IT/Software career thread: Invert binary trees for dollars.

TJT · Dec 14, 2020

Okay gang. Holy fuck Google Cloud Platform is some exploitative horse shit. I've been using AWS for the past few years and it isn't without issue but AWS does do everything it can to make it easy enough to use more of their services together. Like you can have some EC2 servers and use the AWS API or a number of other options to move data around to S2 storage, lambda... pretty much whatever you want.

But Google however. What a bunch of assholes. Problem I am currently trying to solve for my consultant sidegig.

Company pays for Google Analytics to the tune of like $300k a year already.
They need to move data around but unless you're using GA 360 ($500k minimum pricetag from what I understand) you're limited to using GAv4 which is unbelievably gimped and designed explicitly to force you to pay up for GA 360.
GAv4 API lets you use the API's reporting system but it doesn't let you get the raw data.
If you want to move this data to GCP BigQuery databases it gives you an schedulable export feature but it does this. Creates each day's worth of data as its own table under the schema for that particular GA component you organized.
If you want to move that data from GCP BigQuery to GCP Storage you can only move 1GB files from the GA export to bigquery into GCP storage. But there's no limitation on the GAv4 output size.

You can avoid this with the features GA 360 gives you but they don't want to pay $200k more minimum and other requirements up front just to get it. Now I am left with creating some exceptionally retarded code to batch the bigquery tables into 1GB files them moving them to GCP Storage buckets where we can actually use them. There's going to be way too much jank here for my liking.

Deathwing · Dec 14, 2020

How much you want to bet that paying them that extra $200k does close to what you end up with?

TJT · Dec 14, 2020

Deathwing said:
How much you want to bet that paying them that extra $200k does close to what you end up with?

I know it can. It's in the documentation directly for the GA360 features. But the hiring manager I have has to fight with budgeting a lot for this stuff and whatnot.

Deathwing · Dec 14, 2020

I was making a smarmy comment that their API behind the scenes does what your post processing will do. Unless the API is very explicit on the on-demand nature of fetching data for GA360.

TJT · Dec 14, 2020

Thing is you don't need to use the API at all if you're on 360. 360 can pipe your data by the minute straight to where you want it to go. lol.

TJT · Dec 16, 2020

We had a mandatory microaggressions workshop today.

Khane · Dec 16, 2020

I've had some increasingly idiotic "training" lately as well. The latest was "Disrupting Unconscious Bias" which was basically a video I couldn't fast forward through with a quiz at the end that essentially just said "Everyone is biased, and they don't even know it!!!"

ShakyJake · Dec 20, 2020

Are these government trainings? I work for a global medical devices/pharmaceutical company and while we have a shit ton of ridiculous trainings, there has been nothing along those lines.

Borzak · Dec 20, 2020

Very thankful never worked anywhere that had an actual HR department. Healthcare, payroll and 401ks and such are contracted out. Personal problems were between you and the owner which normally involved "get your ass back to work and shut up"

TJT · Dec 20, 2020

ShakyJake said:
Are these government trainings? I work for a global medical devices/pharmaceutical company and while we have a shit ton of ridiculous trainings, there has been nothing along those lines.

No I work for a tech company in its rapid growth phase.

TJT · Dec 20, 2020

The Solarwinds hack is very interesting if anyone's following it. My company competes in the same space kinda and its a big deal. It's going to cost any serious company a fuckton of money resecuring their shit.

TJT · Dec 20, 2020

Not really interested in Azure but you get the cert out of it and can't beat the low low price of free.

Microsoft: Attend Azure Virtual Training & Take Azure Fundamentals Certification Exam Free
https://slickdeals.net/f/14713163-f...bsft_tv=3&src=da_si_v2_74282614#post143937644

Ao- · Dec 21, 2020

TJT said:
The Solarwinds hack is very interesting if anyone's following it. My company competes in the same space kinda and its a big deal. It's going to cost any serious company a fuckton of money resecuring their shit.

It's pretty fucking scary to see how well/long that worked.

Deathwing · Dec 21, 2020

I was reading up on this and Solarwinds said they would revoke the certificate(s) tomorrow(12/21). Perhaps I don't understand the complexity of revoking a certificate in this context. Why wasn't this done immediately?

Neranja · Dec 21, 2020

Deathwing said:
Why wasn't this done immediately?

Because this has a lot of ramifications, i.e. code signing: Once revoked Windows will start to complain. The stupid admin-drones from India will most likely start clicking "yes yes, ignore, do the needful", and this is exactly what shouldn't happen.

I would have said the Solarwinds incident surprised me, but I was involved in a project where the developers went around the back of corporate policy and installed their own repository in the cloud. Which is harder than you'd think, so they didn't lock down sign ups. Long story short, someone from the internet found the repository (literally googled for repos), signed up, got an account and off he went with a complete snapshot of the repository. Which included passwords and API keys.

At this point in time I fucking hate SCRUM and DevOps developers: Most of the time they don't know how their stuff works or even builds, but they think they can do the work of admins better than the admins themselves. "We need full Internet access from our build host", but when you point out the security ramifications you just get a blank stare in return. They don't know anything about security or ITIL.

Deathwing · Dec 21, 2020

Saying your build machines need full internet access should get you fired. It's a pain in the ass, but hosting local various package platforms and such while locking down even internal access to your build machines is worth the short term hardship. I'm a QA manager, but I consider a lot of what I do would typically be devops. I can't imagine doing my job not knowing how our product builds.

Thanks for the answer. I need to read some more into this. I wasn't aware the compromised certificates were used in code signing.

Ao- · Dec 21, 2020

Neranja said:
Because this has a lot of ramifications, i.e. code signing: Once revoked Windows will start to complain. The stupid admin-drones from India will most likely start clicking "yes yes, ignore, do the needful", and this is exactly what shouldn't happen.

I would have said the Solarwinds incident surprised me, but I was involved in a project where the developers went around the back of corporate policy and installed their own repository in the cloud. Which is harder than you'd think, so they didn't lock down sign ups. Long story short, someone from the internet found the repository (literally googled for repos), signed up, got an account and off he went with a complete snapshot of the repository. Which included passwords and API keys.

At this point in time I fucking hate SCRUM and DevOps developers: Most of the time they don't know how their stuff works or even builds, but they think they can do the work of admins better than the admins themselves. "We need full Internet access from our build host", but when you point out the security ramifications you just get a blank stare in return. They don't know anything about security or ITIL.

"Why are you slowing us down?"
"Because you time is worth less than a breech costs. Go fuck yourself."

Ao- · Dec 21, 2020

Deathwing said:
Saying your build machines need full internet access should get you fired. It's a pain in the ass, but hosting local various package platforms and such while locking down even internal access to your build machines is worth the short term hardship. I'm a QA manager, but I consider a lot of what I do would typically be devops. I can't imagine doing my job not knowing how our product builds.

Thanks for the answer. I need to read some more into this. I wasn't aware the compromised certificates were used in code signing.

The certificates themselves weren't compromised, the malicious code was added to the source before the compile and signing. It's pretty fucked up/devious. The persistence... the 10-14 day delay in even CHECKING for things... it's crazy.

TJT · Dec 21, 2020

Deathwing said:
Saying your build machines need full internet access should get you fired. It's a pain in the ass, but hosting local various package platforms and such while locking down even internal access to your build machines is worth the short term hardship. I'm a QA manager, but I consider a lot of what I do would typically be devops. I can't imagine doing my job not knowing how our product builds.

Thanks for the answer. I need to read some more into this. I wasn't aware the compromised certificates were used in code signing.

Hacking solarwinds is also an ideal thing to hit. The product monitors all your infrastructure and thus needs access to all of it. So if they get into it all of your routers, devices, services, etc are fully exposed. It would take forever for an org to go through all of their infrastructure and resecure it.

As my company's product competes in a similar space they're doing a security audit now. But all of our actual product code is locked down tight in on-prem repos and the data warehouse we extract out of the product doesn't even get any user names/pws or api keys. Nearly everything it garbled with encryption if its remotely identifying. We're probably okay here. It's not good for the space but our sales guys are seeing almost a 100% uptick in customers using SW who now want POCs of our product so it might be really good for us.

Ao- · Dec 21, 2020

Well, it's not even just 1 "bad guy"... after digging through the SolarWinds Orion infrastructure, MS/FireEye found another group who had implanted malware.

Search

IT/Software career thread: Invert binary trees for dollars.

TJT

Mr. Poopybutthole

Deathwing

TJT

Mr. Poopybutthole

Deathwing

TJT

Mr. Poopybutthole

TJT

Mr. Poopybutthole

Khane

Got something right about marriage

ShakyJake

Borzak

Bronze Baron of the Realm

TJT

Mr. Poopybutthole

TJT

Mr. Poopybutthole

TJT

Mr. Poopybutthole

Ao-

¯\_(ツ)_/¯

Deathwing

Neranja

Deathwing

Ao-

¯\_(ツ)_/¯

Ao-

¯\_(ツ)_/¯

TJT

Mr. Poopybutthole

Ao-

¯\_(ツ)_/¯