You can set this with Windows' default firewall. Setting to strict mode with
no whitelist causes a UAC alert every time a process attempts communication.
I know about product placement and certainly don't care for it. It isn't intrusive to me as I can just ignore it while getting the information I want. Additionally, it is clearly not the same.
I cannot ignore an individual talking about NordVPN for 3 minutes.
Those examples blend in a lot better than most YouTube sponsors. I don't mind subtle product placement. Those didn't even name the product out loud, they just showed it off a bit.
It is a deliberate oversight, the author picked metrics and test based on the result not the other way around. Even the first test (# of jobs per location) should be adjusted to jobs per population or something else since most people value diversity in their social circles.
This is the inverse of accurate, uBlock Origin already has a MV3 extension in progress (beta at https://ublockorigin.com/ top middle of the page). As others have noted, uBO is not even named in the Google releases, this applies to all MV2 extensions.
Annoyed they are barrelling ahead with this still, but not an attack on uBO or ad-blockers directly. Seems like they even made some changes to service workers to enable ad-blockers as well.
Perhaps gorhill will weigh in with more comments if he sees this. Curious if any of their changes to MV3 actually moved the needle on the issues previously identified.
I am not sure the ideal solution here. I do not like data caps in theory or practice, but I can see the CSPs thinking here: get paid for network usage somehow.
It just seems absurd since they are monetizing every part they can (insert capitalism is to drive revenue to shareholders rant here) that is wholly owned by each customer. VMs, IPs, disks, and databases are easy enough to say who owns what. But after that, the networking should be a shared service that is amortized by other product billables.
There is no real incremental cost to sending data in/out of CSPs so this feels like pure profiteering. They need networking for stuff to work, the fiber is already there, and they are billing for network resources. It is getting blood from a stone and reducing ability to flea, errrrm, migrate.
Maybe we return to the old days of mobile service and texting schemes. Free data ingress/egress on nights and weekends (or whenever traffic is less).
Perhaps it's less about billing and more about disincentivizing excessive use? Even if the service is free, it's not infinite and is ultimately a shared resource that should not be monopolized.
This looks incredible with the local search and context awareness. Curious if there is a comparison to other tools like photoprism about the advantages of Immich
As a internal security person (now a consultant for third parties): your approach is interesting, but still fails where all security tools do, who is going to install the agent on every box. The reason why every asset tracking solution is incomplete is because they are trying to correlate agent data and platform data. This is exacerbated by cloud computing since resources are much more transient and new servers lack gating by a governance org.
Complex AV tools are cool but they are so far down the chain of actually exploited vulns, they are not super useful most of the time. Usually the vulns used are old and just unpatched (check the latest DBIR data to see average age of exploited vuln). So a lot of time and effort goes into cajoling teams to update packages and having them say "we don't even call the vulnerable function."
My biggest issues:
-Asset inventory (SANS Top 20 #1)
-Software inventory (SANS Top 20 #2)
-Tagging of ownership (what does this box do and who do I call if it goes bump in the night)
To answer your other questions:
-Yes, but that is because we created it
-Yes, but only because we have tooling to do it across cloud envs
-No, we only look at deployed bins
-Signature based
-Getting useful code deployed to a box is hard enough, unless there a RCE this is so far down the list of threats on our threat model
-No idea, I assume pretty good since we use MITRE references, but making sure those are accurate to what we find is tough
>The only possible purpose of making laws like this is so that the state can try to enforce some remedy whereby we're told how much we have to or are allowed to pay someone. Who in their right mind wants to sign up for that kind of risk?
How is this the logical conclusion you arrive at? Do you as a company not have a salary range for headcount? Do you not expect prices to be posted by your vendors leading to a lack in informational symmetry and haggling during every routine interaction?
Imagine if your landlord could arbitrarily raise your rent an untold amount with no notice. You of course have options, move or negotiate. But the informational asymmetry means it is harder for you to know if you are getting a good deal if every other landlord is listing their rent as $1-100000 per month or not telling you until after you spent the time checking out the property only to find it is way outside your budget.
The time cost of candidates finding your job, doing some basic research, prepping for X rounds of interviews, possible homework, dealing with hiring managers/ recruiters is insane once you figure folks usually apply to multiple jobs. Why not just tell them up front the salary like you do for role expectations and company culture drivel? Posting honest salary bands is fine to me, say seniors will get $100-150k or whatever, but the article shows clear malice towards any legitimate transparency up front.
But in pretty much all cases, the renter incurs possibly substantial costs in time, money, and general well-being. So the mere act imposes a cost on the renter, even if the renter never pays the landlord an extra cent. Landlords know this, and if they can estimate those costs, they are able to increase rent freely as long as the present value of the rent increase is still less than the cost of moving and/or getting a lawyer. Employers have the same power, especially in tight labor markets.
Whether or not posting salary bands for a given position is a good idea or not a good idea, It rubs me the wrong way that a state government somehow imagines it has the authority to mandate this. And for what purpose? Why does a state make a law if not to enforce some as yet undefined remedy? What will this remedy be? I don't think we know yet but I for one do not want to find out. I have enough other problems to be concerned with.
There are 2 boxes in front of you each containing a tasty red apple. One of those boxes is filled with barbed wire, razor blades and broken glass with an apple in the middle. The other is just an empty box with an apple in it, and it happens to be priced lower.
The reason for the regulation is the same reason that a lot of regulations are made: companies refuse to do something that’s one of good/common sense/not evil unless they’re absolutely forced to.
The unwillingness of some to comply with the spirit (posting absurd ranges) of the law shows how there is no chance the information asymmetry between worker and the potential employer would be fixed by letting the companies do as they will.
What possible hazards do you honestly feel the WA law is leading to?
I’m all for it. Less for tech workers and more for blue collar workers who don’t have nearly as much career mobility. Having them able to understand the current wider market when looking will only help them get better and more livable work.
> during the GPU shortage where gamers who build systems with AMD chips were left unable to use their PC
This comment baffles me, both AMD and Intel have CPUs with onboard graphics and those without. You even noted the integrated graphics a sentence later.
If anything, this is more evidence that AMD is following the Intel playbook by having that integrated CPU/ GPU architecture plan.
>This comment baffles me, both AMD and Intel have CPUs with onboard graphics and those without. You even noted the integrated graphics a sentence later
Why does it baffle you? AMD has only been selling desktop chips with integrated GPUs only for a few years now (they called them APUs), and their APUs were not that stellar at either the GPU or CPU part due to compromises on both parts.
Most of the successful Ryzen chips AMD was selling for the desktop were exclusively without integrated GPUs, to save die space and cost, which hurt PC builders during the GPU scalpocalipse, while on the other hand, Intel's almost entire CPU product range for desktops had integrated GPUs for over 10 years now, enabling PC builders to at least use their PCs until a dGPU could be available.
Sure, Intel sold some CPUs without iGPUs but those were very few SKUs in comparison. Similarly, but in reverse, AMD also sold some Ryzen CPUs with iGPUs(APUs), but those were very few SKUs as their CPUs were weaker than the non-iGPU SKUs, and their outdated Vega iGPUs were pretty weak even compared to Intel's Xe.
So that's the major difference between Intel and AMD that was a game changer for many: Intel shipped most of its chips with iGPUs for over a decade while AMD did not, meaning you always needed to buy a dGPU, and if you couldn't, like in the past ~2 years, well ... good luck, your new tower PC is now an expensive door stop.
AMD's Zen 2 Apus were not made (widely) avaialble at retail, and Zen+ APUs only went to quad core. If you wanted 6 cores and an integrated GPU, you had to buy Intel or from Aliexpress or wait until August 2021 for Zen3 APUs to launch. The two 4650G chips I got in late 2020 work great, but having to call my card issuer to get them to turn off all fraud production for an hour so I can get an order in wasn't ideal.
