Just a regularly abnormal day



  • Just got this in an email

    I can send the latest application source code in a zip file... not sure if what is on our svn on the off-network network is totally current...

    At the moment our dev and test webservers are unavailable. The test sql server also not there. But dev sql server still appears to be there and responsive, but very slow. Not sure if it's really 100% there or just gobs of packet retries going on due to the rest of the network issues...

    Let me esplain:

    • We have a version control server but it's not used because it's not on our main network. It's only available on a network that can't be accessed from anywhere except special wall jacks. (I keep my code somewhere else)
    • This particular developer can't get to the dev or test webservers. That's really bad because he's normally the only developer that can. (You read that correctly. Only one developer on our team has an SA account with access to the dev and test web or database servers.)


  • Wow, that is even more useless than not having VC at all :open_mouth:



  • There's an "off network" network? :wtf:

    @SteamBoat said:

    Only one developer on our team has an SA account with access to the dev and test web or database servers.

    :wtf:



  • Worst part is that the "lead" came up with the idea and still thinks it's a good one.



  • @SteamBoat said:

    can't be accessed from anywhere except special wall jacks

    :wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf::wtf:



  • Git FTW? Commit stuff locally, send to repo when plugged into the magic wall jacks?



  • @russ0519 said:

    Git FTW?

    YMBNH.

    ­



  • @loopback0 said:

    YMBNH.

    I'm really not. I know blakey hates Git, but I had a feeling the rest were ambivalent about it. This would actually make a great use case for git. You can even use git-svn to interface with an existing SVN server and dcommit stuff only when plugged into the magic jacks while doing normal development the rest of the time.



  • Or, y'know, just not have a retarded two-network system.


  • BINNED

    @SteamBoat said:

    the "lead" came up with the idea and still thinks it's a good one.

    What is his/her rationale?



  • @loopback0 said:

    Or, y'know, just not have a retarded two-network system.

    Well obviously they're :doing_it_wrong:, but at least they can use git as a workaround for the system that's the real :wtf:



  • Probably using a separate VLAN and stopped up at the firewalls.



  • Not even close.
    Separate wires, power and boxes. Only access from there to anywhere is via a Verizon Air Card and that only works from the inside out.



  • Working with the powers that be has been well beyond impossible for years. Our code repository was supposed to be moved to a different server but was down for months so some kind of workaround was needed. We're not supposed to have code off site so he came up with this plan. He doesn't see deeply so this seemed reasonable from his perspective.



  • BTW: Got kicked out of my office space today and told to work from home (YAY) so now I won't have access to the magic blue jacks but a couple of times a month.


  • BINNED

    I do not understand why people do not use private repositories on GitHub. What is this fascination with running a server and keep struggling with it, or care about it for what it is worth.



  • You have a lot more control in-house. Perhaps it's your security policy. Perhaps you want to restrict access to LAN IPs only. In many cases I'd be inclined to agree with you, but outsourcing everything isn't necessarily for everyone.



  • @SteamBoat said:

    Let me esplain

    ... while taking a stroll down the esplainade?

    @russ0519 said:

    they can use git as a workaround for the system that's the real :wtf:

    The fact that git is the saner option compared to what they already have is TR :wtf:


  • Winner of the 2016 Presidential Election

    @dse said:

    I do not understand why people do not use private repositories on GitHub.

    In case of a lawsuit you may be in a better position if you have everything in-house and have control over all the information about the development process. A third party is more likely to give away information as soon as a strongly worded letter from some lawyer arrives.


  • Fake News

    @SteamBoat said:

    We're not supposed to have code off site so he came up with this plan.

    But you guys have laptops right? Otherwise there would be almost no reason not to be jacked into the right network (well, unless that network is really isolated from everything else, in which case we have a bonus :wtf:).



  • Why just use a second NIC, I hear an USB NIC is a few dollars. Then route between the segemtns so everybody profits.



  • And now for another installment of Lorne Solves Everything:

    • find a magical blue jack
    • Pull out the faceplate
    • Disconnect the cables from the back of the jack
    • Crimp a RJ-45 head onto that cable
    • Plug that RJ-45 into a wireless router that can bridge between networks
    • Set up that router to allow you access from your work network, to your source code network (even from VPN)
    • Take another rj-45 cable
    • Plug one end into the router
    • Cut the head off the other, and expose the wires
    • Re-crimp those wires to the Magic Blue Jack
    • Hide the wireless router in the wall
    • Reset the faceplate for Magic Blue Balls

    You now have direct access to the network when you're working from home. People still have their Magic Blue access. No one is the wiser.

    Stay tuned for Lorne Solves Global Hunger-- or something important like font size in Steam or something.



  • That's a fireable offense. They monitor the network diligently. They actually have vans driving around the "campus" with WiFi monitoring equipment in them.

    Actually, if the got their panties in a kerfuffle it could be time in federal pound-me-in-the-ass prison.

    edit: I said it again again.



  • @gleemonk said:

    route between the segemtns

    I don't know if I've ever come across a device that had support for segemtning a network before...



  • You win the bonus :wtf:

    @JBert said:

    unless that network is really isolated from everything else,

    This "network" terminates in a closet a few feet from my desk and is hooked up to about a dozen, at most, other workstations. There is one operational server in the closet and OMG there isn't even a scheduled backup.


  • Fake News

    So in other words:

    • Connect to the "magical network", be able to reach the source control but unable to search Internet references or deploy it.
    • Connect to the "plebs network", be able to reach everything important but unable to commit sources.

    That sounds like jumping through hoops alright...

    You haven't answered whether you (and especially the person who came up with this segregation) have laptops, because that would mean the source leaves the premises daily, making this whole dance obsolete.



  • @russ0519 said:

    Git FTW? Commit stuff locally, send to repo when plugged into the magic wall jacks?

    You've solved half your problem - you can't commit. But you didn't solve the other half - making sure your code actually exists somewhere other than your laptop, or anyone else's problem - making sure that everyone else can get to it. Also, the half of your problem you solved is the less important half.



  • Like talking to my lead.



  • Just set up each person's computer as a git server and actually use the D in DVCS.



  • Sounds like a wonderful idea - n people's changes get send to n-1 other people. The obvious next step is to set up a central server on the common network - in which case, all you've done is the sane thing - move source control to the right network. That means, of course, that it violates whatever policy got the source control system move to Siberia in the first place.



  • @dse said:

    I do not understand why people do not use private repositories on GitHub. What is this fascination with running a server and keep struggling with it, or care about it for what it is worth.

    Seriously? You would trust your company's IP to a hosting provider that has no contractual obligation to maintain any particular level of service? What happens if they have a system glitch that mangles your files? Or allows strangers access? Will you be happy knowing that they really didn't mean to? What will be the damage to your project and your employer? Who is going to get the blame?

    Github may be fine for open source projects and non-commercial products, but if you're working on code that your employer relies on to remain in business, you really want your solution, whatever it is, to be in-house. If you don't know enough to set up something good, then hire a consultant to make sure it's done right.

    If you can't afford it, then maybe the code really isn't worth that much after all. But if it is, can you afford to lose it or have it get leaked to the public or to a competitor or to a law firm looking for an excuse to sue you?



  • @SteamBoat said:

    That's a fireable offense. They monitor the network diligently. They actually have vans driving around the "campus" with WiFi monitoring equipment in them.

    Actually, if the got their panties in a kerfuffle it could be time in federal pound-me-in-the-ass prison.

    They're that concerned about security, but they'll let you remove a copy of the code to work from home? That's TRWTF.



  • They have vans with wifi monitoring equipment but that can't setup a server?



  • Not the same group of people. It's an extremely large organization.



  • Got ya. We should make "extremely large organization" a three letter acronym -- ELO.



  • @russ0519 said:

    I'm really not. I know blakey hates Git, but I had a feeling the rest were ambivalent about it.

    http://vincekotchian.com/wp-content/uploads/2014/05/Wrong.jpg



  • @Lorne_Kates said:

    And now for another installment of Lorne Solves Everything:

    find a magical blue jack
    Pull out the faceplate
    Disconnect the cables from the back of the jack
    Crimp a RJ-45 head onto that cable
    Plug that RJ-45 into a wireless router that can bridge between networks
    Set up that router to allow you access from your work network, to your source code network (even from VPN)
    Take another rj-45 cable
    Plug one end into the router
    Cut the head off the other, and expose the wires
    Re-crimp those wires to the Magic Blue Jack
    Hide the wireless router in the wall
    Reset the faceplate for Magic Blue Balls

    You now have direct access to the network when you're working from home. People still have their Magic Blue access. No one is the wiser.

    Stay tuned for Lorne Solves Global Hunger-- or something important like font size in Steam or something.



  • @Jaime said:

    You've solved half your problem - you can't commit. But you didn't solve the other half - making sure your code actually exists somewhere other than your laptop, or anyone else's problem - making sure that everyone else can get to it. Also, the half of your problem you solved is the less important half.

    Yes, but you can continue to work without having to put multiple things in a commit or something like that in the periods between being able to talk to the server.



  • @David_C said:

    What happens if they have a system glitch that mangles your files?

    blakeyrant



  • @boomzilla said:

    Yes, but you can continue to work without having to put multiple things in a commit or something like that in the periods between being able to talk to the server.

    As I said, you solved the small part of the problem. Committing to a local repository is not a whole lot better than simply not committing. The main benefit you get is well-commented atomic units of commitment - but if no one else sees them and they aren't backed up, you are solving the wrong problem first. After you've solved the right problem, local commits become unnecessary.



  • @Jaime said:

    After you've solved the right problem, local commits become unnecessary.

    No shit. No one is arguing that the network situation is a good thing.



  • You can just email a zip of the .git directory. Then all you need to do is extract it in an empty directory and run git add --all && git reset --hard to get the latest source code. Not many people know this.



  • @David_C said:

    Seriously? You would trust your company's IP to a hosting provider that has no contractual obligation to maintain any particular level of service? What happens if they have a system glitch that mangles your files? Or allows strangers access? Will you be happy knowing that they really didn't mean to? What will be the damage to your project and your employer?

    With git, the only real concern would be unauthorized access. All the other things would be really hard for Github to do worse than the average company.You cannot even mangle files in Git unless you introduce another commit.

    Running a server is not trivial. If you can pay a few bucks to somebody who does it on a bigger scale you are going to profit from their expertise.

    @David_C said:

    Who is going to get the blame?

    The fucking idiot who insisted on doing it himself? :smiley:


  • BINNED

    @David_C said:

    hosting provider that has no contractual obligation to maintain any particular level of service?

    Do you have first hand experience with GitHub?
    There is bitbucket too, and perhaps more companies, so I may find one that does have better contracts.

    @David_C said:

    What happens if they have a system glitch that mangles your files? Or allows strangers access?

    What happens if you have a system glitch that mangles your files? Or allows strangers access?

    If my business is in the business of doing something server related, it makes sense to also host a git server. If strangers are after my IP, I will have to pay for a security expert who also does sysadmin. I firmly believe security is difficult and big companies do it better, at lower price too. Competent security experts who also do sysadmin do not work for free.

    @David_C said:

    Will you be happy knowing that they really didn't mean to?

    Will you be happy knowing that they consultant/employee really didn't mean to?

    @David_C said:

    then hire a consultant to make sure it's done right.

    Nope, either know-how should be in-house or a service is better. Consultants are too expensive and I cannot shout at them.


  • Discourse touched me in a no-no place

    @David_C said:

    You would trust your company's IP to a hosting provider that has no contractual obligation to maintain any particular level of service?

    If you're using GitHub private repositories, you're using a paid account. If you're paying for stuff, you'd also have spent the time to look at the SLA that they're committing to, yes? Paying for a service and not knowing what sort of service level that gets you would be TRWTF…



  • @JBert said:

    But you guys have laptops right? Otherwise there would be almost no reason not to be jacked into the right network (well, unless that network is really isolated from everything else, in which case we have a bonus :wtf:).

    Why does everyone keep saying things like this? I don't know for sure about this case, but there are many situations where an air-gapped network is appropriate, even desirable. Nuclear plants, airplanes, chemical factories, key generation for security certificates, etc. Protecting software may be overkill, but it's not necessarily a :wtf:.



  • in this case it is a wtf. I too am tired of bullshit in the name of a false security.

    The source code is in their laptops, and they are in the plebs network. They aren't protecting anything, they are just being stupid assholes.



  • @CoyneTheDup said:

    I don't know for sure about this case, but there are many situations where an air-gapped network is appropriate, even desirable.

    I've twice worked with the "use this wall jack for network A, or this one for network B" setup. In my previous job, the blue network cables were for the unclassified network and the red cables were for the classified network. We also had two system drives with a caddy arrangement, and you had to boot from the classified system drive to be able to log into the classified network. The classified drive had to be locked in your safe when not in use and overnight. This was all pretty reasonable from a security standpoint.

    We also had that arrangement here for a while, where our test network was isolated from our main network (with a few bridges for deployment purposes, I forget the specifics now). This allowed us to have a truly identical test and production setup (same hostnames, etc) which meant fewer things to go wrong when deploying. At that stage I had a separate computer on my desk specifically for accessing the test network. When they stopped doing things that way, they just took away the test environment altogether. Initially that was only going to be for six months, but that was several years ago. (Now we're doing a push to migrate to AWS and they're talking about possibly setting up a test environment there, if we decide we need one.)



  • @Slapout said:

    They have vans with wifi monitoring equipment but that can't setup a server?

    never seen so many bleedin' aerials



  • @CoyneTheDup said:

    Why does everyone keep saying things like this? I don't know for sure about this case, but there are many situations where an air-gapped network is appropriate, even desirable

    Sure. But only if the computers on that network are isolated and don't ever connect to other networks.

    If employees can transfer code to computers that are later connected to the internet, then the entire purpose of the air-gap is undermined. They can get malware when at home, which will propagate into the "secure" network when the computer is later attached.

    Allowing any unauthorized media (like flash drives, iPods or installers for unapproved software) to connect to a computer on that network violates the air gap and is a vulnerability. (Many believe that that's how Stuxnet got into Iran's air-gapped secure network.)

    If you have a need for an isolated network, then you must keep it truly isolated and must have strict controls over everything going into or out of that network. Allowing employees to connect and disconnect their equipment at will undermines the entire system.


Log in to reply