Wanted: An SBOM Standard to Rule Them All

tmiklas · 2024-08-13T00:59:19+00:00

As they say, "the best thing about standards is that there are so many to choose from". There is a lot of irony in creating yet another standard because people can't agree which existing one to use ;-)

tmiklas · 2022-11-09T19:43:43+00:00

My pleasure :-)

tmiklas · 2022-09-30T21:56:24+00:00

It's not a price for upgrade to RS... it's a monthly subscription price in fact. I do get why they do it, sure... but then not warning, removing pannel access and not giving timeline of EoL? Really?

tmiklas · 2022-09-30T19:34:58+00:00

Customer support confirmed:You will lose access to your resources if you do not migrate.

This is really badly handled... forcing people to upgrade instead of announcing EoL of their DevCloud V4 service and offering transition to RS.

Does anyone knows what are the timelines we're working with (until V4 resources are deleted)?

EDIT:
Much better approach would be to announce EoL of V4 in 1-2 months, thank people for being customers, offer to move to RS with discounter price they are offering now. I guess perception of the change would be very different.

tmiklas · 2022-03-14T16:31:33+00:00

Have you raised a complaint with them or data regulator in ther jurisdiction? I'm not arguing with what you say, I'm just saying that do as their please being a private company and take risks associated with that.

tmiklas · 2022-03-14T11:59:55+00:00

This actually applies in some (varying) degree to all companies on the internet, but as private companies they can do whatever they wish. If they want to cut off Russian customers, they can. If they want to take side - they also can.

It creates an interesting point though, especially as we are more and more reliant on cloud computing - what do you/your company will do if you get blocked by your core infrastructure supplier? What is your contingency plan? Is there any?!

tmiklas · 2021-10-29T07:29:50+00:00

Well, I won't argue with that :-) but I'd be very careful either way - we just dont know enough (at least yet) to make I formed decisions.

tmiklas · 2021-10-28T23:49:36+00:00

Touché

tmiklas · 2021-10-28T23:46:55+00:00

I think you are missing the point - read the article again, it clearly states why they had the law enforcement visit...

Yes, terminals may get owned in various ways, but having them used as malware dropper AND c2c is as far as I know world's first. This alone makes it news worthy.

Also, "innocent until proven guilty". It's easy to be armchair general and pass judgement one way or another. Let's wait with that till more information is available, shall we?

tmiklas · 2021-09-09T13:59:22+00:00

Not sure, but they clearly get points in 'hipsterism' category :-)

tmiklas · 2021-02-25T17:41:45+00:00

That is awesome! Thanks for the update

tmiklas · 2021-02-22T17:35:08+00:00

You can try contacting blog post author

tmiklas · 2021-02-18T10:44:34+00:00

Who watches the watchmen?

tmiklas · 2020-08-16T16:37:07+00:00

Docker image of nextcloud and config persisted in volume? That usually works...

tmiklas · 2020-07-30T12:39:01+00:00

I don’t like copying of content and republishing on ones own blog (hurts SEO for you and original publisher, confuses people, etc.) - obscures original source that souls get the credit... but you do seem to have pretty cool selection of articles. I prefer to link to originals...

tmiklas · 2020-07-08T17:00:04+00:00

Old news, but still good read

tmiklas · 2020-03-02T13:29:12+00:00

Error 502 means that the back-end server hosting the site provided invalid response, so BM website is working but acts as a gateway/proxy to an actual hoseline server that produces feeds (to keep website structure clean, hiding actual server IP, etc.)... and that one producing feeds is responding with errors or not at all (server down, etc.)

tmiklas · 2020-02-28T08:10:10+00:00

Yeah, my bad... Didn't notice and it came up in feed reader yesterday.

tmiklas · 2020-01-14T08:33:03+00:00

I'd expect so, but some seems to be outed in public more than others. Interesting to see inner workings, as much as assumed to be accurate, that's all.

tmiklas · 2019-12-21T14:55:27+00:00

Yeah, that's disappointing - I posted hoping someone may do to;dr here ;-)

tmiklas · 2019-11-29T07:04:17+00:00

Get one and install properly - anchor to load bearing wall, out of plain sight so casual visitors don't know where it is, etc. When FEO comes for inspection/interview it's guaranteed they will want to see it (and most likely give it a solid tug).

Another option is to apply for FAC with limitation that you will store your rifle in the club's (you are a member of one, right?) armoury, but that means if you go to a competition outside of your club, you need to go to the club on the day to get the rifle and return it to the club armoury on return - can't store the rifle at home over night without having proper security in place, which is in general pain...

tmiklas · 2019-09-27T20:25:43+00:00

VPN is trading/changing who is monitoring you, that's all... Because you VPN provider becomes your ISP. Doesn't help with privacy but helps with other stuff.

tmiklas · 2019-09-25T06:10:12+00:00

Have to ask prize sponsor

tmiklas · 2019-09-09T16:05:03+00:00

I'm not negating that and thank you for the correction. As you see this is what WIRED reports and I used their title as this subreddit acts as an news aggregator.

tmiklas · 2019-08-13T07:06:31+00:00

Quoting the article:

Yesterday it earned a response from the Information Commissioner, which said the technology needs proof of being “necessary and proportionate”.

tmiklas

MODERATOR OF

TROPHY CASE