I had 2fa enabled on my LastPass account, but didn't have access to the phone anymore. I clicked a link, LP sent me an email, and I was able (through that email) to remove 2fa.
It doesn't make their 2fa completely useless, but it's not great.
That sounds fine to me tbh. It's worth knowing, but it's not weak. Email is a pretty good 2FA in terms of security, it's just not great in terms of usability, so it makes for a good fallback.
Attacker with MP + email access is pretty severe.
I wish more services used email as a 2FA instead of SMS.
I don't think technical debt is an insult. Docker is a fully-fledged platform, 90% of which is not in use in any Kubernetes cluster. It's bloat. That Swarm and everything else was baked into the platform along with the runtime makes it technical debt for those that necessarily have to support it.
I don't think anyone hates docker. But there is an issue of hubris here.
Then it should be called technical debt of dockershim, right? I don't want to nitpicking, but the tone of the article is definitely negative. And the whole community are not showing the respect to docker as a whole and brand.
Global here refers to the geographical spread of the service, GKE in this case, measured in regions, not the number of services.
Edit: I saw your point a bit late. It was limited to GKE, which makes my initial comment about "service" incorrect, and it was global, which keeps my comment about "region" correct. On a related note, an SRE from GKE posted on Slack that GCE was out of resources and so GKE faced resource exhaustion as well [1][2] - so it _might_ have been a multi-service outage.
I struggle to find evidence that this is any better anywhere else. At almost every other company I've worked at, the interview process was more about the referral itself (which leads to some pretty awful hires), or whether you can fake it til you make it.
Talent is not a single measure at Google. There are multiple facets to whether Google believes a candidate is solid. Strong technical talent is not an indicator of success, rather just one aspect of it that's taken into consideration by the hiring committees. So yeah, Google will say no to incredibly talented people because they fall short in other areas.
Crapshoot is table stakes practically everywhere you go. At least Google makes an attempt at making things objective and holistic.
The entire cluster is on-prem. At the moment, you can optionally leverage a secured tether to manage your cluster in GCP with the same management features you've come to expect with GKE proper. If the connection is lost, your cluster is still fully functional, so no there is no requirement for permanent access to your intranet. The access, when it exists, is also secured to only permit specific access between Google's network and your cluster.
