Even the meth-heads have stopped stealing car stereos. That is how stagnant the industry has gotten.
I have seen some companies have their developers given autonomy, with their own DevOps, mainly because it allows for what is needed to get granted. New subnet for lab testing? It is a lot easier to get a DevOp guy to configure the VLAN for it than to submit a ticket to a different organization that isn't connected at all, nor knows what needs done.
Of all the organizations in a company, dev needs the loosest reins (while still keeping separation so that the loosened policies don't allow for a security breach to compromise other departments.) The other department that needs autonomy is QA, because $DEITY knows what needs to be tested against.
So, having an autonomous DevOps means that the dedicated programmers have people that know what they want/need, and have the ability to get that.
In my experience, this does seem to work and work well in SMBs that are not just hiring H-1Bs or offshoring their entire dev department in toto. Larger companies, depending on corporate culture, not so much. Dev and QA should be autonomous. They have to be because that is where things get invented and bugs get squashed.
I wonder what ever happened to the concept of the data diode. That way, stuff can be monitored... but it would take someone physically there for action . I've done this on a low bandwidth basis by using two machines on physically separate networks, a serial cable that has one line cut (so it could only send signal one direction), syslog on one side, and a redirect from the serial port to a file on the other side.
: Of course, this isn't 100%, someone can pretend to be a manager or upper muckety muck, but it is a step up from a remote attacker just typing in blkdiscard
I wonder how Ada 2012 would do in this test, although I don't know of any websites that use this language for a backend.
Similar dilemma. A regular bicycle is unfeasible due to distance. Hopping a bus with a bike is iffish, since there are only two bike spaces in the rack per bus that shows up every hour... and assuming a slot got made free, it would be a battle of speed with others. Which leaves folding bikes and having to lug a Brompton into and out of a building.
Even if you find a space, the parking meters are kiosks on every block, and you -will- get a ticket between the time you walk to the kiosk, get the ticket printed out, and come back to the vehicle to put it on.
So, the easiest thing to do is hail a taxi and go from there.
The ironic thing, most of the places were private companies without a government contract. They wanted the security clearance because someone else did the vetting for them.
It isn't how I like to be, but just what narrow piece I saw after graduating college. Without the alphabet soup, you never had a chance of passing the first rounds.
In my experience, you won't get an HR person's attention unless you have the alphabet soup after your name. A bachelor's gets the resume out of the round file. A MCSE/CCIE/RHCE gets it scheduled. A CISSP or TS-SCI clearance gets it to the tech guys to be interviewed. In fact, when I got out of college, most interviews went like this:
Interviewer: "Do you have a CISSP or TS-SCI? No? Next in line, please."
It really didn't matter about experience... one could be clueless in IT but have a MCSE, and be further along than someone who had many years in the field, but didn't have the cert.
I'm wondering if they got results without a choke, or at full choke. This might be statistically significant.
You can count me in that category. I signed up way back in 2008 because after getting out of college, prospective employers would demand if I had a FB/MySpace/Twitter account, and if not, the interview was up, as the HR rep felt that it was mandatory for anyone in IT to have social networking accounts to be considered up to date in skills.
So, I created a Twitter account, followed EMC and a few other names, and called it done... it did make the bean counters happy because they thought I was "with it".
We have 50-60 years of technology advancements. Look how cars have advanced. Had there not been such a strong oil/coal lobby, there would be advancements that would be impossible in today's political climate:
1: Thermal depolymerization -- turn waste products back into crude ready for use again.
2: Droughts would be mitigated as issue with desalination plants combined with the infrastructure to pump it inland.
3: More technologies would be possible to reclaim used components. Waste can be recycled cleanly.
4: More expensive (expensive as in energy) chemical processes can be used to reclaim toxic sites.
I think future generations will think we are dolts as not to have moved to nuclear sooner, because more energy available per person can mean a lot more advances and a better quality of life.
Here is the ironic thing: Both the hippies and the Tea Party people I know are all over solar, wind, and other alternative energy.
I just wonder when the tipping point happens where people and businesses stop wanting to be beholden to Middle Eastern oil and dirty coal, and move onto nuclear . With more energy than what we have now, we can easily use thermal depolymerization to toss waste plastic and usable crude oil.
: Thorium reactors show great promise.
Depends. A website's SSL key may be slurped up. However, a root CA key should be either kept on an offline machine or kept in a hardware security module where the key won't be divulged, ever... the module will sign a key, and that's it.
I'm sure some places will have their root CA on an externally connected machine, then try to place blame, likely saying how insecure UNIX is (when it isn't any particular flavor of UNIX that is at fault.)
Don't forget Splunk, so the servers that you are managing have a place to dump logs, and where you can do syslog searches from one place. Splunk isn't a magic bullet, but it does a lot of useful functions and can scale up, and it is a very useful troubleshooting tool.
Democracy is showing its cracks here in the US. I've wondered about moving to a different system so we don't keep the same people in office for decades:
I'd propose it be done like jury duty: Come every four years, every citizen's name is tossed in a hat, names are drawn, and those people are sworn into office. No, this isn't perfect, and statistically, there is a chance of getting some real crazies... but is that worse than politicians bought and paid for by campaign donations? Statistically, it will give a true cross-section of the population. It will also get rid of gerrymandering and other crap.
This can be combined with a "no confidence" vote mechanism for further checks/balances.
A secure home server only makes sense. If you get a machine with hardware RAID, mirror the OS drive, then use RAID-Z2  or RAID-Z3 for the data. If using Windows, then you get a choice between bit rot resilience with Storage Spaces + ReFS or deduplication with Storage Spaces + NTFS.
: RAID-Z will find bit rot on a zfs scrub, but won't be able to fix it. RAID-Z2, RAID-Z3 and RAID-1... even ditto blocks can both find and fix it.