Anthroprogenic climate change is absolutely real and on a scale not seen in millennia. But it's still wild to think how many times humans have experienced dramatic climate shift.
Also interesting that this is generally a prelude to a collapse in civilization
My question is, how do Env0, Spacelift, and other Terraform automation and collaboration tool vendors make money if they make OpenTofu so good that it's preferred for 95% of folks out there? Do they fight over the support money scraps?
Env0, Spacelift, and (my company) Terrateam compete with Terraform Cloud not Terraform. Terraform and OpenTofu are CLIs that turn HCL code into living infrastructure. The business model of these offerings, including TFC, is to provide the layer most organizations need above that, such as collaboration, interfacing with VCS, etc.
A fairly unrelated point, but its so strange how companies that underpin a lot of the internet struggle in the stock market. While we all wish we had sold our tech stocks in 2021, Cloudflare still hasn't recovered.
Cloudflare has a very dysfunctional sales pipeline. Their free, premium and self-serve offerings might underpin the internet, but the highly profitable offerings that are gated behind their sales teams are not getting sold. Too many of the clients that they should be selling to.
Magic Transit (bring your own ASN), classic website DDoS protection (above the Business $200 tier, which has low, undisclosed data limits in regions like New Zealand) and ilk all require interacting with the sales rep, and unless your paying 5 figures a month they are disinterested.
There is a whole market out there between $300 to $2000 a month that Cloudflare could tap without making new infrastructure but is actively being ignored.
Not to mention they have on multiple occasions made significant internal changes (including layoffs) to their sales organization. I have a feeling if the public were to get an introspection into their sales pipeline it would be eye opening, and not in a good way
I believe Cloudflare (and many other cos like it) have never produced operating income. They are growing and obviously important and potentially very profitable in the future, but when discount rates are much higher and you add in some uncertainty, one could argue they don't look as hot as they used to.
It is bizzare. All the old guard foundations of society type companies that the world relies on for modernity have stocks that barely budge but pay out decent dividends. Maybe tech stocks that have grown to such a position should consider paying out dividends instead of failing to chase exponential stock price growth while still clearly doing a lot of productive things. I expect the shareholder boards prefer the chance of exponential wealth over steady returns and prevent this mindset from emerging.
A lot of the things they've built on and will maintain through (I imagine) many engineering hours, are already features in Terraform Cloud. The implementations in TFC are better than the competitors as well.
The problem with "implementing a zero trust architecture" is that it's framing an ongoing process as an end state. You'll see the same disappointment that people saw when they decided "we're going to do DevOps".
I thought that "Shift Left" was going to be the new DevOps buzzword for security groups, but I liked that because it implied an ongoing process, not a "we're going to become perfect and fix this once and for all".
Google's BeyondCorp - the precursor to zero trust architecture - said you need to secure three things: users, devices, and application policies. Your security teams are probably already aware of many of good tools available to secure the users and apps, but the device security piece has very weak tooling even today. You may have heard of MDM software. No one wants to use it.
One of the problem's with MDM software is that corps want you to login and use your personal phone, I guess to save costs, and to make it easy for you to do work out of your regular business hours.
If a company asked me to use MDM software and set themselves up as a device owner on a phone I purchased and used every day my answer is: hell no
If they want that, they can buy me a phone, and pay for the mobile/data plan. I've worked places that have done this, having 2 phones is a pain, but you only use the corp one at work or if you're oncall.
BYOD support without having everything managed by the company is a pain point Apple and Google are trying to solve.
For Chrome, it will perform a very intrusive popup whenever you log into an extra Google account to get you to use a different profile. If you say yes, that new profile will be governed by the administrators without them gaining access to the entire Chrome browser.
For Android, there are 'Work Profiles'[0], however I haven't tried this and I wouldn't be surprised if it breaks fundamental parts of Android and/or it's disabled on certain OEM Android makers.
For iOS, User Enrollment[1] is a thing.
The main problems I see with these solutions is that they add a lot of complexity to MDM configurations, so chances are the organization will either go without MDM, or ask you to set up your device under full MDM. Under the second scenario I would suggest purchasing an extra phone just for work - this also helps with the possibility of an internal investigation, or even subpoena, asking for access to any phone with work data on it, as chances are they won't limit searches and data exports to data stored in your work profile.
At a previous company I declined the "perk" of the company paying for my phone plan, because it required giving them control over it. I was mostly worried about losing my phone number accidentally upon parting ways.
Nowadays, Android can have a Work profile that your company can control (and wipe, for example) that doesn't affect your personal stuff. It's actually convenient because you have a separate instance of Chrome, which is a good workaround for mobile Chrome not supporting multiple profiles inside the app like the desktop version does.
I just like that there will eventually be a big shiny C-level-friendly website that I can show my bosses, that they can show their bosses, so we might actually get funding to start working on Zero Trust. Nobody cared about BeyondCorp but they might care about NIST.
People get into all sorts of trouble trying to reason axiomatically about "Zero Trust". It's definitely a problem with the term, and a strength of "BeyondCorp"; BeyondCorp can only mean the one set of things, because it's meaningless outside of Google's branding. But everyone feels like they can work out what "Zero Trust" should mean. So the first thing you have to do is, you have to rewire your brain to read "Zero Trust" as the marketing term of art that it is.
The OMB ZT stuff is a reaction to USG breaches, and I think in particular the OMB hack. There's a "before" state and a desired "after" state.
In the "before" state, you're one of the 2.1 million federal employees, and you start your day by inserting a PIV card into a reader, and with that, you're given access to an intranet that in turn gives you access to a bananas number of different things that nobody can keep track of or secure.
In the "after" state, each service is responsible for establishing its own tight trust boundaries, and instead of providing a network dial tone that people mistakenly assume is a proxy for trust, the USG infrastructure provides you with end-to-end authentication for requests regardless of the network you're using.
As far as OMB and NIST talking about ZT goes, the major problem you're trying to solve is that there are a zillion federal agencies --- way more than you think there are, like you know that there's a Department of the Interior, but also under Interior there's a Susquehannah River Basin Commission with 100 employees, and there are other agencies that have like 4-5 employees. And what you're trying to do is provide a security strategy and a toolbox and a set of best/worst practices that you can apply across all of these organizations, to replace what I understand to be the status quo ante strategy of "stick it on the VPN, pretend we've kept it off the Internet, and call it a day".
The other important subtext to all of this is that there's a huge give and take between USG and industry, where USG tends to take its lead from what's happening in industry, but it also participates in the industry in that it is one of the largest customers for technology products, so the industry is intensely interested in what it does. So when USG decides to demand "Zero Trust" for its agencies, and sets out a standard set of requirements for ZT, industry goes nuts making sure their products are responsive to that standard.
The good thing here is that the OMB memo is smart, and ZT as construed by the current administration's IT people is a pretty good baseline security strategy, so in this one instance the USG is being a force for good, in that it's aligning a lot of industry work around a strategy that people should be seriously considering adopting anyways. And I think there's pretty broad recognition/agreement about that in the "security community" (hate that term), so when USG (here: NIST) does some big new thing about ZT, it gets a lot of positive attention.
I'm kind of unclear how the device part is supposed to work. Let's assume the work laptop is fully locked down, and employees' personal laptops are completely compromised with each keystroke sent directly to ransomware rings. Are you supposed to block your employees from logging into your SaaS apps and internal web apps from their personal devices? What's the mechanism for that?
You generally run an agent on the client machine that verifies machine identity and configuration as part of authentication. Beyond identity is an example.
Agents on the client can’t really be trusted unless there’s a secure boot and only authorised software is running - at which point it’s not really a personal device any more.
A lot of the pictures have some bright stars with 6 long lens flare like points coming out of them in a consistent pattern. Is that because of the hexagonal shape of JWT's lenses/mirrors?
That's quite exhaustive, but it makes me wonder why isn't anything done to correct for that. Like for example instead of taking one 15h exposure, why not take three 5h exposures and roll the telescope 5 degrees in between, then median filter out the artefacts?
Mainly because it doesn't matter. They're not looking at the stars in the foreground, they're looking at the background which is much further away. The diffraction pattern is actually super dim -- those foreground stars are just very bright due to the exposure.
It took like 5 months to cool web to operational temperatures rolling the telescope would create so much heat all new images would be useless until it cools down again.
That makes no sense, they have to rotate it every time they take a picture otherwise they'd be looking at the same spot all the time. Motors don't emit that much heat and neither do torque wheels.
Though I suppose now that I think of it, it's possible the main mirror assembly actually has no built in roll control but only pitch, since the yaw part could be done by moving the entire telescope while remaining shaded. I've never seen any videos showing the full movement, but the previews for LUVIOR show it having full 3 degree articulation relative to the heatsink segment, so I assumed the Webb also has it given that they're extremely similar designs.
> otherwise they'd be looking at the same spot all the time
It's in an orbit around L2, so it's not statically positioned in space. L2 also moves with the earth around the Sun, so it's not statically limited to any one region of the sky.
LUVIOR is not web. Web doesn't have articulation like LUVIOR its fixed only the mirror segements move. also they don't rorate everytime they take a picture there's limitations beacuse its an infered telescope. https://jwst-docs.stsci.edu/jwst-observatory-characteristics.... Web also has a field of view 15x hubble
I think you also had a similar comment and linked the same article under the previous topic about JWST's first image?
The article is very informative, but my read of it is different: the three major "spikes" are in fact due to the hexagonal shape of the mirrors and how they're laid out. The struts also add three spikes, but: two of them coincide with the mirror spikes, while one of them (from the vertical strut) is visible on its own, and causes the smaller perfectly horizontal spike.
The image I'm basing this on is in your article with a caption starting from "The point spread function for the James Webb Space Telescope" [1]
From the other comments, I understand why it's there, but i wish they would photoshop them out.
The images take on a more synthetic and fake quality when the technical physical man-made constraints of our telescope get projected out onto the natural very much NON-man-made universe.
Yeah, it's the hexagonal shape. The objects with the 6 diffraction spikes are overexposed compared to the rest of the objects in the picture, so they're generally brighter and/or closer objects.
"The simplest answer is that economic growth occurred only after the rate of technological innovation became highly sustained. Without sustained technological innovation, any one-off economic improvement will not lead to sustained growth."
I'm also thinking about the future here and even with a deceleration of innovation, as long as more countries start declining in birth rate, it still means better standard of living for the rest of us. Population growth can drive an economy, but it also eats up the money flowing out to people.
Of course there's also the very-unequitable distribution of wealth in societies to consider too.
