This sounds like a reeeeeally bad company doing shit work. Toronto? Which (pub)cloud is Canadian, anyway?

The five-assed monkey of cert lifetimes.

As useless measures go this will certainly be one; especially while CRLs are a thing.

This website is a blank page.

Ha ha ha.

I love how lennart’s cancer tries to replicate fucking syslog and it’s this bad. What a mess the kids worship.

Every part of what you just said can be encapsulated in proper packaging so you don’t even need to care – about pre/post upgrades, or even dependencies and checks before it starts.

The lack of a proper release is the absolute only thing keeping me from using it.

Bill Gates spent a lot of his pro years running a bad company quite well, and exploiting a dominant position in the market that any soulless biz guy would love to have.

He seemed to get a conscience around the time he stopped running the show, and seems to be different while not regretting his behavior in that phase.

I think we can decide he was a bit of a cock back then, while still noting he’s done some good work since. We are nuanced enough, right?

The installation workflow begs for supply-chain exploits. Given this and its oob install, it probably breaks iso27002 as well.

I’ll wait. NextCloud and OwnCloud both have 27002-compliant installs (the latter needs some review), so I need to stick with those.

The same can happen for maven, crates, gomods, and other.

Yes.

The problem is [intricate dependencies]

Nah. Dependencies are fine. The method of bringing those in and validating them is where the supply-chain risk accumulates. We knew better when we still had mentors.

Only a risk to those using npm; doesn’t matter where they exercise those bad dev procedures. Don’t quit using GitHub if you’re already okay with all the other issues it has.

Still container-dependent?

Sometimes, an app can be an app and not some hosted web service mess.

Remind me of the recent source ownership issue? I thought there was a “thanks for all the community work over a decade and we want to participate; oops now we own it” story.

This.

You install a virus scanner on your smb fileshare or your mail server, for instance, and pipe attachments through it to protect windows boxes. That’s the only sensible use.

Yet, idiots make policies like “all servers must have AV installed for safety” and thus some shit app sucks down all the CPU time and scans memory (ohai PCI compliance) just because the CTO doesn’t know what ‘less’ does.

OCIS is a modern app that is massively better since its written with modern languages / frameworks

Ah, the sparkle makes it better? I know a guy who made his RAM light up in his plexiglas case, and claims it made the computer faster. Same deal?

OCIS talks a good talk, almost suggesting it’s enterprise and scalable and such, but it still suffers from the same supply-chain risk that all the black-box container miasma does, and the same “just get your kerbal space shuttle launching and then you too can host this awesome simple install” math. The ‘single black-box binary’ isn’t a good fall-back measure.

Now, I realize I’ve cast aspersions on our holy neu-paradigm installation fad, and I get the downvotes. If people don’t understand why validation is an important part of the validation-proves-consistency-thus-reliability of enterprise build/release, that’s okay. Most people don’t know they even need proper releng practice anyway, but may react with downvotes. But we need to do better where it matters; and that’s a line that’s going to seem as arbitrary as a bedtime is to a tween.

Kaspersky isn’t there to protect us; just to fill a niche and create business for itself. Idiot nepo CTOs who don’t know better can be coerced to sign a fud-based invoice and then they make bank.

Npm says what? Random appimages and flatpaks would like a word as well.

It’s true we generally need no antivirus - so far every demand to install one is rooted in stupidity, including policy built by stupidity - but we’re losing the struggle to not install random shit like idiots.

Appimages and flatpaks frustrate validation and thus break iso27002.

Anything else?

This. If I pay the cost in frustration and anguish and soul-searching and demanding justice from an uncaring god, I want something for it. I want documentation. I want my lessons learned from the post incident review. I want something I can hack into mgmtConfig to make sure nothing else will do that too.

Struggling for no payoff is the absolute worst thing.

It’s amazing how a second or 5 at so many levels causes micro-frustration. And it builds up, too.

I admit I lose just a bit of my shit when the neu web-service web-apps get sluggish, which seems to be very often. Those of us who remember the halcyon days where things were responsive on a pentium know better than to accept the current mess.

My tolerance for the poor performance and saas-linked core services is rapidly waning.

What you get is something with an acceptable warranty and maybe some support.

What you then realize is what you DON’T have on your consumer gear.