74
Google’s new security pilot program will ban employee Internet access
(arstechnica.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 20 Jul 2023
74 points (100.0% liked)
Technology
37573 readers
416 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
Seems rather bizarre to me, though it could make sense for some non-technical roles. For developers, seems a bit impractical; much of language documentation is online and odd errors, common and esoteric, are frequently completely absent from docs. This seems likely to require devs to either use unauthorized devices or waste time digging through source (possibly for the programming language itself) to figure things out.
However, the remark about root access makes me hope that there are not people logging into systems at Google as root. A sudoer, sure, but root is a big no-no.
su root
rm -rf /SteveHuffmanData/SearchHistory/RealStuff
mv HorseNPigPorn.jpg LemonParty.html TubGirl.png SteveHuffmanData/SearchHistory
sudo cat bleach | /dev/eyes
Seems like they could have a machine with higher level access air gapped, and a less secure machine for browsing the internet but not internal tools. Would still suck for copy paste and things of the line, but would probably work in most cases.
I would think that this would be an approach that absolutely makes sense for corporate infra systems like domain servers, systems with access to network configs, etc.
Maybe adding an additional security tier? Something like "sandbox dev" where new third-party libraries and technologies can be tested and a "production dev" which is more restricted. That might be the "right" way.
The problem that I'd see is that productivity, development velocity, and release cadence would all take a nose-dive as software engineers have to continually repeat work, roughly doubling the real amount of work needed to release any piece of software. This would likely be seen as incompatible with modern business and customer expectations.