly an argument for leaving things in the same state they were found in, that also means that the artifacts will continue to deteriorate and any further knowledge which might be gleaned from them will be lost. Sending artifacts to a museum isn’t all about putting them in cases for people to gawk at. It also means that actions are taken to preserve those artifacts and maintain them for observation and study in the future. Sometimes this does cause damage. Again, 18th and early 19th century preservation was often just as, if not more damaging than leaving those artifacts in-sutu. But again, the intention was to preserve, not enrich.
So, that’s how I would draw the line, based on the reason and methods used for the removal of grave goods. Is it done with the intention for the furtherance of knoweldge of previous cultures? Or, is it just done to enrich someone? And is the work being done using the current understanding and methods to best capture and preserve that knowledge for future generations?
While I would never support it, the main way to improve online discussion is by removing anonymity. Allow me to go back a couple decades and point to John Gabriel’s Greater Internet Fuckwad Theory. People with a reasonable expectation of anonymity turn into complete assholes. The common solution to this is by linking accounts to a real identity in some way, such that online actions have negative consequences to the person taking them. Google famously tried this by forcing people to use their real name on accounts. And it was a privacy nightmare. Ultimately though, it’s the only functional solution. If anti-social actions do not have negative social consequences, then there is no disincentive for people to not take those actions and people can just keep spinning up new accounts and taking those same anti-social actions. This can also be automated, resulting in the bot farms which troll and brigade online forums. On the privacy nightmare side of the coin, it means it’s much easier to target people for legitimate, though unpopular, opinions. There are some “in the middle” options, which can make the cost to creating accounts somewhat higher and slower; but, which don’t expose peoples’ real identities in quite the same way. But, every system has it’s pros and cons. And the linking of identities to accounts
Voting systems and the like will always be a kludge, which is easy to work around. Any attempt to predicate the voting on trusting users to “do the right thing” is doomed to fail. People suck, they will do what they want and ignore the rules when they feel they are justified in doing so. Or, some people will do it just to be dicks. At the same time, it also promotes herding and bubbles. If everyone in a community chooses to downvote puppies and upvote cats, eventually the puppy people will be drown out and forced to go off and found their own community which does the opposite. And those communities, both now stuck in a bias reinforcing echo chamber, will continue to drift further apart and possibly radicalize against each other. This isn’t even limited to online discussions. People often choose their meat-space friends based on similar beliefs, which leads to people living in bubbles which may not be representative to a wider world.
Despite the limitations of the kludge, I do think voting systems are the best we’re going to get. I’d agree with @grue that the Slashdot system had a lot of merit. Allowing the community to both vote on articles/comments and then later have those votes voted on by a random selection of users, seems like a reasonable way to try to enforce some of the “good faith” voting you’re looking for. Though, even that will likely get gamed and lead to herding. It’s also a lot more cumbersome and relies on the user community taking on a greater role in maintaining the community. But, as I have implied, I don’t think there is a “good” solution, only a lot of “less bad” ones.
Like many of the differences, I suspect that one came out of the attempts as English Spelling Reform, which took greater hold in the US. Ultimately, the process hasn’t succeeded, but it has excised some of inconsistencies from the English. Though, it has also led to some confusion, as in the tire/tyre case.
Even worse that acquisition links back to the Embracer Group. Hopefully KC:D 2 makes it out the door before Embracer full fucks up Warhorse.
The new seasons have been lackluster. I think one of the main issues is that the show did a lot to wrap up the majority of the main character arcs prior to the cancellations. Fry and Leela are the central characters, often trading off the position as the audience stand-in. And there is basically zero room left for character growth. We know how the Fry/Leela love story arc ends, we’ve seen it. Kif and Amy have also hit the end of their main character arcs. They are married, have kids, and mostly are settled into domestic life. Bender is Bender. A core part of his character is his resistance to growth. So, even when they drop a backstory on him and try to give him growth, it just feels out of place. That only leaves background characters to work with. But, since it takes the focus off the main characters, it makes things feel like a money-grab spin-off.
All that’s left is the sort of 90’s sit-com style, “story of the week” where nothing really changes and we all learn whatever moral lesson the writers wanted to foist on us this week in 22-minutes, plus commercial breaks. We all want “more Futurama”; but, I think the problem may be that there isn’t “more Futurama”. The stories are done, we just keep hanging on because of nostalgia, and the producers keep making it because of money. There are going to be good bits here and there. But, what we are seeing is what we are going to keep getting.
You have to get out away from cities. We get them in our yard every summer and our kids run about catching them.
Ya, in fairness to MS, Windows XP was a good release (post SP1, like most “good” MS releases). But, the fact is that MS is going to push the latest version, regardless of how ready it is for use. MS was hot for folks to switch to Windows ME. And holy fuck was that a terrible OS. MS also did everything short of bribery to get folks to switch to Vista (anyone remember Windows Mojave?). The “upgrade, or else” mantra has always been their way. Not that I blame them too much, it does need to happen. It just sucks when the reason for the new OS is more intrusive ads and user tracking.
It may be a case of laziness which has started creating a local dialect. This is one of the ways living languages change over time, people start sluring words and sounds together until there is almost nothing left of the original words and there is a new word in their place.