Peter wrote:
But running that kind of system requires smart people.
You mean “****” people 
I’m on the “other” end of IT admin obviously The company I work for has recently been bought by a much larger (10k+ employees) company. Actually more than a year ago, but lots of back and forth and arms and legs until things have settled only weeks ago. One of those things is PCs. Everyone will get a new “company PC”. The old PCs was to be delivered to the company and destroyed.
Cool, I specced my PC a top notch laptop, like the one I essentially got less than two years ago, only better. My work involves a good deal of programming, most of it on embedded devices. These devices are then installed in, AFAIK, completely sealed and isolated environments. The IP setting from one customer to the other, is different. They all have their little “head ****” with their own IP structure. No problem, just change a few settings and it works. But, all this requires me to have full access to my PC . Other times I take measurements with “odd” equipment, also requiring me to have full access to my PC.
The new company consists mostly of what we in the old days called “paper engineers”. Nothing wrong with that (nothing terrible wrong at least ) Today, they don’t work with paper of course, but with large commercial CAD etc software as well as a whole bunch of administrative, project related software. For all this to be secure enough (according to current ****fication specs), the PCs also are “sealed”. All one can do with the PC, is to hook up to the company’s network and use the company’s suit of software. Even the USB on them won’t accept a USB drive. You cannot install anything, you cannot change anything. They are essentially just a terminal to the “main frame” of the company. Secure – yes. Useful (for me) – completely useless!!!
What will happen is that I, and several others, will use our old PCs for all that “non-compatible company work”. They cannot ever be connected to the “main frame” of the company, and we have to administrate those PCs ourselves. An OK solution on the face of it, but not really when digging a tiny bit beneath the surface. I would think there are other ways of handling this, but maybe not?
Most organisations issue locked-down PCs these days – it’s necessary to prevent peoples’ PCs getting infected within 24hrs, which would happen even if they don’t go to any p0rn sites (which many do, even at work).
I’ve edited your post to remove words which are just too hot these days, in Europe As a Norwegian you would have probably got away with that but you don’t get the flak around here.
Interesting you do embedded work too. You should get an unrestricted PC obviously, although if I was your boss I would still not let you do private email on the company PC. You can use your phone or tablet for that, at lunchtime Anyway you will know that IOT can’t be on open ports because a) it is full of back doors upon release; b) there is usually no way to update the firmware; c) firmware updates are an obvious attack vector; d) somebody has to run the admin structure for field-deployed devices, and run it for ever… certificate management is practically impossible if running https servers (client is OK; I am doing that). Anyway I doubt Jepp got hacked that way, although I do wonder if there is an attack vector via Foreflight, running on an Ipad which has a cloaked root job installed, and the FF server grabbed something from it. Jepp never had remote access to their PC products but FF is different (telemetry going back to the church HQ).
Your old PC is fine; anything not connected to the company LAN is ok. You can use your phone as a wifi hotspot for your PC Because total security from hackers is impossible, companies in industrial control sometimes use LANs with no internet connection. Until they need time sync… I make a box which does an NTP server, using GPS time.
Back to the topic, it’s interesting that ForeFlight application doesn’t have the access to NOTAM when you check e.g. airport but if you invoke briefing for planned flight, you’ll get all NOTAMs related to your flight.
Emir wrote:
Back to the topic, it’s interesting that ForeFlight application doesn’t have the access to NOTAM when you check e.g. airport but if you invoke briefing for planned flight, you’ll get all NOTAMs related to your flight.
Do you have an example? If so, please PM me or forward to [email protected]
Any updates on the case?
I am not able to log to my Jepp account.
Not possible to register new one.
Luckily Jepp Distribution Manager works and it is possible to update nav cards for my gns430.
NCYankee wrote:
Emir wrote:Back to the topic, it’s interesting that ForeFlight application doesn’t have the access to NOTAM when you check e.g. airport but if you invoke briefing for planned flight, you’ll get all NOTAMs related to your flight.
Do you have an example? If so, please PM me or forward to [email protected]
Luckily, it works now in both segments of the application, so I can’t send the example.
