I worked at a place that when the company did really well you get a bonus of two weeks paycheck. It some times could happen twice a year and nobody had to ask for it you will receive the news through a “thank you” email.
Looks like you have some knowledge hole. Let’s start with MSSQL you can use AD groups and those are the one and only thing that database setups are concerned with. On the AD side users get added/removed all the time. I have personally managed this kind of system with nearly “0” overhead on the DB side. Group assignment is the maintained by team managers decentralizing the whole thing.
For non Kerberos Linux systems using LDAP to synchronize group membership is the only extra automation needed.
It is possible and fairly easy to manage a very large number of accounts IF done properly.
I have strong evidence of the opposite. I worked in a hedge fund (unnamed for privacy) they paid top $ for IT admins, which by the way were very capable.
An incursion into AWS taught them a hard lesson - the were nearly 4-5 more efficient than AWS at similar hosting capacity. Moving to GPC was their only option to maintain elasticity at relatively “acceptable” prices.
My "anecdata" is stronger than your "anecdata", I'd say.
> they paid top $ for IT admins, which by the way were very capable.
Most companies don't pay top dollar and as a result they have to scrape by with the leftovers. As a result Amazon for sure beats them in sysadmining efficiency.
Sadly I don't think this is actually true. From that page:
DDL statements, atomic or otherwise, implicitly end any transaction that is active in the current session, as if you had done a COMMIT before executing the statement. This means that DDL statements cannot be performed within another transaction, within transaction control statements such as START TRANSACTION ... COMMIT, or combined with other statements within the same transaction.
Whereas with real transactional DDL, the DDL can be done within large transactions, multiple ALTER's could be rolled back, no changes are visible outside the transaction...
MySQL 8 was extremely new at the time this comment was posted. It's likely that mysql limitations were a big part of the thinking. The mention of pt-online-schema-change at the bottom makes me think so.
"The investigation revealed that the infected PC belonged to a user who was connected to the Internet connected network used for administrative purposes. This is isolated from the critical internal network."
The article explicitly states that there was no air gap at play here.
That can be easily refuted by saying “do you really think that all big bank executives didn’t know what was going on and decided to ride the money wave”?
Knowing that one or more people of a group have done something doesn't necessarily lead to knowing which ones, or having proof of them doing that thing. (much less proof of knowing, which is what you are saying).
“Where there is smoke there is fire” is not a doctrine of criminal law. Also, by that token, who should we have prosecuted for the 2000 tech-related crash?
the dotcom 1.0 crash had a lot of irrational exuberance, where VC money was raised and pissed away for ideas that wouldn't work at the time (beenz, flooz, pets.com, webvan, etc). Then there was the outright fraud like Enron and Worldcom.
Eric Holder, the attorney general at the time, did not prosecute bankers for the 2008 recession. The attorney general did prosecute people responsible for the issues in the dot com crash.
How is that comparable? Holder even stated, "I am concerned that the size of some of these institutions becomes so large that it does become difficult to prosecute them" because it might damage the economy. That is not an aspect the AG should be considering. They should be upholding the rule of law which did not occur after the 2008 crisis
> Grassley: Do you believe that the investment bankers that were repackaging bad mortgages that were AAA-rated are guilty of fraud or is it a case of just not being aggressive or effective enough to prove that they did something fraudulent and criminal?
> Holder: We looked at those kinds of cases. I think we have been appropriately aggressive, these are not always easy cases to make. When you look at these cases, you see that things were done ‘wrong’ then the question is whether or not they were illegal. And I think the people in our criminal division… I think have been as aggressive as they could be, brought cases where we think we could have brought them. I know that in some instances that has not been a satisfying answer to people, but we have been as aggressive as we could have been.
He also says:
> Holder: You are right, senator. The greatest deterrent effect is not to prosecute a corporation — although that’s important — the greatest deterrent effect is to prosecute the individuals in the corporations that are responsible for those decisions.
He's saying the opposite of what you're claiming he said: that he tried to prosecute the "bankers" as aggressively as he could, but the cases were "not easy to make."
More granularly than decisions made by Holder, one could also look at the number of prosecutions (vs lack of prosecutions) from the US Southern District of New York which has jurisdiction in the area.
And a lot of people are forced to a plea after being overcharged and put through a very long crippling (financially and mentally) process while for the DA/cops is just another day to go to work
I believe you are missing the problems that such environment creates.
Back-stabbing, and simply not well thought out events will start to take place.
This is not about the "good" things 360 has in favor, it's about the bad ones that such environment can unleash!
By the way you don't need notify to hook into the Replication stream. It is possible to get access to the changes directly from the jdbc driver for example. Logical Replication is a big deal!
It was very motivating