[Python-ideas] Python's Source of Randomness and the random.py module Redux
Nick Coghlan
ncoghlan at gmail.com
Tue Sep 15 03:07:46 CEST 2015
On 15 September 2015 at 08:50, Emile van Sebille <emile at fenx.com> wrote:
> On 9/14/2015 3:39 PM, Paul Moore wrote:
>>
>> * Everyone I have ever encountered in a work context (as opposed to in
>> open-source communities) seems to me to be in a similar situation to
>> mine. I believe I'm speaking for them, but because it's a
>> closed-source in house environment, I've got no public data to back my
>> comments.
>
> You can certainly speak for me. It's much easier to guard the gates than
> everything inside the walls.
Historically, yes, but relying solely on perimeter defence is becoming
less and less viable as the workforce decentralises, and we see more
people using personal devices and untrusted networks to connect to
work systems (whether that's their home network or the local coffee
shop), as well as relying on public web services rather than internal
applications.
Enterprise IT is simply *wrong* in the way we currently go about a lot
of things, and the public web service sector is showing us all how to
do it right. Facilitating that transition is a key part of my day job
in Red Hat's Developer Experience team (it's getting a bit off topic,
but for a high level company perspective on that:
http://www.redhat-cloudstrategy.com/towards-a-frictionless-it-whether-you-like-it-or-not/).
And for folks tempted to think "this is just about the web", for a
non-web related example of what we as an industry have unleashed
through our historical "security is optional" mindset:
http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
That's an article on remotely hacking the UConnect system in a Jeep
Cherokee to control all sorts of systems that had no business being
connected to the internet in the first place.
The number of SCADA industrial control systems accessible through the
internet is frankly terrifying - one of the reasons we can comfortably
assume most humans are either nice or lazy is because we *don't* see
most of the vulnerabilities that are lying around being exploited.
Regards,
Nick.
--
Nick Coghlan | ncoghlan at gmail.com | Brisbane, Australia
More information about the Python-ideas
mailing list