> Even if you don't notice the pot being boiled there are those of us that do.
Tangent: To me that sounds like a reference to the "frog boiling" story. This has been debunked [1], a healthy frog will not remain in a gradually heated pot of water. We need a better analogy for this.
I'm aware, but it's the understood turn of phrase at present. Similar to "tree shaking" which people started pushing back against at some point and I've no idea why because if it conveys the point then who cares whether or not farmers do it?
I get your point, but according to [1] ASML was a bad example.
There is no kill switch which might be pressed only under circumstances that may never be "adapted to current situations". So who does said plow belong to?
Regardless of whether there's a kill switch or not, it's really not practical to operate any advanced ASML equipment without ongoing support from the vendor.
This is pretty much the F-35 argument. The US may or may not have an immediate kill switch, but they 100% have a logistics kill switch that can be triggered with a weeks-to-months delay.
Yes, thank you for answering. The textures are free to use, but the URL should only be used for prototyping. Here is the website: https://www.transparenttextures.com/
> I am a bit confused on the "bypass" though. Wouldn't the adversary need push access to the repository to edit the workflow file? So, the portion that needs hardening is ensuring the wrong people do not have access to push files to the repository?
I understand it that way, too. But: Having company-wide policies in place (regarding actions) might be misunderstood/used as a security measure for the company against malicious/sloppy developers.
So documenting or highlighting the behaviour helps the devops guys avoid a wrong sense of security. Not much more.
The community edition is not robbed of its value by this move. They provide a CLI tool (mc) for those admin tasks which previously could be solved via dashboard.
I have several minio instances deployed to k8s for small to medium, and non-profit projects. Easy to deploy, no problems or outages, yet.
But anecdotally i remember multiple occasions, where a quick tour of the dashboard convinced peers, that minio was the right tool for the job.
From my point of view it is much more questionable, that they "dare" to advertise the paid version with a 96.000 USD p.a. "platform fee" plus additional cost if you use more than 400TB. Small fish need tools, too.
Although not explicitly stated, i read previous comments as using dick.less@privateequity.com to cancel his personal Netflix account. (Let's say that privateequity.com allowed personal usage of company email.)
I see a difference between accessing an email account and impersonating the previous account holder.
One of my school math teacher had the same approach in another way: We were expected to use greek letters, not latin ones.
Same reasoning: It showed us kiddos that the letter was insignificant compared to the concept expressed by the letter.
So my take would be: Your friend taught the students for the first time what they were actually doing while handling equations with "a letter in it". That is no problem of algebra in itself. It just means their previous teachers sucked.
"Unreliable" is a bit harsh - the problem arises imho not from the websocket ping itself, but from the fact that client-side _and_ server-side need to support the ping/pong frames.
Tangent: To me that sounds like a reference to the "frog boiling" story. This has been debunked [1], a healthy frog will not remain in a gradually heated pot of water. We need a better analogy for this.
[1] https://en.wikipedia.org/wiki/Boiling_frog