Hacker Newsnew | past | comments | ask | show | jobs | submit | more spydum's commentslogin

I'm sure that's true but I've worked with a lot of engineers that are of this caliber and as long as you can form a coherent logical explanation they will bend they're way more open than you expect. But you got to put in the work to make that argument. They won't take it on faith


It is an entirely different thing, gifted, highly experienced and confident in his assertions is quite frequent, but the cult-like following and status of personalities like Carmack or Blow can seriously alter their own self perception and importance.


Of course it can. It’s hard not to assume you are right if everyone keeps telling you so. I can’t really fault them for that. The challenge is to continue being right more often than not.


First, look at what they’re shipping, then decide the likelihood of them being right.

Maybe you know something they don’t; it’s actually very likely. But maybe what you think matters actually doesn’t at all and ultimately they’re right.

In either case, they were shipping, so best to listen and be prepared if you disagree.


The problem is when they acquire software or services you have dependended on for decades, hard to change some of that stuff. However, I agree: if this does happen to you, move very fast to put some distance between you and this company. They will bleed you.


it's not. I think there were some corner cases where the storage controller or SSD may use compression, in which.. the random nature of LUKS would cause more writes, but I'm not sure thats a real concern.


They have them, but not from a web interface. Probably will require talking to a human, and a service fee to retrieve the records from physical storage.


Would be a great idea, except they couldn't even operate WiFi with any stability (to which I heard was a LVCC problem, but I don't know that for sure).


Doesn't have to be wifi. There are many different ways to communicate. It's a matter of finding the best one. Unfortunately, the largest drawback is the potential for malicious/mischievous actors to interrupt them given the crowd. Something as simple as FM transmission, like at a drive-in, could be an option.


Could use Meshtastic maybe


this is probably why it never works - silly overcomplex ideas.

There's not even a need to create anything. Rent from a silent disco company. Done.


I think you may have a need to create a sense of humor. Perhaps you have heard about the Meshtastic talk at defcon by now.


Agree strongly that historical integrations were great. But cortex platformization of all the things has not been well received. But PANW is doubling down on it.

It's also curious because their firewall platform seems/feels totally separate from the rest of cortex still.

I will say, they do have a ton of coverage, more so than any other single vendor I can think of.


But the offerings are like “jack of all trades” and “master of none”.

These days software owners like AWS, GCP, Azure has there own superior security solutions embedded with in there stack instead of relying on external companies.

I think the same will happen for these AI based companies like OpenAI where they will release security solutions embedded within the model instead of relying on different external providers.

In one way these external providers bring in new security risk. Most of these companies offshore stuff. Like PAN offshores to India and Israel. This is an additional risk. Citizens of those countries have access US and EU data. Which no one seems to worry about.

Thats the reason, long run things are not looking good for these independent security providers. With the advent of AI, it is easy to embed security functions in their respective software stack.


There are quite a few who have. Ive worked in a google workspace enabled company on a chromeos device for like that last 6? Years. It works 95% of the things, but that last 5% can be frustrating: especially when it involves interoperability with a customers system. Now multiply that by 40000 employees.. that's a lot of help desk tickets.


There is also the what 5% and for whom and do they overlap? You may be missing 5% that 5% is really a much larger number orgnizationally.

Its the same theory behind the issues with the office toolbar. They find that people only use 5% of the buttons but there is almost zero overlap among millions of users.


Right? I thought the value of these vuln programs like hackerone and bugbounty would be you could use the submitters reputation to filter the noise? Don't want to accept low quality submissions from new or low experience reports? Turn the knob up..


Full agreement. Rdr2, Witcher 3, and mass effect trilogy for me.


You should try KCD2, can not recommend it enough


Yeah I get your skepticism, but this is really a huge issue in many industries. We are seeing it with an alarmingly high rate. You don't need a technical solution though, as the article points out, some stuff is just process change: In person final interview, gov issued ID checks, initial hardware delivery in office, etc.


I’ve also seen this pattern at a pervasive rate but I think it’s mostly shady overemployment / outsourcing agencies, with NK as a tag along. It doesn’t matter either way since the countermeasures are the same (besides the stupid meme KJU junk).


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: