memfd_secret() in 5.14
memfd_secret() in 5.14
Posted Aug 8, 2021 16:03 UTC (Sun) by anselm (subscriber, #2796)In reply to: memfd_secret() in 5.14 by khim
Parent article: memfd_secret() in 5.14
Personally I would not be prepared to work for an employer who is unwilling to provide me with a suitable computer and phone to use for company business. The IT job market being what it is these days, paying for decent tools is a prerequisite for companies that want to attract (and keep) top-quality talent – and compared to a software developer's compensation, the price of even very good hardware is virtually negligible, so putting off potential applicants by requiring them to supply their own work equipment at their own expense (and then insisting on controlling what software is installed on that equipment and how it is configured) doesn't even make good business sense.
Posted Aug 8, 2021 16:55 UTC (Sun)
by khim (subscriber, #9252)
[Link] (4 responses)
They probably can. If you are really fussy. But it's often just easier for both user and company when you only need one phone and one laptop to travel somewhere. Who said anything about IT job market? It's tiny. Various estimates put number of software developers worldwide between 20 and 30 million. But there are half-billion of laptops in use and many billions of smartphones. Simple math shows that the software developers are tiny, almost negligible percentage of all users. Yes, there are shortage of software developers and yes, because of that they can enjoy luxury of being treated differently. But majority of people are not in that position. They couldn't really play “oh, I want to do whatever I want with the device I own — and you have to bend over backward to accommodate my wishes” games. If accountant or a simple clerk would try that game — they would be fired and someone else would take their place. It's not that hard. And the needs of these people are what drives the development of software and hardware. Most of them want to have locked down device — if that would bring more money for food and other spendure. Just ask your friends who are not a software developers. And if that's what they want then Industry would provide that. And kernel development, today, is part of the Industry. It doesn't matter if you like that or not — it's just the fact.
Posted Aug 8, 2021 23:54 UTC (Sun)
by anselm (subscriber, #2796)
[Link] (3 responses)
Guess what, my friends who are not software developers usually also have company laptops and phones – and like it that way. After all it's a lot easier to ignore or switch off the company phone outside business hours, over the weekend, or during your vacation than your own phone, especially given that with such an arrangement your boss and colleagues don't need to know your private phone number, which is none of their business.
From a company POV, apart from the recruitment issues mentioned earlier, my friends' employers' IT operations and support people presumably prefer dealing with mostly-uniform hardware from known suppliers (including on-site support contracts, and having spares on hand if a machine breaks) and a common standardised software and UI setup, and definitely don't want the security nightmare of employees maintaining VPN connections into the company from their own machines that are also independently connected to the public Internet for non-company stuff (because of course they don't want to route all their employees' Netflix traffic through the company VPN, either). Many companies tend to figure out eventually that giving people centrally-maintained company hardware to use on the job is cheaper in the long run than dealing with the ongoing hassle and expense of getting people's random privately-bought computers to work properly (and securely) on the company's network. The lucky ones do so before the first malware infestation of the company's network via an employee's BYOD computer.
Posted Aug 9, 2021 7:51 UTC (Mon)
by khim (subscriber, #9252)
[Link] (2 responses)
Interesting. So you have certainly managed to avoid the trend. Because statistic doesn't support your words at all: 87% of businesses are dependent on their employee’s ability to access mobile business apps from their smartphone and 67% of employees use personal devices at work. I would guess this percentage is smaller in US and EU and bigger in third-world countries (almost all my friends from Egypt, Iran and Russia don't know about BYOD or any such fancy acronyms because no one ever thought about providing them with company smartphone and very rarely they got a company-provided laptop), but Bitglass, the Next-Gen CASB company, is based in Silicon Valley with offices worldwide — and it observes what I observe and not what you and Wol are observing. And while your words sound convincing — they don't explain why things you observe and independent statistic observes don't match. Because statistic very clearly shows that use of personal devices for work purposes is growing, not shrinking and the mitigation strategy chosen by the Industry is to make them… “less pesonal”, I guess: make sure bootloader is locked or security enclaves are installed (things like Intel SGX are developed for that purpose) and so on. Add to that the fact that states (not just China or Iran, but also EU and US) increasingly want to ensure that nefarious sites they want to ban remain inaccessible to the most of the population — and you can easily imagine where all that is going.
Posted Aug 9, 2021 9:15 UTC (Mon)
by anselm (subscriber, #2796)
[Link]
There can also be regulatory-environment issues that work against BYOD. Here in Germany (as in the rest of the EU) there are very strict personal-data protection requirements that need to factor into companies' risk assessments. Many companies reasonably conclude that having customer or client data stored on (or even accessible from) employee-owned hardware is not a Good Idea, due to compliance issues and the increased risk of data breaches and associated fines/bad PR.
(The article you cite looks interesting but the statistics it quotes seem fishy in various respects. It is also tainted by the fact that the author himself seems to be a big fan of BYOD. I probably wouldn't want to lean on it too heavily for support.)
Posted Aug 9, 2021 10:32 UTC (Mon)
by kleptog (subscriber, #1183)
[Link]
The GDPR basically makes storing company data on uncontrolled personal computers a non-starter for most businesses. But remote access gives the user a controlled system, and web-browsers promise not to cache data fetched via TLS.
They can of course say you have to bring your own device otherwise they won't hire you. On the flip side, they're not allowed to just randomly add monitoring to your personal device and if anything goes wrong (like your home laptop gets hacked) you as employee bear no liability. Which is why companies often hand out laptops anyway because as owner they have many more possibilities to secure the device.
> Personally I would not be prepared to work for an employer who is unwilling to provide me with a suitable computer and phone to use for company business.
memfd_secret() in 5.14
memfd_secret() in 5.14
Just ask your friends who are not a software developers.
> Guess what, my friends who are not software developers usually also have company laptops and phones – and like it that way.
memfd_secret() in 5.14
memfd_secret() in 5.14
memfd_secret() in 5.14