Blog – Page 39 – Maverisk / Étoiles du Nord

Intermediate Golden Oldie

This time, it’s not a Friday thing. Must be due to Daylight-no-more-Savings Time or so. But without further ado, the Golden Oldie Pic of the Day, with much ‘better’ versions of the same being around, somewhere…:

Arms / race coming to an end ..?

When this is still necessary and (counter)^x-measures will continu to be developed, for sure, how will this little nugget of WP29 change things?
Because it has power. That may lead to a throwback. For how long? The harder the throwback, the longer to recover. But the more powerful will be that rebound ..? We’ll see. For now, canvas blockers are still the way forward, so implement them, right?

This post was brought to you as a public service announcement from the sanity of browsing for information security and privacy blog you’re reading.
But seriously, why is there so little analysis of the WP29-on-Profiling stuff ..!? And:

It doesn’t matter

A great many before me have discussed the merits pro and contra using contractors instead of perm contracted staff.
I will still give it one more go. Since lately, there has been some back and forth again about motivational issues and how certain is one in one legal contract situation compared to the other hence how motivated can one be and why the need to cater to so different audiences as ‘manager’.
The thing is
It doesn’t matter:

When investigating the differential motivators, one invariably ends up with the same motivators, and much the same demotivators (nicely depicted here of course still going strong, since tout a continué).
This, coupled with:

Financially, you’ll have to pay for income taxes (buy side yes), holidays, sick days, etc.etc. (welcome to Europe!) and all of the administration surrounding that when you hire someone on a perm contract. If you hire a contractor, not so much; all costs are for the contractor
You’ll also have to pay for continued education and a company car for perm contracters. For contractors, not so much; all costs are for the contractor
Add in a ton for pension contributions (we’re still in Europe). For contractors: Nope.
How about severance packages? (Oh, shouldn’t differ much…)
Going through the calculation motions, it is little wonder that fully loaded costwise, a perm contractor will cost you 2,5-to-3,5 times per hour what a contractor bills you
And your perm contractor is scientific reasearch confirmed actually productive for four (upper bound) to two (lower bound) of any eight-hour working day. Your contractor can only bill you for two hours slippage per day, at most
You can even expect to pay more for the above motivators when dealing with perm staff. Contractors behave more mature and don’t need as much of everything

clearly leads in one direction. Isn’t there a catch ..? No, only if you’re Mr Tax Man; then, you’re the one losing out. Otherwise, you as an employer can gain seriously even when paying out ‘huge’ hourly rates to contractors.

Remember that.

Your comments, please.

Mash-disappearance ..?

A shortie again: Whatever happened to the idea of ‘mash-ups’..? You know, the slam-together of bits and pieces of ‘other’ apps (-their functionality) to produce your own, with even better service delivery.
Just wanted to know; every now and then one tends to think back to the glorious days of (almost literally) yesteryear, when the newest of the newest trends would change the world and after a, despite the excitement over all the new things, good night’s sleep one tends to find that not much of the earth-moving improvements in human life have materialised. This being one of those things.

So, from all you Developers, I’d like to stand corrected …? And:
[Navigation (tool) at the edge of the known world; Ponta de Sagres]

Ziggo delivers tech cr.p (their own words)

In Dutch… De titel refereert natuurlijk naar de ingeblikte-ham reclame die vertelt dat er dusdanig slecht spul wordt geleverd, dat er een afgestudeerde-oude stijl van een (gezien de benaming kennelijk buitenlandse, Angelsaksische) technische universiteit (en qua studiezwaarte/diepgang liggen die ver vóór op algemene universiteiten) nodig is om basale connectiviteit te realiseren.
Het gaat zelfs zo ver, dat ieder element van die connectiviteit overal in huis wellicht een andere aanpassing of aanvullende oplossing nodig heeft (dát is waarvoor een ingenieur is opgeleid) om de basale dienstverlening te kunnen leveren!

Jawel. “De Ziggo-engineer blijft tot het werkt, overal in huis”.

Terwijl de concurrentie genoeg heeft aan het optioneel aanbieden van een monteur (iemand die monteert zijnde installeert en aansluit) en ziedaar alles werkt.
[Dit is geen goedkeurende audit-opinie over de bewering dat dat laatste ook daadwerkelijk zo is – maar het is wel de insteek en bedoeling…]

Dus… Neem Ziggo, óf iets dat werkt. Niet mijn ervaring (heb ik alleen met andere), maar hun eigen bewering ..!

Nou ja. En:
[Somewhere in France; tend to forget where.]

Norm over substance of risk management

Overheard: A major company in a relevant industry re infosec – and well-known for their good and even so recently much improved infosec posture – doesn’t follow the mantra of “risk management first, policy/standards second” but first sets some quite rigid standards and then, when vendors can’t deliver (even when the standards are strict but quite reasonable and doable), do some form of risk analysis plus compensating controls / acceptance or what have we.
Because otherwise, everything gets so mushy (hey, normal (?) risk analysis is business driven, what do ‘they’ know ..!?) that the end result is a chaos of quasi-accepted risk all on one huge unmanageable infra heap of backdoors and byways (those in particular) which results in zero security. And because this way, standardisation is encouraged and security plus manageability hugely increased i.e. big bucks are saved.

So, it’s an interesting High Baseline Minus approach. Though I guess you may have some comments, so take it away …:

Oh, and already:

[Maybe green, but not fond of blaugrana ..? M’drid]

Unread Ully

Somehow, I heard about this idea that Ulysses would be high up in the ranks of books that are either considered unreadable or no-one ever finishes reading it. Why …?
Digging a bit, I found big U high up in various lists indeed, e.g.:

In 2014, University of Wisconsin-Madison Professor Jordan Ellenberg invented the so-called “Hawking Index,” which uses Amazon e-book highlights data as a proxy for where people stop reading the books they’ve purchased. Some people use the highlight function on the devices and apps, and the unscientific-but-workable “Hawking Index” uses the assumption that if the most-highlighted passages are clustered at the beginning of the book, the book is more likely to have been abandoned. (The name refers to Stephen Hawking’s A Brief History of Time, which is ranked up with Ulysses for the dubious title of “most unread book of all time.”) On the other side, books with popular passages marked all the way to the end mean lots of people made it through the entire story.
So on this Bloomsday where does Ulysses truly stack up? Here’s a list of famous books and their scores on the Hawking Index, ranked from most-likely abandoned to most likely-finished.

Book Author HI Score Comment [ed.]

Ulysses James Joyce 1.7% [There it is though I can’t see why]

Les Miserables Victor Hugo 1.8% [Yes, possibly here when Hugo’s characters are like Anne Hathaway]

Capital in the Twenty-First Century Thomas Piketty 2.4% [Come on now, this book’s not even hard!]

Hard Choices Hillary Clinton 4.2% [Understandable; proably no-one has taken the time to try to finish it]

A Brief History of Time Stephen Hawking 6.6% [This simply is not difficult]

Thinking Fast and Slow Daniel Kahneman 6.8% [And this one’s easy for sure!]

Lean In Sheryl Sandberg 12.3% [DR; but did read that other one – Option B thank you – and that one’s easy]

Infinite Jest David Foster Wallace 15.0% [Obscure]

Moby Dick Herman Melville 19.2% [Strange]

Art of the Deal Donald Trump 19.4% [Totally understandable on this list]

The Great Gatsby F. Scott Fitzgerald 28.3% [Huh? Surely you’re joking, mr. Feynman! This is a page-turner!]

Portrait of the Artist as a Young Man James Joyce 29.6% [Joyce again. But not Finnegan’s Wake that also is doable of sorts?]

So, as you can see, if you abandoned Ulysses, you’re hardly alone. Likewise, if you didn’t quite make it through A Brief History of Time, which you maybe thought was brief and readable since it is just over 250 pages, let that weight off your shoulders.

There. But why isn’t Finnegan’s Wake on the list – it may be popular to call that Difficult but hey, we call that merely a challenge, right? It’s doable I can tell you!
And, same, for The Man Without Qualities, where I must say I’m into the third volume but still don’t see why it would be such a difficult read or hard-to-finisher as many have it. Is it because people lack stamina ..!?

Oh well. What’s on your Unfinishable list ..? [Mine’s blank…; ed.] And:

[I have no clue why this particular pic is here; Porta Nigra Trier]

You had no idea …

Did the one(s) behind this have any clue ..? Letting your biggest adversary by far, in on some source code like this ..?
Or, is it a. scareware-news, like, alt-fact fake news to placate some faction that might profit from confusion or FUD over this, in any direction …, b. just untrue, and Onion article slipped into the mainstream c. a ploy to get the Other to not see double-crossing ..?

Anyhow, it may not be the publicity one’d need – or playing on that trope …

Oh how great the scenario analysis is on this … And:

[Would you trust what’s served here ..? Amsterdam Zuid-Oost food (really?? ed.) court…]

Golden Oldie Pic of the Day

Yet again, this time a not quite that oldie one without further ado…:

[Ohw source … Something-Compa… Supportica IT company. Sorry!]

Fog(gy) definitions, mist(y) standards

If you thought that containers were only something to ship wine in, by the pallet, you a. would be right, b. would maybe have overslept on the new concept, c. would not mind I introduce the next thing, being fog computing. I’m not making this up as a part, or extension, of low-hanging cloud computing.
You think I’m kidding, right? Or, that I should have called it mist computing which is a thing already but only a somewhat different thing… You’re still with me?

Then it’s time to read up. And weep. Over this here piece that sets the standard, quite literally.

There. You see ..? Indeed low-hanging, as in the stack … That wasn’t so hard. But implementation will be, if required to be secure. Have fun, will TLS. Or so.

OK, this post was as it stated just an introduction to the IoThing – I was serious though about the Go Study part. Plus:
[Cloudy top cover, smiley backside of a place of worship; Ronchamps FR]