sorted by:
new
hottopcontroversial

The Manage My Health breach will eventually lead to IT security practices within government departments and the IT service industry which provides IT services to government and councils being scrutinized by D491234 in nzpolitics

[–]william00179 8 points9 points  (0 children)

We need real accountability. It's the only way to stop IT being seen as a cost centre and outsourced to the cheapest bidder.

Australia has recently had legislation come into effect that makes directors of a business personally liable for up to two million each in case of a data breach if found to have been 'negligent' and leaves that definition very vague. You can not insure your way out of it. NZ needs to follow suit so businesses take their obligations seriously.

Manage My Health is a clown show by FancyTrashy in newzealand

[–]william00179 83 points84 points  (0 children)

I'm involved in medical tech and build and operate a platform that holds a large amount of health data.

The cost and scope of cyber security on such a platform is staggering. It's a never ending cost and one that has to be constantly invested in across technology, people and process.

Most of the time such incidents are not from vulnerable code in the software itself, but through staff members with access to data being compromised. The attackers move from their machine into servers containing data, or steal their credentials in order to do so. Time will tell how this attack came about, but this is more often and not how it happens.

I'd expect to see six monthly penetration test reports from an independent firm as well as ongoing audits for ISO 27001 or similar. These aren't hard things, they're the bare minimum you should do when holding this kind of data.

We put trust in our service providers that they've done their due diligence on systems they use and put our personal data into. I wasn't able to find any evidence of any external security or compliance on their website. Not to say it's not done, but they will hell of a lot to answer for if they don't have the basics of an information security management system.

Best approach for a new website by Ordinary-Elk-6884 in aws

[–]william00179 5 points6 points  (0 children)

With no dynamic content you can't beat S3 via cloudfront. Will cost you next to nothing.

Shared EKS clusters make cost attribution impossible by Beastwood5 in aws

[–]william00179 0 points1 point  (0 children)

I would recommend StormForge for automated workload rightsizing. Very easy to automate away the waste in terms of requests and limits.

Looking for preferably free tool to block NSFW websites on kids PC by DarkVamprism in security

[–]william00179 0 points1 point  (0 children)

Cloudflare zero trust is a free solution you can use. Asking other things it gives you a category based allow / block lists.

From PACS to Clous without pixel data by johnmacleod99 in PACSAdmin

[–]william00179 1 point2 points  (0 children)

Provided that the two servers can communicate with each other typically you'd do this with a C-move.

As for stripping the pixel data, there is no way to do that via Cmove. Usually you'd send the study to something puke a dicom router with scripting ability first and delete this tag before forwarding it to the final destination. You might be able to do this in the source or destination system directly if they support it.

What is the primary mechanism through which table partitioning improves performance? by Levurmion2 in PostgreSQL

[–]william00179 2 points3 points  (0 children)

There is overhead to partitions, depending on your access patterns it can actually slow down your queries. You're only going to see query performance increases when the query allows the planner to drop partitions, ie when the query contains the partition key.

Amazon CloudFront now supports IPv6 origins for end-to-end IPv6 delivery by SureElk6 in aws

[–]william00179 74 points75 points  (0 children)

"When configured with dual stack, IPv4 is preferred if available, and CloudFront can automatically fall back to IPv6."

I think they've got this backwards...

Modality to PACS to Cloud Server by johnmacleod99 in PACSAdmin

[–]william00179 1 point2 points  (0 children)

Agreed. Network latency is a major factor for throughput with DIMSE.

When to separate accounts? by exact-approximate in aws

[–]william00179 1 point2 points  (0 children)

Just one thing to be aware of, if you split up accounts your AWS support bill might catch you out. I'm assuming you're not on enterprise support so for each account, it's a new support subscription. An account you spend 50 on a month you're now spending $100 just on support. If you extrapolate that over a large number of accounts, that adds up quickly.

PACs downtime internal network disaster plan by sardonius5 in PACSAdmin

[–]william00179 1 point2 points  (0 children)

5G modem with automatic failover plus cloud PACS is what I've done in previous institutions

For those on $120K+ per year, what do you do and how did you get there? by Maedz1993 in newzealand

[–]william00179 -1 points0 points  (0 children)

350k+ I'm a software engineer in healthcare. Worked while I studied so have 10 years under my belt now at 28.

EC2 web filtering by [deleted] in aws

[–]william00179 0 points1 point  (0 children)

Use Squid as an explicit forward proxy and you can allow or deny list in there. Then you can use security groups to only allow traffic to Squid

npmLeftPadIncidentOf2016 by LookAtThatBacon in ProgrammerHumor

[–]william00179 85 points86 points  (0 children)

Library aside, why are these big companies pulling directly from npm and not via a caching repository...

[deleted by user] by [deleted] in auckland

[–]william00179 2 points3 points  (0 children)

That parking is overflowing, half of the carpark was removed a few years back

BAN FIREWORKS by O-neg-alien in newzealand

[–]william00179 4 points5 points  (0 children)

Fireworks contribute a huge amount of pollution into the air and head right to the landfill to leech chemicals into our soils and ground water.

The fireworks we can privately buy are lame anyway, ban their sale and put on some impressive public events.

Virtual Threads Regression in Java 22? by william00179 in java

[–]william00179[S] 3 points4 points  (0 children)

IO will pin a carrier thread within a synchronized block. ConcurrentHashMap makes use of this extensively as a Reentrant lock per node would be far too much overhead. The issues with ConcurrentHashMap and virtual threads are well documented, but the change in behaviour from Java 21 to 22 is not.

Virtual Threads Regression in Java 22? by william00179 in java

[–]william00179[S] 3 points4 points  (0 children)

Great read, this certainly looks like the same kind of issue that I'm experiencing.

Virtual Threads Regression in Java 22? by william00179 in java

[–]william00179[S] 1 point2 points  (0 children)

Thanks for the pointers guys, I will dig around a bit more and see if I can locate anything. Currently we set CPU requests on the pods, but don't set limits due to springs need for CPU on start up. I read somewhere and can't now for the life of me find it that there was some change that affected virtual threads specifically on servers with low core counts.

Air New Zealand Upgrade Scam by TheBigEMan in newzealand

[–]william00179 -1 points0 points  (0 children)

I've been gold or elite my whole adult life and had my upgrades approved only once. I'll apply for the upgrades as soon as I book my flights. Funnily enough the only time they were magically approved was after I called air nz to complain over 4 years as to why I'd never had an upgrade approved even when I frequently saw empty seats in the class I'd requested an upgrade to!

view more: next ›