|
Of course there are long time, well known items like iText7. But I am going by the original CodeProject topic today stating that there is a lot of time/money needed to secure open source.
I use javaScript in web apps. It's open source, but it's been around for years and comes from a single source. Plus, it's a language, not a tool/component. Apache has been around for years as well. And PHP, well let's just say it has a beard.
There's a lot of stuff out there, as you pointed out. The creators make it sound good, but just who are they? Too many people see free and drool at downloading it.
|
|
|
|
|
Member 14840496 wrote: Open source adds another layer of unknown code into an application
...and closed source is "better known"?
Or are you saying you bury your head in the same and assume commercial, paid-for, closed source is inherently secure and you don't have to test it?
|
|
|
|
|
Ummmm...yeah.
VS has been around for over 20 years.
Sure, there are some open source that has been around for several years, like iText, Apache, etc. But there are tons of freeware out there that I would never touch, especially in an enterprise environment.
|
|
|
|
|
Member 14840496 wrote: VS has been around for over 20 years.
...and every new version introduces a new set of bugs. It's a running joke around here at least on CP.
So what are you trying to say here?
|
|
|
|
|
Slacker007 wrote: If you find open source code that fits your needs and through rigorous testing and analysis you have determined that it will work fine in Production, then I do not see the big deal.
Until you have to go through that entire process again when a component is updated. Then it becomes a big deal to the C-Suite folks.
The flaw in open source is that no one, and I mean no one, has a good dependency map of the open source in their systems. This translates into a component multiple layers down being updated for a security flaw and the users of that component don't even know it's in their systems. This is why the Log4J bugs are so insidious.
|
|
|
|
|
Agreed. To make sure we are bullet proof, we only use Microsoft products. They have never been compromised.
>64
Some days the dragon wins. Suck it up.
|
|
|
|
|
Lots of systems get compromised. But that seems to be an almost unpreventable EXTERNAL cause.
You are confusing external code contamination with purposeful internal injected code that YOU put into your system.
YOU is not the same as THEM. So in essence, doubling odds. Instead of being inadvertently attacked from an external source, YOU actually downloaded the attack yourself.
|
|
|
|
|
Contest was terminated at Eastern Standard Time and corrupted by ulterior man in the middle. (12)
|
|
|
|
|
Intermediate ?
"Life should not be a journey to the grave with the intention of arriving safely in a pretty and well-preserved body, but rather to skid in broadside in a cloud of smoke, thoroughly used up, totally worn out, and loudly proclaiming “Wow! What a Ride!" - Hunter S Thompson - RIP
|
|
|
|
|
Nope,
But your answer tells me you chose the correct definition. Look closely for the clue indicators. No trickery, the clue is very well formed, although the answer is an uncommon word. Might need to grab the unabridged dictionary.
|
|
|
|
|
interlocutor (anagram of contest + ulterior)
|
|
|
|
|
Good job, you solved it.
Contest was terminated at Eastern Standard Time and corrupted by ulterior man in the middle. (12)
Contest was terminated at Eastern Standard Time = ContEST
and corrupted by = anagram indication
ulterior = anagram letter pool
man in the middle = interlocutor
INTERLOCUTOR[^]
|
|
|
|
|
Had a job back in the day working on Tandem machines. We had a contractor who came from Quebec and English was his second language but he knew the operating system and machine better than the rest of us. I guess he was translating from French but the guy actually used this word in documentation. We all thought he was a pretentious biblical donkey.
I’ve given up trying to be calm. However, I am open to feeling slightly less agitated.
|
|
|
|
|
Yeah,
He probably used a translator to produce the text. The Latin family of languages use this word much more frequently. Searching for "interlocuteur" gives me over 10 million matching pages.
|
|
|
|
|
I've got a sparkie coming round to change my electricity meter to a sparkling new smart meter this morning, and all I know is "he'll be there between 8 and 12" and that "the electricity will be off for about 45 minutes".
So I can't get stuck into anything because I don't know when I'll have an hour's gap in my thought processes. Grr!
Surely they could at least tell you "You're number 3 on his list this morning" which would give me a shorter window? But no ... I have to sit here like a prune twiddling my thumbs ... and no CCC yet to think about ...
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
I know, it's a strange idea, but there are computers that can operate on batteries. Some even for months and twice as long if I leave away all power draining displays and don't light that thing like a christmas tree with LEDs.
I have lived with several Zen masters - all of them were cats.
His last invention was an evil Lasagna. It didn't kill anyone, and it actually tasted pretty good.
|
|
|
|
|
Yep, and my Surface will, plus I can internet it via a phone hotspot while the broadband is out.
But ... it's a single tiny monitor, and a cramped keyboard, and I don't have access to my NAS while the power is out, and ...
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
CodeWraith wrote: I know, it's a strange idea, but there are computers that can operate on batteries. In the old days, we even had information that was available without either electric power or internet connection.
If my memory is correct, that kind of information was called "books" or "magazines". In my basement, I might be able to find a few of them - and I really should: I should refresh some of my old, worn knowledge that has more or less worn off since.
I might even find newer "books" that I have bought, planning to learn new stuff, but never got around to study them. Maybe a handful of hours is not enough for a deep study, but it could make a good start.
|
|
|
|
|
Par for the course. We were fortunate in have ours changed while we were having an extension built so the house was in chaos anyway. I switched the monitor on when they first installed it, but since we were already fairly controlled with our usage it didn't tell us anything much. Oh, and don't forget if you switch suppliers it will probably stop working.
|
|
|
|
|
I'm assured that it's the newer type - SMETS2 - which don't stop working.
And at the moment, I'm not sure there are enough companies left to switch to - the switching company I use has said they aren't recommending anyone for the foreseeable future as it's all just too volatile.
This is the second or third time a supplier has gone bust on me ... I can't help feeling that as a country we should have stayed with a single national supplier instead of feeding a lot of greedy middle men into the delivery process ... but that gets dangerously political so I'll stop there.
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
OriginalGriff wrote: This is the second or third time a supplier has gone bust on me ... I can't help feeling that as a country we should have stayed with a single national supplier instead of feeding a lot of greedy middle men into the delivery process
Totally agree, it was always a bit "smoke and mirrors". But, EU competition rules ...
|
|
|
|
|
OriginalGriff wrote: he'll be there between 8 and 12
You hope.
When I had my meter upgraded, the first appointment was scheduled for a Friday afternoon. I got a call 45 minutes after the end of the scheduled time-slot to tell me that they wouldn't be turning up due to "an emergency". Which I took to mean "There's a pint down the pub with my name on it; screw you!"
They rescheduled, but I had to join the back of the queue again, since they didn't want to disrupt anyone else's appointment by doing mine first.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Yeah ... I tried a couple of years ago, and got a call on the day before to say "OK if I'm a little early?" which I took as a good sign until he decided that he didn't have a dual rate smart meter in stock and would have to reschedule. Never heard from him again ... and the company went bust a few months later.
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
Time to get a good UPS for your systems.
|
|
|
|
|
OriginalGriff wrote: ...a sparkling new smart meter... The power companies push these new meters as a way of saving costs by not having to have personnel go out and read meters (which sometimes have to be re-read). Then, not surprisingly, you end up with a larger bill from that point forward because it costs money to have technology. Sometimes I despise tech.
"One man's wage rise is another man's price increase." - Harold Wilson
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
"You can easily judge the character of a man by how he treats those who can do nothing for him." - James D. Miles
|
|
|
|