ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    AzureAD and shares

    Scheduled Pinned Locked Moved IT Discussion
    137 Posts 9 Posters 16.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stacksofplatesS
      stacksofplates @scottalanmiller
      last edited by

      @scottalanmiller said in AzureAD and shares:

      @stacksofplates said in AzureAD and shares:

      @brandon220 said in AzureAD and shares:

      Here is an example from the FFIEC Cybersecurity Assesment Tool:
      assessmentsnip.PNG
      The more OSS you have, the lower your score will be.

      I'm not defending or even sure this is what they are talking about, but they may be looking at the risk of the licensing. It can be tough to keep track of all of the licensing of open source tools and making sure you comply with them.

      But, honestly, not nearly as hard as the risks of anything else. And "can be" should never be a legitimate factor. ONce we go down that path, we could list unrealistic risks for forever.

      Right, like I said I'm not defending them. Just trying to look at it from all angles.

      scottalanmillerS 1 Reply Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller @stacksofplates
        last edited by

        @stacksofplates said in AzureAD and shares:

        @scottalanmiller said in AzureAD and shares:

        @stacksofplates said in AzureAD and shares:

        @brandon220 said in AzureAD and shares:

        Here is an example from the FFIEC Cybersecurity Assesment Tool:
        assessmentsnip.PNG
        The more OSS you have, the lower your score will be.

        I'm not defending or even sure this is what they are talking about, but they may be looking at the risk of the licensing. It can be tough to keep track of all of the licensing of open source tools and making sure you comply with them.

        But, honestly, not nearly as hard as the risks of anything else. And "can be" should never be a legitimate factor. ONce we go down that path, we could list unrealistic risks for forever.

        Right, like I said I'm not defending them. Just trying to look at it from all angles.

        What people never consider is that closed source licensing COULD still require in the EULA that you comply with GPL of your own code simply by using the closed source product 🙂 Cloud source EULAs can pretty much carry any risk imaginable. They don't, but they could.

        stacksofplatesS 1 Reply Last reply Reply Quote 0
        • stacksofplatesS
          stacksofplates @scottalanmiller
          last edited by

          @scottalanmiller said in AzureAD and shares:

          @stacksofplates said in AzureAD and shares:

          @scottalanmiller said in AzureAD and shares:

          @stacksofplates said in AzureAD and shares:

          @brandon220 said in AzureAD and shares:

          Here is an example from the FFIEC Cybersecurity Assesment Tool:
          assessmentsnip.PNG
          The more OSS you have, the lower your score will be.

          I'm not defending or even sure this is what they are talking about, but they may be looking at the risk of the licensing. It can be tough to keep track of all of the licensing of open source tools and making sure you comply with them.

          But, honestly, not nearly as hard as the risks of anything else. And "can be" should never be a legitimate factor. ONce we go down that path, we could list unrealistic risks for forever.

          Right, like I said I'm not defending them. Just trying to look at it from all angles.

          What people never consider is that closed source licensing COULD still require in the EULA that you comply with GPL of your own code simply by using the closed source product 🙂 Cloud source EULAs can pretty much carry any risk imaginable. They don't, but they could.

          Yeah definitely true. I don't like closed source at all. I mean if I need the tool I'll buy it but I'd rather use a open source tool.

          I've seen a lot of people thought that think they can just do whatever since it's open source and it doesn't matter. AGPL is pretty strict and there's a lot of popular tools written with that license.

          scottalanmillerS 1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @stacksofplates
            last edited by

            @stacksofplates said in AzureAD and shares:

            @scottalanmiller said in AzureAD and shares:

            @stacksofplates said in AzureAD and shares:

            @scottalanmiller said in AzureAD and shares:

            @stacksofplates said in AzureAD and shares:

            @brandon220 said in AzureAD and shares:

            Here is an example from the FFIEC Cybersecurity Assesment Tool:
            assessmentsnip.PNG
            The more OSS you have, the lower your score will be.

            I'm not defending or even sure this is what they are talking about, but they may be looking at the risk of the licensing. It can be tough to keep track of all of the licensing of open source tools and making sure you comply with them.

            But, honestly, not nearly as hard as the risks of anything else. And "can be" should never be a legitimate factor. ONce we go down that path, we could list unrealistic risks for forever.

            Right, like I said I'm not defending them. Just trying to look at it from all angles.

            What people never consider is that closed source licensing COULD still require in the EULA that you comply with GPL of your own code simply by using the closed source product 🙂 Cloud source EULAs can pretty much carry any risk imaginable. They don't, but they could.

            Yeah definitely true. I don't like closed source at all. I mean if I need the tool I'll buy it but I'd rather use a open source tool.

            I've seen a lot of people thought that think they can just do whatever since it's open source and it doesn't matter. AGPL is pretty strict and there's a lot of popular tools written with that license.

            In most cases, it's people thinking that they can just use the code without following the license. Technically, a far bigger risk with closed source under the same conditions.

            stacksofplatesS 1 Reply Last reply Reply Quote 0
            • stacksofplatesS
              stacksofplates @scottalanmiller
              last edited by

              @scottalanmiller said in AzureAD and shares:

              @stacksofplates said in AzureAD and shares:

              @scottalanmiller said in AzureAD and shares:

              @stacksofplates said in AzureAD and shares:

              @scottalanmiller said in AzureAD and shares:

              @stacksofplates said in AzureAD and shares:

              @brandon220 said in AzureAD and shares:

              Here is an example from the FFIEC Cybersecurity Assesment Tool:
              assessmentsnip.PNG
              The more OSS you have, the lower your score will be.

              I'm not defending or even sure this is what they are talking about, but they may be looking at the risk of the licensing. It can be tough to keep track of all of the licensing of open source tools and making sure you comply with them.

              But, honestly, not nearly as hard as the risks of anything else. And "can be" should never be a legitimate factor. ONce we go down that path, we could list unrealistic risks for forever.

              Right, like I said I'm not defending them. Just trying to look at it from all angles.

              What people never consider is that closed source licensing COULD still require in the EULA that you comply with GPL of your own code simply by using the closed source product 🙂 Cloud source EULAs can pretty much carry any risk imaginable. They don't, but they could.

              Yeah definitely true. I don't like closed source at all. I mean if I need the tool I'll buy it but I'd rather use a open source tool.

              I've seen a lot of people thought that think they can just do whatever since it's open source and it doesn't matter. AGPL is pretty strict and there's a lot of popular tools written with that license.

              In most cases, it's people thinking that they can just use the code without following the license. Technically, a far bigger risk with closed source under the same conditions.

              In general yeah, but the GPL police are fierce. I work with a guy who's old company was going to be sued for not including the simple configs they wrote along with the distribution.

              scottalanmillerS 1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller @stacksofplates
                last edited by

                @stacksofplates said in AzureAD and shares:

                @scottalanmiller said in AzureAD and shares:

                @stacksofplates said in AzureAD and shares:

                @scottalanmiller said in AzureAD and shares:

                @stacksofplates said in AzureAD and shares:

                @scottalanmiller said in AzureAD and shares:

                @stacksofplates said in AzureAD and shares:

                @brandon220 said in AzureAD and shares:

                Here is an example from the FFIEC Cybersecurity Assesment Tool:
                assessmentsnip.PNG
                The more OSS you have, the lower your score will be.

                I'm not defending or even sure this is what they are talking about, but they may be looking at the risk of the licensing. It can be tough to keep track of all of the licensing of open source tools and making sure you comply with them.

                But, honestly, not nearly as hard as the risks of anything else. And "can be" should never be a legitimate factor. ONce we go down that path, we could list unrealistic risks for forever.

                Right, like I said I'm not defending them. Just trying to look at it from all angles.

                What people never consider is that closed source licensing COULD still require in the EULA that you comply with GPL of your own code simply by using the closed source product 🙂 Cloud source EULAs can pretty much carry any risk imaginable. They don't, but they could.

                Yeah definitely true. I don't like closed source at all. I mean if I need the tool I'll buy it but I'd rather use a open source tool.

                I've seen a lot of people thought that think they can just do whatever since it's open source and it doesn't matter. AGPL is pretty strict and there's a lot of popular tools written with that license.

                In most cases, it's people thinking that they can just use the code without following the license. Technically, a far bigger risk with closed source under the same conditions.

                In general yeah, but the GPL police are fierce. I work with a guy who's old company was going to be sued for not including the simple configs they wrote along with the distribution.

                Yeah, although now we are talking product firms, not operations. The affect on operations is generally minimal.

                stacksofplatesS 1 Reply Last reply Reply Quote 0
                • stacksofplatesS
                  stacksofplates @scottalanmiller
                  last edited by

                  @scottalanmiller said in AzureAD and shares:

                  @stacksofplates said in AzureAD and shares:

                  @scottalanmiller said in AzureAD and shares:

                  @stacksofplates said in AzureAD and shares:

                  @scottalanmiller said in AzureAD and shares:

                  @stacksofplates said in AzureAD and shares:

                  @scottalanmiller said in AzureAD and shares:

                  @stacksofplates said in AzureAD and shares:

                  @brandon220 said in AzureAD and shares:

                  Here is an example from the FFIEC Cybersecurity Assesment Tool:
                  assessmentsnip.PNG
                  The more OSS you have, the lower your score will be.

                  I'm not defending or even sure this is what they are talking about, but they may be looking at the risk of the licensing. It can be tough to keep track of all of the licensing of open source tools and making sure you comply with them.

                  But, honestly, not nearly as hard as the risks of anything else. And "can be" should never be a legitimate factor. ONce we go down that path, we could list unrealistic risks for forever.

                  Right, like I said I'm not defending them. Just trying to look at it from all angles.

                  What people never consider is that closed source licensing COULD still require in the EULA that you comply with GPL of your own code simply by using the closed source product 🙂 Cloud source EULAs can pretty much carry any risk imaginable. They don't, but they could.

                  Yeah definitely true. I don't like closed source at all. I mean if I need the tool I'll buy it but I'd rather use a open source tool.

                  I've seen a lot of people thought that think they can just do whatever since it's open source and it doesn't matter. AGPL is pretty strict and there's a lot of popular tools written with that license.

                  In most cases, it's people thinking that they can just use the code without following the license. Technically, a far bigger risk with closed source under the same conditions.

                  In general yeah, but the GPL police are fierce. I work with a guy who's old company was going to be sued for not including the simple configs they wrote along with the distribution.

                  Yeah, although now we are talking product firms, not operations. The affect on operations is generally minimal.

                  Yeah true, but that's similar with proprietary also, most people don't get caught. You still have to comply though. It can be a lot of work to ensure you're in compliance. Like when software decides to change licenses between versions.

                  DashrenderD 1 Reply Last reply Reply Quote 0
                  • DashrenderD
                    Dashrender @stacksofplates
                    last edited by

                    @stacksofplates said in AzureAD and shares:

                    @scottalanmiller said in AzureAD and shares:

                    @stacksofplates said in AzureAD and shares:

                    @scottalanmiller said in AzureAD and shares:

                    @stacksofplates said in AzureAD and shares:

                    @scottalanmiller said in AzureAD and shares:

                    @stacksofplates said in AzureAD and shares:

                    @scottalanmiller said in AzureAD and shares:

                    @stacksofplates said in AzureAD and shares:

                    @brandon220 said in AzureAD and shares:

                    Here is an example from the FFIEC Cybersecurity Assesment Tool:
                    assessmentsnip.PNG
                    The more OSS you have, the lower your score will be.

                    I'm not defending or even sure this is what they are talking about, but they may be looking at the risk of the licensing. It can be tough to keep track of all of the licensing of open source tools and making sure you comply with them.

                    But, honestly, not nearly as hard as the risks of anything else. And "can be" should never be a legitimate factor. ONce we go down that path, we could list unrealistic risks for forever.

                    Right, like I said I'm not defending them. Just trying to look at it from all angles.

                    What people never consider is that closed source licensing COULD still require in the EULA that you comply with GPL of your own code simply by using the closed source product 🙂 Cloud source EULAs can pretty much carry any risk imaginable. They don't, but they could.

                    Yeah definitely true. I don't like closed source at all. I mean if I need the tool I'll buy it but I'd rather use a open source tool.

                    I've seen a lot of people thought that think they can just do whatever since it's open source and it doesn't matter. AGPL is pretty strict and there's a lot of popular tools written with that license.

                    In most cases, it's people thinking that they can just use the code without following the license. Technically, a far bigger risk with closed source under the same conditions.

                    In general yeah, but the GPL police are fierce. I work with a guy who's old company was going to be sued for not including the simple configs they wrote along with the distribution.

                    Yeah, although now we are talking product firms, not operations. The affect on operations is generally minimal.

                    Yeah true, but that's similar with proprietary also, most people don't get caught. You still have to comply though. It can be a lot of work to ensure you're in compliance. Like when software decides to change licenses between versions.

                    Like java?

                    stacksofplatesS scottalanmillerS 2 Replies Last reply Reply Quote 0
                    • stacksofplatesS
                      stacksofplates @Dashrender
                      last edited by stacksofplates

                      @Dashrender said in AzureAD and shares:

                      @stacksofplates said in AzureAD and shares:

                      @scottalanmiller said in AzureAD and shares:

                      @stacksofplates said in AzureAD and shares:

                      @scottalanmiller said in AzureAD and shares:

                      @stacksofplates said in AzureAD and shares:

                      @scottalanmiller said in AzureAD and shares:

                      @stacksofplates said in AzureAD and shares:

                      @scottalanmiller said in AzureAD and shares:

                      @stacksofplates said in AzureAD and shares:

                      @brandon220 said in AzureAD and shares:

                      Here is an example from the FFIEC Cybersecurity Assesment Tool:
                      assessmentsnip.PNG
                      The more OSS you have, the lower your score will be.

                      I'm not defending or even sure this is what they are talking about, but they may be looking at the risk of the licensing. It can be tough to keep track of all of the licensing of open source tools and making sure you comply with them.

                      But, honestly, not nearly as hard as the risks of anything else. And "can be" should never be a legitimate factor. ONce we go down that path, we could list unrealistic risks for forever.

                      Right, like I said I'm not defending them. Just trying to look at it from all angles.

                      What people never consider is that closed source licensing COULD still require in the EULA that you comply with GPL of your own code simply by using the closed source product 🙂 Cloud source EULAs can pretty much carry any risk imaginable. They don't, but they could.

                      Yeah definitely true. I don't like closed source at all. I mean if I need the tool I'll buy it but I'd rather use a open source tool.

                      I've seen a lot of people thought that think they can just do whatever since it's open source and it doesn't matter. AGPL is pretty strict and there's a lot of popular tools written with that license.

                      In most cases, it's people thinking that they can just use the code without following the license. Technically, a far bigger risk with closed source under the same conditions.

                      In general yeah, but the GPL police are fierce. I work with a guy who's old company was going to be sued for not including the simple configs they wrote along with the distribution.

                      Yeah, although now we are talking product firms, not operations. The affect on operations is generally minimal.

                      Yeah true, but that's similar with proprietary also, most people don't get caught. You still have to comply though. It can be a lot of work to ensure you're in compliance. Like when software decides to change licenses between versions.

                      Like java?

                      Yeah that could be one. I was thinking more along the lines of changes like MongoDB, CockroachDB, Redis, etc. And even less obvious like when OwnCloud switched from GPL v2 to AGPL (before NextCloud came along). AGPL is quite a bit more open than GPL v2 is so you would need to be aware of any changes there.

                      scottalanmillerS 1 Reply Last reply Reply Quote 0
                      • ObsolesceO
                        Obsolesce @brandon220
                        last edited by

                        @brandon220

                        https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-create-file-share

                        1 Reply Last reply Reply Quote 1
                        • ObsolesceO
                          Obsolesce
                          last edited by

                          @brandon220

                          https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-planning

                          1 Reply Last reply Reply Quote 1
                          • scottalanmillerS
                            scottalanmiller @Dashrender
                            last edited by

                            @Dashrender said in AzureAD and shares:

                            @stacksofplates said in AzureAD and shares:

                            @scottalanmiller said in AzureAD and shares:

                            @stacksofplates said in AzureAD and shares:

                            @scottalanmiller said in AzureAD and shares:

                            @stacksofplates said in AzureAD and shares:

                            @scottalanmiller said in AzureAD and shares:

                            @stacksofplates said in AzureAD and shares:

                            @scottalanmiller said in AzureAD and shares:

                            @stacksofplates said in AzureAD and shares:

                            @brandon220 said in AzureAD and shares:

                            Here is an example from the FFIEC Cybersecurity Assesment Tool:
                            assessmentsnip.PNG
                            The more OSS you have, the lower your score will be.

                            I'm not defending or even sure this is what they are talking about, but they may be looking at the risk of the licensing. It can be tough to keep track of all of the licensing of open source tools and making sure you comply with them.

                            But, honestly, not nearly as hard as the risks of anything else. And "can be" should never be a legitimate factor. ONce we go down that path, we could list unrealistic risks for forever.

                            Right, like I said I'm not defending them. Just trying to look at it from all angles.

                            What people never consider is that closed source licensing COULD still require in the EULA that you comply with GPL of your own code simply by using the closed source product 🙂 Cloud source EULAs can pretty much carry any risk imaginable. They don't, but they could.

                            Yeah definitely true. I don't like closed source at all. I mean if I need the tool I'll buy it but I'd rather use a open source tool.

                            I've seen a lot of people thought that think they can just do whatever since it's open source and it doesn't matter. AGPL is pretty strict and there's a lot of popular tools written with that license.

                            In most cases, it's people thinking that they can just use the code without following the license. Technically, a far bigger risk with closed source under the same conditions.

                            In general yeah, but the GPL police are fierce. I work with a guy who's old company was going to be sued for not including the simple configs they wrote along with the distribution.

                            Yeah, although now we are talking product firms, not operations. The affect on operations is generally minimal.

                            Yeah true, but that's similar with proprietary also, most people don't get caught. You still have to comply though. It can be a lot of work to ensure you're in compliance. Like when software decides to change licenses between versions.

                            Like java?

                            Well that's an example of license compliance where proprietary makes IT make mistakes easily. But totally different than the open source risk, which is a risk to developers who try to "steal code" rather than IT trying to "deploy without checking the EULA".

                            1 Reply Last reply Reply Quote 1
                            • scottalanmillerS
                              scottalanmiller @stacksofplates
                              last edited by

                              @stacksofplates said in AzureAD and shares:

                              @Dashrender said in AzureAD and shares:

                              @stacksofplates said in AzureAD and shares:

                              @scottalanmiller said in AzureAD and shares:

                              @stacksofplates said in AzureAD and shares:

                              @scottalanmiller said in AzureAD and shares:

                              @stacksofplates said in AzureAD and shares:

                              @scottalanmiller said in AzureAD and shares:

                              @stacksofplates said in AzureAD and shares:

                              @scottalanmiller said in AzureAD and shares:

                              @stacksofplates said in AzureAD and shares:

                              @brandon220 said in AzureAD and shares:

                              Here is an example from the FFIEC Cybersecurity Assesment Tool:
                              assessmentsnip.PNG
                              The more OSS you have, the lower your score will be.

                              I'm not defending or even sure this is what they are talking about, but they may be looking at the risk of the licensing. It can be tough to keep track of all of the licensing of open source tools and making sure you comply with them.

                              But, honestly, not nearly as hard as the risks of anything else. And "can be" should never be a legitimate factor. ONce we go down that path, we could list unrealistic risks for forever.

                              Right, like I said I'm not defending them. Just trying to look at it from all angles.

                              What people never consider is that closed source licensing COULD still require in the EULA that you comply with GPL of your own code simply by using the closed source product 🙂 Cloud source EULAs can pretty much carry any risk imaginable. They don't, but they could.

                              Yeah definitely true. I don't like closed source at all. I mean if I need the tool I'll buy it but I'd rather use a open source tool.

                              I've seen a lot of people thought that think they can just do whatever since it's open source and it doesn't matter. AGPL is pretty strict and there's a lot of popular tools written with that license.

                              In most cases, it's people thinking that they can just use the code without following the license. Technically, a far bigger risk with closed source under the same conditions.

                              In general yeah, but the GPL police are fierce. I work with a guy who's old company was going to be sued for not including the simple configs they wrote along with the distribution.

                              Yeah, although now we are talking product firms, not operations. The affect on operations is generally minimal.

                              Yeah true, but that's similar with proprietary also, most people don't get caught. You still have to comply though. It can be a lot of work to ensure you're in compliance. Like when software decides to change licenses between versions.

                              Like java?

                              Yeah that could be one. I was thinking more along the lines of changes like MongoDB, CockroachDB, Redis, etc. And even less obvious like when OwnCloud switched from GPL v2 to AGPL (before NextCloud came along). AGPL is quite a bit more open than GPL v2 is so you would need to be aware of any changes there.

                              But, important to note, that in one case the changes affect developers, the other IT. The OS license changes is mostly a change to how you use the code, not the product. Prop changes are changes in how you use the product, not the code.

                              But proprietary has the risk of turning INTO open source, so carries all the OS risks anyway by the nature of being able to change its license, too.

                              stacksofplatesS 1 Reply Last reply Reply Quote 0
                              • travisdh1T
                                travisdh1 @scottalanmiller
                                last edited by

                                @scottalanmiller said in AzureAD and shares:

                                @brandon220 said in AzureAD and shares:

                                FFIEC Cybersecurity Assesment Tool

                                It is REALLY fishy that a government agency is trying to put small banks at risk and goes directly against requirements for the big institutions.

                                Have you DEALT with a government agency lately? Just last week I had to fix a client's access to the Social Security billing system which is forcing use of Internet Explorer 11 to run software that downloads on demand and establishes a VPN into the main billing system database. They think they're secure, but use a security model from the 90s at best on old browsers that should have been retired.

                                DashrenderD 1 Reply Last reply Reply Quote 0
                                • DashrenderD
                                  Dashrender @travisdh1
                                  last edited by

                                  @travisdh1 said in AzureAD and shares:

                                  @scottalanmiller said in AzureAD and shares:

                                  @brandon220 said in AzureAD and shares:

                                  FFIEC Cybersecurity Assesment Tool

                                  It is REALLY fishy that a government agency is trying to put small banks at risk and goes directly against requirements for the big institutions.

                                  Have you DEALT with a government agency lately? Just last week I had to fix a client's access to the Social Security billing system which is forcing use of Internet Explorer 11 to run software that downloads on demand and establishes a VPN into the main billing system database. They think they're secure, but use a security model from the 90s at best on old browsers that should have been retired.

                                  They don't think they are secure - they just have a platform that 'worked' in the 90's and amazingly still works, so they won't update it.

                                  travisdh1T scottalanmillerS 2 Replies Last reply Reply Quote 1
                                  • travisdh1T
                                    travisdh1 @Dashrender
                                    last edited by

                                    @Dashrender said in AzureAD and shares:

                                    @travisdh1 said in AzureAD and shares:

                                    @scottalanmiller said in AzureAD and shares:

                                    @brandon220 said in AzureAD and shares:

                                    FFIEC Cybersecurity Assesment Tool

                                    It is REALLY fishy that a government agency is trying to put small banks at risk and goes directly against requirements for the big institutions.

                                    Have you DEALT with a government agency lately? Just last week I had to fix a client's access to the Social Security billing system which is forcing use of Internet Explorer 11 to run software that downloads on demand and establishes a VPN into the main billing system database. They think they're secure, but use a security model from the 90s at best on old browsers that should have been retired.

                                    They don't think they are secure - they just have a platform that 'worked' in the 90's and amazingly still works, so they won't update it.

                                    No, I talked with their support people, they insist that their "system" is secure.

                                    1 Reply Last reply Reply Quote 0
                                    • scottalanmillerS
                                      scottalanmiller @Dashrender
                                      last edited by

                                      @Dashrender said in AzureAD and shares:

                                      @travisdh1 said in AzureAD and shares:

                                      @scottalanmiller said in AzureAD and shares:

                                      @brandon220 said in AzureAD and shares:

                                      FFIEC Cybersecurity Assesment Tool

                                      It is REALLY fishy that a government agency is trying to put small banks at risk and goes directly against requirements for the big institutions.

                                      Have you DEALT with a government agency lately? Just last week I had to fix a client's access to the Social Security billing system which is forcing use of Internet Explorer 11 to run software that downloads on demand and establishes a VPN into the main billing system database. They think they're secure, but use a security model from the 90s at best on old browsers that should have been retired.

                                      They don't think they are secure - they just have a platform that 'worked' in the 90's and amazingly still works, so they won't update it.

                                      It didn't work then either, they just know that their customers aren't very smart or concerned.

                                      1 Reply Last reply Reply Quote 1
                                      • stacksofplatesS
                                        stacksofplates @scottalanmiller
                                        last edited by

                                        @scottalanmiller said in AzureAD and shares:

                                        The OS license changes is mostly a change to how you use the code, not the product.

                                        Not with AGPL. Say you modify a FreePBX script that comes with the software for some reason. You have to make that available to the customers using your software along with the original source.

                                        Or another example is you modify the script that comes with NextCloud to correctly set SELinux labels (that's definitely happened here). You need to make that modification and the original available to the users of the software. GPLv3 doesn't deal with networked software, which is why AGPL was created.

                                        Notwithstanding any other provision of this License, if you modify the Program, your modified version must prominently offer all users interacting with it remotely through a computer network (if your version supports such interaction) an opportunity to receive the Corresponding Source of your version by providing access to the Corresponding Source from a network server at no charge, through some standard or customary means of facilitating copying of software.

                                        scottalanmillerS 1 Reply Last reply Reply Quote 0
                                        • scottalanmillerS
                                          scottalanmiller @stacksofplates
                                          last edited by

                                          @stacksofplates said in AzureAD and shares:

                                          @scottalanmiller said in AzureAD and shares:

                                          The OS license changes is mostly a change to how you use the code, not the product.

                                          Not with AGPL. Say you modify a FreePBX script that comes with the software for some reason. You have to make that available to the customers using your software along with the original source.

                                          Or another example is you modify the script that comes with NextCloud to correctly set SELinux labels (that's definitely happened here). You need to make that modification and the original available to the users of the software. GPLv3 doesn't deal with networked software, which is why AGPL was created.

                                          Notwithstanding any other provision of this License, if you modify the Program, your modified version must prominently offer all users interacting with it remotely through a computer network (if your version supports such interaction) an opportunity to receive the Corresponding Source of your version by providing access to the Corresponding Source from a network server at no charge, through some standard or customary means of facilitating copying of software.

                                          While minor, those are code changes. I see what you mean. But I always keep those things vanilla, because they need to be updated with every download. If I wanted to change those things, I'd do so in the public repo. From an IT perspective, I'd be making those modications outside of those scripts themselves.

                                          stacksofplatesS 2 Replies Last reply Reply Quote 0
                                          • stacksofplatesS
                                            stacksofplates @scottalanmiller
                                            last edited by

                                            @scottalanmiller said in AzureAD and shares:

                                            @stacksofplates said in AzureAD and shares:

                                            @scottalanmiller said in AzureAD and shares:

                                            The OS license changes is mostly a change to how you use the code, not the product.

                                            Not with AGPL. Say you modify a FreePBX script that comes with the software for some reason. You have to make that available to the customers using your software along with the original source.

                                            Or another example is you modify the script that comes with NextCloud to correctly set SELinux labels (that's definitely happened here). You need to make that modification and the original available to the users of the software. GPLv3 doesn't deal with networked software, which is why AGPL was created.

                                            Notwithstanding any other provision of this License, if you modify the Program, your modified version must prominently offer all users interacting with it remotely through a computer network (if your version supports such interaction) an opportunity to receive the Corresponding Source of your version by providing access to the Corresponding Source from a network server at no charge, through some standard or customary means of facilitating copying of software.

                                            While minor, those are code changes. I see what you mean. But I always keep those things vanilla, because they need to be updated with every download. If I wanted to change those things, I'd do so in the public repo. From an IT perspective, I'd be making those modications outside of those scripts themselves.

                                            I agree, but we've had real world cases here on this site where it's happened. It's important for people to know that those changes still legally count.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 7
                                            • 7 / 7
                                            • First post
                                              Last post