My First 5 Minutes on a Server, by Bryan Kennedy, is an excellent intro into securing a server against most attacks. We have a few modifications to his approach that we wanted to document as part of our efforts of externalizing our processes and best practices. We also wanted to spend a bit more time explaining a few things that younger engineers may benefit from.
There's no industry, no organization and no classification of software that is immune to the predatory antics of hackers. Personal information, corporate data, even high-profile social media accounts are under constant attack. Any server system accessible from the Internet is not just a potential target, but an actual target. When Microsoft first starting working on their Windows 2000 software system they wanted to see how well it would resist attack. To test this, they put a few servers onto the network and waited. Within hours the attacks began. We conducted the same experiment in 2016 and it took less than 60 minutes for the first brute force attack to come in from overseas.
Welcome to the Chronicles of George. This web site is a collection of helpdesk tickets from the support database of my first IT job, written by a person whom I will call George. George is, quite simply, the worst helpdesk technician ever. His grasp on the written word is shakier than a canoe full of epileptics. His knowledge of computers is thinner than a Vegas dancer's chiffon underpants. He is, by all standards of intelligence, a rock."
The stereotype of the socially-awkward, white, male programmer has been around for a long time. Although "diversity in tech" is a much discussed topic, the numbers have not been getting any better. On the contrary, a lot of people inside and outside of the IT industry still take it for granted that this stereotype is the natural norm, and this perception is one of the things that is standing in our way to make the profession more inclusive and inviting. So where does this image come from? Did the demographics of the world's programmer population really evolve naturally, because "boys just like computers more"? What shaped our perception of programmers? This text is about some possible explanations I found when reading about the history of computing.
Representing symbols, characters and letters that are used worldwide is no mean feat, but unicode managed it - how? Tom Scott explains how the web has settled on a standard."
A web app that works out how many seconds ago something happened. How hard can coding that be? Tom Scott explains how time twists and turns like a twisty-turny thing. It's not to be trifled with!"
With the HoloLens Developer Edition starting to make its way into developers' hands, Microsoft has at least eased up on the restrictions, and earlier this week I was able to use the device for a couple of hours on my own; not in a tightly scripted, controlled environment, but without any supervision at all. And for the first time, we were allowed to take pictures and photographs when we did.The hardware itself hasn't changed a whole lot in the fifteen months since Microsoft unleashed it on the world. Even at that announcement, the company had a model of how the first production units would look (though the prototypes we played with were altogether more bulky and uncomfortable), and when I used the hardware a second and third time, it more or less matched that design. An adjustable band fits around your head, holding the thing in place, allowing the working parts to be adjusted up and down and back and forward to find a comfortable position.
So how can a developer work in a world of vague security requirements and unknown threats? Advocating for defining those requirements and identifying those threats is a worthy exercise, but one that takes time and therefore money. Much of the time developers will operate in absence of specific security requirements and while their organization grapples with finding ways to introduce security concerns into the requirements intake processes, they will still build systems and write code.