Good morning! Today's the day.
Today's the day Haley and I are reunited at work.
And I come baring gifts, obviously.
Haley's obviously not here yet, so... this is sad.
Haley: Heyyy!
What's up?
This is from Annmarie.
Annmarie bought me this? Thank you Annmarie!
Finally having lunch together again! Haley: Finally.
How was your lunches when I wasn't here?
So... everyone ignored me.
No one invited me. Sarah: Really?
They all suck.
Tomer's leaving.
Tomer: I'm going to miss you more than any other person in here and that's the truth.
All of those people compared to you, it's just...
Sarah, peace and love.
We're going to miss you so much.
You have Sarah and Haley's seal of approval.
Word of the day, word of the day.
Gosh the asperity.
TONE DOWN THE ASPERITY!
We need to get sweatshirts that say "tone down the asperity"
Omg that is our new thing.
If we get t-shirts it's going to say tone down the asperity.
What does asperity mean again?
No, asperity means a harshness of tone or manner.
What else can we get on t--shirts?
What are our umm.. do we have any slogans?
You should ask our fans.
Fans: what do you want us to put on our t-shirts?
What is something that makes you think "Haley and Sarah".
Yeah, I'm curious.
We'll give out a free t-shirt.
what's word of the day today?
Word of the day is Nugatory.
Which means useless or futile.
Like chopsticks.
Chopsticks are great.
For more infomation >> Reunited After 7 Years - Duration: 4:25.-------------------------------------------
Evolving Into the Infinite Self ★ Stuart Wilde (law of attraction) - Duration: 19:07.
For more infomation >> Evolving Into the Infinite Self ★ Stuart Wilde (law of attraction) - Duration: 19:07. -------------------------------------------
stand by you - Duration: 1:07.
For more infomation >> stand by you - Duration: 1:07. -------------------------------------------
The STRANGEST but USEFUL Products! - Duration: 10:33.
Here are the strangest products of 2016!
15.
The bumper dumper You know that feeling when you're on the
road and have to go to the bathroom?
You have to find a gas station or fast food joint and you never know what you're going
to see when you get in there.
Some people are just filthy.
With the bumper dumper, your problems are over.
This toilet attaches to a standard trailer hitch for those times when you need to go
when you're on the go.
No more smelly bathrooms.
You can sit on your throne in the great outdoors, just taking it all in while you're letting
it all out.
And it's lined with a kitchen garbage bag, so flushing the toilet is as easy as taking
out the trash.
Best of all, everyone can see it while you're driving around, and they'll know that you're
that special breed of person that just doesn't care what other people think.
14.
Travelmate robotic suitcase Tired of carrying heavy luggage?
This robotic suitcase drives by itself, leaving your hands free to make cell phone calls and
high five your friends.
It can navigate crowds and has a special attachment for a video camera so it can film you while
you walk, like your own personal paparazzi.
Drone?!
Who needs a flying drone?!
It'll match your speed up to 6.75 miles per hour, but honestly, who wants to walk
that fast?
You control the travelmate with an app on your phone and the software is open source,
so you clever tekkies can dream up new assignments for you mechanical luggage.
I want to see one that talks back to baggage handlers.
"Don't you throw me!
Don't you throw me!
Oh no you didn't!!"
13.
Sunscreenr When you put on sunscreen, you're almost
guaranteed to miss some spots and wind up with some unsightly red blotches when you
get back from the beach.
Sunscreenr puts an end to all that.
It's a revolutionary device that lets you see the sunscreen on your skin as you put
it on.
When you look through the viewfinder, the spots you missed show up as pale blotches,
letting you know where you need to slab more on.
It even takes short videos so you can check your back and the top of your head - if you
are a little light on hair up there.
When the kids get out of the pool you can see with a glance if they need to re-apply.
"Aw mom!"
The sunscreenr is small, light, waterproof, and best of all, sandproof.
Say goodby to sunburn, skin cancer, and jokey white hand prints.
12.
Altwork Station - Forget the standing desk or the rolling chair.
The Altwork station lets you work in any position, even flat on your back.
This incredible work station has taken ergonomics to the extreme.
You can set the computer screen and keyboard for maximum comfort, totally eliminating workplace
discomforts such as carpal tunnel syndrome and stiff neck.
You'll be so comfortable it won't even seem like work, probably because you'll
be asleep.
Make sure your boss gets one too.
Soon your whole office will be happily dozing the day away.
You may have to work longer hours to get all of your work done, but who cares?
In a set-up that comfortable, you probably won't even mind!
11.
Musical Hoodie Remember the piano necktie?
(use the clips of mugatu from Zoolander) C'mon you guys remember this legendary scene from
the first zoolander!
This hoodie is way cooler.
It's a fashion statement and musical instrument rolled into one.
You press the stylish panels to play musical notes.
With a little you practice you'll be able to play your own theme song while strutting
down the street.
You'll get all the attention you've always deserved and don't be surprised when girls
try to "play" you too.
You'll be irresistible.
It's like having your own dance party and everyone around you is invited!
10.
Drumi - Wouldn't it be nice if you could just do
a superfast load of laundry, with a few select items, so you could lengthen the time between
loads?
This slick little washing machine will save you many trips to the laundromat.
It's small, portable, and fits in a hall closet.
It uses 80 percent less water than a standard washing machine and you operate it with your
foot, so you can have clean clothes even in a power blackout.
to use it, you lift the plastic lid, add clothes to the drum, along with five liters of water,
then close the lid and add the detergent to it.
Pump the pedal for two minutes, then push the button to empty the soapy water.
Add another five liters of water, pump the pedal for another two minutes, release the
water, then pump for an additional minute to act as a "spin cycle."
The pumping motion turns the rounded drum, tumbling the clothes inside.
A whole load takes only five to ten minutes.
Next thing you know, you'll be the most popular person on your floor.
Now all you'll need is a tiny drier.
9.
Liki Brush Who hasn't wanted to lick their cat clean?
Well, me for one, but I know lots of people that would love to lick a cat, if it weren't
so tough to not get a hairball in your stomach.
Well now, there's a solution for all the tongue-tied cat lovers out there.
The Liki brush fits right in your mouth, so you can mimic licking your cat to your heart's
content, without the inconvenient hair balls.
It is a great way to spend some quality time with your feline friend.
Your cat will love you for it, or sit there looking out of the window, pretending you're
not even there.
8.
Zeek smart pillow - This smart pillow will literally sing you
to sleep.
According to the company, it's super comfortable and plays sweet music to lull you into dreamland.
And while you sleep, it records your natural sleep movements so it knows exactly when to
wake you up in the morning without leaving you groggy and dazed.
It even lets you know how loud you were snoring if you couldn't tell from your neighbors
banging on the walls next door.
If your significant other gives you a Zeek smart pillow, they might be trying to tell
you something.
7.
Hushme - Speaking of annoying noise, the Hushme is
a voice mask for mobile phones.
It looks like something Bane was wearing in the Batman movie, or a terrorist torture device.
You can blab all you want on your phone with the comforting knowledge that no one can hear
you.
It's great on the go, but perfect for the office as well.
Even better than using it yourself, give it to your annoying co-worker, the one with the
volume problem and telephone addiction.
6.
Digitsole Smartshoe - Finally, there's air conditioning for your
feet.
The Digitsole smart shoe … did they really call it digit sole? … is temperature controlled,
keeping your feet toasty warm on cold winter days, and your reputation hot with their "trendy"
cool Marty McFly look.
Nike needs to take a cue from this company and step up their game with the next Air Mag.
The shoe also counts your steps, monitors your activities and lets you know how many
calories you've burned, so you can keep track of your steps even in situations where
you wouldn't necessarily want to wear a fitbit, like in a basketball or soccer game.
Digitsole smartshoes may by the cold-footed, calorie counting, step tracker's dream.
Now, if these only came with a floating hoverboard!
5.
Bluetooth Pregnancy Test Why use a drugstore pregnancy test when you
can use the First Response Bluetooth pregnancy test?
No, you don't pee on the phone, but it's the next best thing.
You pee on a stick that's connected to your phone through the magic of bluetooth.
Instead of looking for a pink band, you get the results in living color on your smartphone.
It's a pregnancy test and a best friend too.
Before you start, you tell it what you're hoping for.
That way when the results come in, the app can either congratulate you, give you tips
to help you get pregnant, or blast out Madonna's "Papa Don't Preach."
You can set the app not to automatically tweet the results, but where's the fun in that?
4.
FEND Some cyclists like to carry their helmets
around to show everybody what fitness nuts they are, but for the rest of us who us don't
like carrying those bulky things around or who want to hide the fact that we aren't
legal to drive in this state, the FEND offers a handy solution - the collapsible, folding
bike helmet.
It's supposedly just as safe as a traditional bulky bike helmet, but it folds up easily
to fit in your bookbag, sparing you from carrying it, or worse, wearing it through the office.
So now there's really no excuse not to wear a bike helmet.
3.
Trump pencil sharpener Ahhhh the good ol' Dump-a-Trump pencil holder.
You've probably heard about the mathematician with the constipation problem.
He worked it out with a pencil.
But you don't need a pencil to work out how to use this fine desk ornament - wait,
actually you do.
The only thing that would make this lovely gift idea better, would be to make a pencil
sharpener out of it.
That way you could push the pencil in, turn it, and hear the satisfying grinding sound.
Actually, a pull string voice box would make it even better, with a random selection of
great Trump quotes.
2.
CleverPet Hub Despite what you saw in the movie Pets, what
your dog does when you're out of the house is pretty much limited to lying around, chewing
up stuff, and peeing on stuff.
It gets pretty boring; alone all day with nothing to do.
Enter the Clever Pet Hub.
It's a game console - for dogs.
The clever pet hub is designed to get dogs to be more active.
It's like the old Simon board game, which most of you have probably never heard of.
Panels light up and the dog has to hit them with its paws to get a treat.
Think whack-a-mole for the pooch.
Just like people, some dogs catch on quickly, while others just stare and drool.
Daniel Knudsen, co-founder and chief science officer of San Diego-based CleverPet said
"The hard part for now is convincing people that a game console for dogs is not a ridiculous
concept."
How true Mr. Knudsen.
How true.
1.
Daqri Smart Helmet No, the Daqri smart helmet does not hold a
tasty frozen drink cup with a straw to your mouth.
It's actually a super cool safety hard hat with augmented reality goggles.
Yes, augmented reality.
The helmet turns you into a kind of Superman, only instead of x-ray vision, you see all
kinds of extra stuff - virtual objects overlaid onto the real world in front of you.
It's not for games.
It's to make workers more efficient and to keep them safe in hazardous construction
sites or nuclear power plants.
Workers can look at a pipe and know what's flowing through it, or get step by step instructions
to do a complicated task, with the numbered steps appearing before their eyes, and helpful
arrows and diagrams laid directly onto what they are looking at.
Here's what's next!
-------------------------------------------
Ex Air Force Pilot to Noynoy: Maraming p*tang*na! You call yourself commander-in-chief? - Duration: 4:27.
From a retired Air Force general who is still raging over the betrayal of those who didn't
lift a finger to save the SAF44.
full letter of Gen. Romeo Poquiz below:
"For 2 years, I kept my outrage to myself on the Mamasapano incident.
With nobody punished on its 2nd year anniversary today, however, I cannot anymore contain my
outrage I have to publicly speak up.
As a former Air Force helicopter pilot deployed in the field, my crew and I were always on
the alert.
When calls for air support from engaged Army or Marine ground forces were received, we
were up in the air in no time at all and delivered the required assistance - be it aerial fire
support or close air support, medical or casualty evacuation, food or ammo resupply, transport
of reinforcement troops, etc.
We did these to the ground troops despite them coming from different branches of service.
We did these even if we sometimes have to violate Air Force regulations such as flying
at night, during inclement weather, flying without a buddy aircraft, extremely dangerous
combat situations, etc.
We did these even when there were no prior coordination to us by the ground troops on
their operation, and we had to improvise in order to locate them to support them.
We did these even when there were no orders yet from air force commanders for us to fly
and conduct the missions.
We did these again and again even if our helicopters were riddled with bullet holes after every
mission.
These are the reasons why I cannot anymore contain my outrage on the Mamasapano incident
where 44 precious lives of soldiers /policemen comrades were lost.
There were PAF helicopters and close air support aircraft in Zamboanga and Davao on that day
yet not a single aircraft flew to support the SAF.
Not even for persuasion flights.
Why?
The Air Force commanders said there was no order for them to dispatch the aircrafts.
Bullshit!
I would have hanged myself if I was the Air Force commander.
A US helicopter picked up the dead and wounded instead of a Philippine Air Force helicopter.
Son of a gun!
The request for support by the SAF was not an ordinary request for assistance.
It was an S.O.S.
It was for a rescue.
The troops were sitting ducks and were being slaughtered, some with their heads decapitated
- the massacres were even being witnessed live via US drone monitor by a president at
the 3rd Air Division headquarters in Zamboanga City.
Why was there no artillery support given despite the pleas of the police commanders?
Because there was no prior coordination on the operation and you were not given the exact
grid coordinates.
Putangina!
For 12 hours?
You should have at least fired blank artillery rounds, or fired white phosphorus on the long
and wide Mamasapano River, so that the dying troops may have at least thought that they
were supported before their last breath.
You did not rescue the SAF troops, despite their dying pleas, because you did not want
to displease a president, who probably was on his lucid intervals, and who salivated
for the Nobel Peace Prize.
Putangina pa rin!
And you call yourselves commanders and commander-in-chief?
And you sleep soundly at night?
Maraming putangina!"
-------------------------------------------
The Secure Developer - Ep. #7, Understanding Container Security - Duration: 29:17.
Guy Podjarny: So hi everybody, and welcome back to The Secure Developer.
Here today with us we've got Ben Bernstein
from Twistlock. Thanks for coming on the show, Ben.
Ben Bernstein: No, thank you for inviting me.
Guy: I think maybe before we dig in and start talking
about all sorts of things, container security
and microservice security and the likes,
maybe Ben, do you want to give a quick intro to yourself,
your background. What do you do?
Brian: Sure, I've actually been a developer
throughout most of my career, in Microsoft,
working on different security suites
and the OS security of windows.
Recently me
and another friend, we started Twistlock,
which had to do about the change that is happening
in the world of developers and how it affects
the security world, and this is
how Twistlock came into being.
Guy: Cool, again, I think the container security space
is hot and new, but also entirely imperative
to the adoption of containers, which is growing probably
faster than the security controls on it are.
Brian: Absolutely, and for us it's really
an opportunity, and we were pretty amazed with the reception
of the concept that you just outlined, yeah.
Guy: Yeah, so to level set a little bit,
we're talking containers and security, right?
This is probably going to be a theme this episode.
Can you give us a bit of a baseline
about what should you care about,
what should you think about when you think
about security aspects of containers?
Brian: So, it's really interesting because
A lot of the people
that read about containers,
they read the theoretical
material.
People come to the conclusion
that the most fundamental issue about containers
is whether they're as secure as VMs or not
and whether you lose something between moving
from VMs to containers,
but that's not what I've seen
in practice.
In all the customers
and organization that move to containers,
and especially the enterprise ones, t
he core thing about containers
is the detachment of software from the actual physical,
or now virtual machine.
So the interesting thing
is not whether they're as secure as VMs,
but rather how you could control the mess
and the empowerment of developers to do so many things.
The developers now control the entire stack.
Security's
one of the most important things about software and
developers can make mistakes.
How do you make sure that everything is compliant
and it is as safe as possible?
In the past you had IT people,
it will be their safety belt.
Now you need sort of something else to help them.
Guy: Yeah, I guess the location of where
some of these decisions are made changes, right?
And, hopefully outdated but still probably
very much alive in certain systems worlds,
where in order to run something you would have to ask
InfoSec to provision the server,
or ask IT to provision the server.
And that would require an InfoSec inspection,
then you know, it's not a great world in many ways,
but in that world at least there is that security inspection.
That just completely disappears in a world where
as a developer you put in a Dockerfile, and voila,
you know, the entire operating system just got stood up.
Brian: Absolutely, and here lies also the opportunity,
bebecause when you think about it, as a developer
you'd probably not want to wait until the IT person
knocks down your door and says like,
"What the hell you just did?".
What you'd like to do is to use the CI/CD tools
in order to push them into some staging mechanism
or something that reviews it and pushes back to you
if there's any issue.
And that's actually really
a good opportunity for you as a developer
to get the feedback right away, and so,
in the past a lot of the things that used to be issues
would only be discovered very late in the process.
And then you had to find out
which developer did what and why, and here,
once you do something that is wrong, this is an opportunity
to actually push back things.
But just like you said,
you have to choose a different location to do these things
and the CI/CD tools would be probably the best location
to give feedback to the developers
about anything you can do.
For example with vulnerabilities,
You'd rather know about a vulnerability
as you check-in your container or your code
rather than wait for it to happen in production
and it being picked up by some mechanism.
So always closer to the developers
always have and always will make more sense.
Guy: Yeah, I definitely agree with that perspective.
I think containers sort of do two or three things
in the process.
One is the technical one,
which, as you pointed out is not that important
around the fact that technically your operating system's
going to run under or within a container versus within a VM.
And there's a lot of conversation in container security
world earlier on about, you know was,
really was just shortcomings in the Docker Engine.
And
some of those are still there,
but they're less interesting about whether a container
is isolated or not, they're interesting today,
but long-term they're a secondary.
What's more important is the revolution
of how a software is built and who is building it.
So maybe we should split those two a little bit.
There's the technical aspect of it.
Or it's not that technical, but it's around
how is the software being built. It's now built
as part of a CI/CD process, and
Maybe we lost
some security gate that we had before
in asking the InfoSec person whether they can do it.
But we've just gained access into this CI/CD world
and this opportunity to run tests early on.
So I guess we can have the whole thing be a net negative
in terms of security if we don't capitalize
on that opportunity.
Or we can turn it into an advantage,
if we do tap into it.
Brian: Absolutely, and it almost goes back
to the question of tests and a lot of the other stuff.
And you can look at some of the companies
who have been doing it right, like Netflix and Google,
and the way they did their CI/CD, and the way they
did their staging, and their cows, monkeys,
and all that kinda stuff.
I mean, just trying to figure out
about things as early as possible
and doing it in an automated way is really important.
So you must develop new tools that don't exist
today that enable you to do all of that.
Because
Today's tools were not built for the CI/CD world.
They were not built in order for the security people
to set the policy and then for that policy
to be enforced in a dev friendly way.
So when you're thinking about how you're going to build
your dev to production environment,
this is definitely something that you want to keep in mind.
Guy: Yeah, and I think the notion of how security tools
were built for security audits, more so than any sort
of continuous testing is a bit of a recurring theme.
In the show here we've had it come up several times
because the tools were built for the present
in which they're being used.
And in fact,
even today's present, right, the majority
of security controls today happen outside of the container
world in the continuous world.
And that's increasingly
changing, but that's still the case,
so you need tools that focus on the use case
of building in that CI/CD, again, capitalizing
on an opportunity.
Because you just lost
something, but you gain something all that much powerful
if only you had sort of the tools to take action there.
Brian: Absolutely. Honestly, this is almost half the story.
The other half is actually the fact that containers
in themselves.
The fact that they're minimalistic,
the fact that they're immutable,
the fact that they're more declarative
lets you
get better indication of compromise
and anomalies.
And get to better baselining
based on machine learning, and a lot of the good things
that security is about. But
I guess it doesn't have to do with the developer space.
But I'm just saying because developers move to this,
you actually get more information and you're able
to protect them better at run time, so not only do you
get better feedback to the developers,
eventually the security pros would also find this system
more useful, so it's sort of a win-win.
Guy: Right, in this case I would say
that containers are just one manifestation
of infrastructure as code. And infrastructure as code,
as a whole, implies predictable hardware,
or predictable deployments.
Again,
barring bugs, but it's predictable deployments,
and therefore you can go on and you can check controls.
Netflix actually have, I think it's called
the Conformity Monkey as part of their Simian Army.
It goes off and lets you deploy stuff, I think as is,
I'm not sure if the Conformity Monkey's engage or not,
but then it goes off and it randomly finds systems
and it just checks to see whether they conform
to what they should be conforming.
So developers can go on and do whatever they please,
but they may be caught if they've done something wrong
by the Conformity Monkey.
You know again,
giving them sometimes opportunities while showing them
the responsibility that they need to address.
nd tools of that nature, they don't have to be containers,
but they have to be in that context
of infrastructure as code.
Brian: Absolutely, I actually had an interesting discussion
with one of the people in Netflix. And they mentioned to me
that they even have a new monkey that tests access control.
So you don't typically think about that,
but developers now have not only the power to create code
and to create the entire stack, but there are some things
that typically were taken care of by the IT people.
And suddenly developers have full control over it,
and you suddenly don't have the extra safety belt.
And one of which is identity and how much privileges
does your services have.
Because you as a developer,
you're testing in some environment,
you might create some kind of a authentication
and authorization policy, which is good for your environment
but maybe it's not good enough for production.
So they actually have this monkey that tests
list privileges, and that's really
interesting that they came to this conclusion so early.
Because, they did it based on practice
because they saw the developers sometimes make mistakes
and you need some kind of staging tools,
the monkeys, to sort of check whether they
did everything correctly or not.
Guy: So, I guess I'm trying to enumerate a few examples,
just sort of give people some things to tee up.
Let's focus on containers
as opposed to the broader concept as infrastructure as code.
Your need to test for something, have some security controls
as part of your CI/CD process.
We touched on two examples here, you can look
for vulnerable artifacts
in those containers you're deploying.
And the notion of sort of least privileged users
so you can audit probably the user
that systems are running with.
What other examples do you encounter
?
Brian: Sure, so the most common one, or the most basic one
would be a golden VM. That used to be sort of a way
for IT people to force certain OS hardening rules.
And so anything you could imagine about OS hardening.
A simple example would be there shall be
no SSH daemon in production, right?
I mean, that's just one example.
But anything that you'd
expect a base OS to have, anything that, and when I say
base OS I'm just thinking about the user mode, right?
Because the kernel, you know, the Linux kernel
is shared with the host.
But still there's so much damage
you can do by accidentally slipping something
into the OS layer that's not protective.
And then you basically need to make sure
that it conforms to certain standards.
And then you go to stuff like devices, right?
You could write something that looks at some attached
device for some reason, and as a security person
you probably want to limit these capabilities.
Because you, in development it made sense to you
to attach this device, you probably don't want to attach
any device in production, you know?
So a lot of these slips that could happen
need to be actually checked
before something is being put into production.
On top of that, there's something,
specific to containers, something called assist benchmark,
which have to do on whether in the container
you defined a user or did not define a user.
And it's based on which version of Docker you used
and whether you used certain restriction or you didn't.
So honestly, even like, the biggest experts
could get something wrong.
Bot to mention,
a standard user who's just trying to get around
to writing in a low world program and may not have
restricted everything that should be restricted.
So the CIS benchmark has about, I think 90 different things
that could go wrong and you want to check for,
ranging from the daemon configuration,
the host configuration &the specific containers.
It could be things
that the developer did wrong, or something that the DevOps
or the IT person that set up the host
on which the Docker is running has done wrong.
Guy: Yeah, those are really useful.
We can throw a link to them in the show notes.
The concept of enforcing, or testing for some,
basically policy violations, right?
That sometimes sounds like a heavy concept,
but in fact it's actually a very straightforward
to see that you're using the right operating system.
And I can totally see that happening, and in fact
have sort of seen it happen even, you know, personally.
I've done it, which is when you're local and you create
a Dockerfile or you create some environment,
your bias is just to get it to work.
And the inclination is just add things.
And then by the time, the distance of time
between the time you've just done that and you've made
the decisions about whatever operating system,
whatever you installed on it, and the time in which you
commit that and have that deployed.
There's a lag there, and during that time you
don't remember those decisions that you've made earlier on
that you entirely intended to make temporary, except,
you know, nothing's more permanent than the temporary.
So,
yes, those are really useful, and
I came across this interesting Dockerfile, Linter,
earlier on that does some of those components.
We'll throw a link to that.
These are our tools,
maybe this is the technical side of the fence, right?
The tooling you can put, and the audits or the checks
that you can add as part of your CI/CD piece.
I think the other part is the people piece,
because what also shifts in what you've described
of the process is that it's not just the tests that get run.
I
t's also the people that run them that change.
It's not the InfoSec person that does whatever inspection
on the check. It's the developer that is adding a test
to the CI that does the inspection.
How have you seen that in track?
You work with all these companies that are
adding container security components.
What do you see works from the interaction
between the people coming in with the security inputs
and the developers or DevOps teams that need to apply them?
Brian: So, it's interesting because, it's sort of bottom-up.
The whole approach to DevOps seems to revolve
around smart people who owned DevSpace
and then smart people who come from the OpSpace.
And they technically work together in order to create
some kind of a legitimate infrastructure
on which the entire organization can follow.
And so, the end result is that the SecOps people,
or security pros, they would like to set certain standards
and have them applied.
And they need
the DevOps people to actually implement all the mechanisms.
If you go back to how application security used to be
in the older world, in the VM world, you always had
the security ops
people working with the networking guys,
in order to put in all kind of IPS, IDS mechanism,
so it's almost the same to some extent.
They work with the DevOps people, but here the DevOps people
have a lot more responsibility because they're dealing
with a lot of delicate things such as the development
process.
So they need to be very professional about it,
the toolings, you know, the tools are still new,
there's a variety of things.
So they need to be experts
in that, and sometimes you get to a situation
where you run into a security pro person who actually
is so good that he learns about the development process.
He learns about the CI/CD tools, and he's comfortable
implementing some of these things himself, but,
that's kind of the exception rather than the rule.
Guy: Yeah, I think the, maybe one delta between the network ops
people and the DevOps people is just the pace of change.
The network world did not change faster than the
security world.
Or in fact probably the other way around,
while the development world, especially in this
sort of continuous versions of it changes very,
very quickly.
So to an extent I think you're entirely right,
I entirely agree with the importance of having
the security team and the development team,
or the SecOps team and the DevOps team communicating.
But I would also say that this is a case
that resembles a little more DevOps, this sort of this,
no, not just blurring, but entire elimination
of the line almost between those components,
where those teams work very, very closely
and very much hand in hand.
DevOps did not eliminate ops teams,
or make all developers Ops experts.
There are still people within the majority of companies
that operate it that are predominantly dev
or predominantly ops.
It's just they're not 100% anymore,
they're 5% of the other thing, or 10% of the other thing,
and either way they're sort of a part of the same teams,
cohorts, you know, goals, and working together.
Brian: Absolutely, and it's sort of even elevated the level
of policies that the security people sort of put
into the picture.
Because in the past you know
that the security people used to be involved
in every little thing that the developers did
before they actually put it into production.
Now it's no longer manageable 'because the scale is so big,
so it actually forces the security people
to think about this meta policy.
There should be no this and everything should be that
and apply it.
Because they can no longer go
to every person who owns a microservice
and ask him to describe in 10 pages what he's going to do
and then read these 10 pages and the next day
he's going to change it slightly.
So actually,
it sort of elevated their level of policy making
and also required them to get, to understand the DevOp space
much better in order to understand what they can
and cannot do, so I absolutely agree with you.
Guy: Yeah, and that process has actually happened
in the ops world, the notion of write it down
and then write it down in code.
Ops systems were also voodoo.
The flow of actions you might do during a security audit
were in somebody's head. Or they were written
in some outdated document.
And then as systems
and the deployment of those systems became more automated
and more touched, then those had to, first of all,
be written down in code so that they'd be predictable
and not go out of date because they represent
what's on the system.
And later on even be written down
or edited people that are not in Ops. So, I guess
it's the same process that security needs to look into.
Brian: Absolutely, and we're actually taking advantage of that,
like you pointed out. when we get to
actually see what's running you need to understand
the full context.
You need to understand the infrastructure
that was there from the hardware all the way
to the actual last bit of software configuration
that you did, and like we said, you can't do it
on a manual basis.
So actually, infrastructure as code
is actually very helpful in the process of protecting
software all the way to run time, so this is a blessing
for the security world.
Guy: So, these are really good topics,
and when you talk about containers,
we talked about both the security implications
within the containers, you know, thinking about what's
in them.
And the fact that they get created differently.
We talked about the opportunity to integrate testing
and which tests you could do as part of the CI/CD process
and the people that run them.
Maybe one last topic we can touch on,
which is also kind of top of mind for many people
is not the containers themselves,
but rather the microservice environment that they enable.
Containers as a tool
offered us the opportunity to now deploy many
different systems because it's that easy
to create them and to create lightweight versions of them
eliciting this new microservice environment, right?
Suddenly you have 100 servers, or maybe 100
is a little extreme, but 20 servers
that perform the same action that a single server
would've had before, that also introduces
a whole bunch of security concerns, no?
Brian: Yes, absolutely, it does,
and it goes back to our talk about the scaling.
By the way, we've seen customers running it
on hundreds of hosts. And
we have some customers that plan to go to thousands.
And you need to, when thinking
about security like we just said, you need to take
into account the host stack. But you also need
to sort of think about the scheduling of these microservices
in different environment.
And on one hand
understand the full stack, which could mean different hosts.
On the other hand you need to understand the software piece,
the specific container that you have,
and if there's an issue with it you want to flag it
and say that this was the container.
It wasn't the actual host, so it has to do with how
you analyze threats, it has to do with how you report
the threats, and it has to do, again, with the fact
that you need to do everything automatically.
So when something comes in you need to analyze it
automatically because there could be thousands
of the same container, it could be a thousand different ones,
some of which could go up for three seconds
and go down and you'll never see them again.
So everything needs to be automatic,
you need to think about scale, and you need to think
about the different pieces, about the orchestration
and about this new stack that's not exactly just Vms
and software which you run setup on.
So that
goes back to everything we've talked about,
including the fact that these are microservices,
which just make things sort of worse.
Guy: And I guess here there's also
the two-fold version of it, right?
When we talk about container security, one topic
that often comes to mind when you run those containers
is the fact that the container is run on a machine.
And many cloud services, like AWS,
would have their security policies
around which network slots were open.
Or which VPC you're a part of be an aspect of the machine
while the containers run on those.
And there's probably,
there's merit in them, again, and sort of security concerns
and, that run today, but there are once again shortcomings
of the current ecosystem that is just adapting to it.
Probably the bigger concern is in the changes
that are here to stay, which is the fact that now you have
all these different microservices and have to think
about how they interact.
What happens when one
of those services misbehaves, you know, what type
of exceptions might bubble up to the user
or to the outside organization.
What type of network monitoring do you do to identify
whether one of those components were comprised.
Brian: Actually, that's a huge opportunity again,
bebecause suddenly you got infrastructure as code.
And suddenly you got the person who developed this service
sort of imply to you, or even explicitly tell you,
depending on whether he's talking about the inbound traffic
or the outbound traffic.
But he's sort of implying to you
where each microservice might need to go.
And then if you baseline it correctly,
and you understand the orchestration mechanism.
Then you have this new type of firewalling where you could,
instead of just looking at static hype, or you know,
FQDNs, you suddenly understand this is a service,
he's trying to do one, two, and three.
And if he's doing four, which doesn't necessarily
translate into a different IP, maybe it's the same IP
that you had before. But now it's a different host.
Or maybe it's a new IP but that's okay
bebecause it's talking to a microservice that it should
talk to at this point.
This actually presents
a challenge, and again, an opportunity for tooling companies
and firewalling companies and security companies
to create a different type of firewall.
Or a more elevated and container friendly type of firewall.
Guy: Right, each of these services now are much easier
to understand, and if you understand them better,
because they're doing something much more pointed.
Then it's easier to differentiate right from wrong
and be able to monitor it in the right way.
Brian: Absolutely, that's exactly what we think in Twistlock.
And this is what we believe. That the security world
is actually going to revolve around that,
about pure software and about understanding the developers
when making the security decisions.
Because now developers are actually telling you more
and you need to listen to that.
Guy: I think that's maybe where the communication
needs to be indeed kind of start going the other way, right?
In the deployment process, the gates that have disappeared
have now moved into the developer's hands.
The developers now control what gets deployed,
how it gets deployed, what tests run on it
before it gets deployed, and that opportunity was lost
in the gate, but, and it was sort of gained now
in running these far better tests
in a far more continuous and efficient fashion.
Now that that's deployed, you know,
security is never static.
The fact you deployed something that you believed
to be secure at the moment does not end your security work.
Now you need to monitor these things in production,
and that's where the information needs to come
in the opposite direction.
Again, like in DevOps,
a lot of the concept is, if it moves, measure it,
if it doesn't move, measure it in case it moves, right?
And this notion of building operative software,
you need to build, you know, it's probably not a word,
but securable software that has the right outputs
to enable a security professional looking
and probably monitoring the system in production
to distinguish right from wrong.
Just like they would
a service that is just about to hit
its capacity threshold and you're going to have an outage.
Brian: Absolutely, and I see it as almost a thread
that goes from the dev, through baking to staging,
all the way to production. And it could go both ways,
and this is really the biggest change.
It's the big,
it's the change in development, it's the change in IT.
It's the change in responsibilities,
it's the change in security, and it's the whole opportunity
for the ecosystem and specifically security, absolutely.
Guy: So, this is, was a really good conversation.
Thanks again for sort of joining me in it.
I think it's amazing to me every time
how often you come back to the analogies
between the DevOps world
and the security evolution that needs to happen
for us to sort of secure this world.
Before we part, can I ask you, if you think
about a development team or a DevOps team
that is running right now and wants
to improve their security poster, right?
Want to sort of up their game
in terms of how they handle security.
What's your sort of top tip, right?
What's the one thing you would suggest that they focus on?
Brian: So, if I had to say one thing, I would say that
You
should really start designing security
as early in the process of moving to DevOps as possible.
Because you need to think about the tools,
and you want to put them in as soon as possible.
It's much harder to implement changes in the process
later down the road
So it sounds simple,
but that's what all the people who implement
best practices have done that we've seen so far.
Guy: No, that's really sound advice, and also I guess
containers give you an opportunity to do that,
because you're probably restarting or rethinking
some processes.
So you know,
that's your opportunity to build security in.
Thanks a lot again Ben for joining us on the show.
Brian: Thank you for giving me this opportunity.
I really appreciate it.
-------------------------------------------
Bad Words in Italian 101 #1: "To Pozz Schiaffà n'to culo?" - Duration: 2:23.
Hi everyone!
and welcome to my channel
I'm sorry for my bad pronunciation
but to many of you i'll sound like
*heavy stereotypes*
[mamma mia hyperdrive mod: ON]
Anyway let's jump into bad words in italian 101
Today
we are going to learn "To pozz schiaffà n'to culo"
which is
*confused*
"SNTENS"
*not convinced at all*
*google translating intesifies*
sentence
Anyway, as i was saying
this sentence is used in Naples
and means
Can i fuck your ass?
You know, if you are a guy that
s its sstss (wot)
rude AS FUCK but he's also, a gentleman
you may use this sentence
(idk) when you see a girl
det
u kno
got the
BOOTY
you may say "damn i want to fuck her ass"
so you got to say this
i'ts kinda (noises) strange to translate that
beacuse
sss
to pozz schiaffà
is
can i
fuck
at the same time
there's no perfect translation for that
░░░░░░░░░░░░░░░░░░░░░░░ ░░░░░░▄░░░▄░▄░░░▄░░░░░░ ░░░░▄███▄░███░▄███▄░░░░ ░░▄█▀█▀█▀█████▀█▀█▀█▄░░ ░▀▀░░░░░░░▐░▌░░░░░░░▀▀░
You may use this sentence in a dialogue like
Hey Gennaro!
Yeah?
See that girl down the street?
She's really hot!
You know what?
What?
I want to fuck her ass!
Tha's right!
*Consensus applause*
So, the right pronunciation
is hard to pronounce
if you are not iDalian
because
this isn't
proper Italian
Is a
*confused again*
DAYAHLETTH
*typing*
dialect
Anyway
You have to say
which is
*awkward*
ʢ ⏒ ͜ʖ ⏒ ʡ
That's for, schiaffare
buttare, put in
inside your ass
So next time
when you see a girl
that u
uuu
you like pretty much
a HOT girl
you want to be rude af but also want to be a gentleman
you go to the girl
and you ask
exscuse me
To pozz schiaffà n'to culo?
Anyway (14th time i said that) thank you for watching and see you next time
[quality outro]
-------------------------------------------
'BBC is Garbage and Racist': Top Russian Anchor Slams BBC Again (Kiselyov) - Duration: 3:35.
Now let's talk about the BBC.
It is just mind-boggling how they keep destroying their own reputation.
Remember how Trump called CNN "fake news" during his first press-conference?
Right after that, he also slammed the BBC,
muttering, 'another beauty' when their journalist caught his eye.
Well, they lived up to their lousy reputation yet again this week,
when they accused us of being racist, no less,
in a press review which they send around the world.
'The controversial Russian TV host Dmitry Kiselyov again made racist remarks
about the former first family of the US on his show, 'Vesti Nedeli'.
'Discussing Melania Trump's fashion style at the inauguration,
Kiselyov was very rude about Michelle Obama.'
'At the inauguration,
in her short-sleeved dress, next to Melania,
Michelle looked like somebody's cleaning lady
who had just taken off her white apron, who appeared in the photo by accident'
- he informed his audience.'
'he is considered the chief propagandist of the Kremlin'.
Sure, this is a quote from last Sunday's program
But the only racism here is in the minds of the BBC journalists who write this stuff.
We were talking about the different fashion styles of the two first ladies.
A close-fitting, short-sleeved dress,
with a collar reaching to the neck,
in a color which hides stains,
struck me as an odd choice for an inauguration,
as if she had just removed a white service apron.
That is why Michelle looked like a cleaning lady,
especially next to Melania, who was exquisitely dressed for the occasion.
Why bring up racism?
We weren't suggesting anything else.
Here's the clip:
'Melania is replacing Michelle
This was her coming-out, and we have to say, it was a success...
Starting with the striking light-blue coat at the swearing-in...
Followed by the white, bare-shouldered ball gown
And finishing with the fitted black, double-breasted coat she wore to church...
We are reminded of the fashion designer of the outgoing mistress of the White House
Who, in a noisy statement of political protest
Refused to design anything for Melania...
That designer's name escapes me now,
But no one cares any more who it was...
Because at the inauguration, Michelle, in her short-sleeved dress...
Looked like Melania's cleaning lady, accidentally appearing in the photo
As if she had just removed her white apron...
Is there any other way to interpret these two styles?
So where's the racism here?
Or is the BBC suggesting that all blacks are maids, and all maids are black?
Now THAT is racist nonsense.
Typical BBC - they are total garbage, don't you think?
They even managed to drag the Kremlin into it…
-------------------------------------------
Minecraft: Xbox One Edition Recording- IS IT POSSIBLE TO MINE 1 TUMBLE MAP BY YOURSELF? (9) - Duration: 5:21.
That intro music
So unfortunately, Xbox One cropped off the beginning of the match, but I had to hurry. I started immediately.
So take your guesses now, do you think it is possible? Remember, I get snowballs at Showdown.
Soul Sand did me no favors in this challenge.
And when you are always worrying about falling off, that doesn't help either.
Okay, Showdown, now I got snowballs. Really have to hurry now.
I took so long to get my momentum moving.
Also, for the record, snowballs have terrible accuracy.
SOUL SAND!
Soul Sand, you are doing me no favors right now for this challenge. Seriously.
AH, NOT THE COUNTDOWN, ANYTHING BUT THE COUNTDOWN.
I AM SO CLOSE! NO, PLEASE!
WHY AM I SO BAD AT THROWING SNOWBALLS?
NO, DON'T TICK DOWN! I AM ALMOST THERE!
TEN SECONDS!!! AH!!! PANIC! PANIC!
MUST WIN THE GAME, I CAN'T DO IT!
Aww, it was a draw. I didn't win either way. :(
Well...I feel defeated.
Sorry, (not sorry) I am just done. I was SO CLOSE.
Thanks for watching guys! I hope you enjoyed the video. As always, I am game with whatever you want me to keep doing. Later!
-------------------------------------------
find the mistake And win smartphone you have 2 months - Duration: 6:35.
you need phone
you need smart phone
win new phone
win ais new phone
-------------------------------------------
EP-0005 - What is a Waste Knot? Away Knot cross-stitch tutorial x-stitch flosstube - Duration: 4:21.
Hello, and welcome to The Stitching Kitchn.
Welcome back to The Stitching Kitchn.
I'm so excited that you joined me again today.
We're going to take that thread that we took out of the skein, that we put into the needle
with the needle threader, and we did a knot on it last time, and I'm going to show you
how to put it on your fabric.
I like to teach counted thread, cross-stitch on linen or an evenweave.
Now there is a difference between linen and evenweave.
I'm going to put a piece of linen right here.
And I'm going to put a piece of evenweave right here.
This is linen.
I want you to look at the thin threads and thick threads.
And then I want you to look at the evenweave.
The reason it's called evenweave is the vertical threads and the horizontal threads are the
same size.
Now, you might be asking yourself "why would I ever stitch on something with all those bumps
and lumps on it"?
Well, let me tell you.
Once you get started stitching on linen, it has a romance to it.
You stitch on the thick ones.
And you stitch on the thin ones.
Eventually, your stitches all look the same size.
They don't look different.
It's ... right now you're looking at a very bumpy 18-count linen.
And this is a 25-count evenweave.
What does that mean?
Well, you join me in the next episode and I'm going to show you.
But, for today, I'm going to show you why you need a knot.
Most patterns ... they tell you to start in the middle. Let's pretend this is the middle.
Well, it's hard to cross-stitch up.
And my favorite thing is to start in the corner or right in the middle at the top.
What I want you to do is ... let's pretend we have a three-inch in and a three-inch down
and there's a border right here.
And, when we do our needle case, I'm going to show you how to do those stitches right
in the middle.
So, when you have, when you have your thread in the needle ... and, yea, it's a big needle,
but I'm the teacher.
I get the big stuff ... so ... a lot of people tend to go like this because they want a long
piece of ... they want a long piece of thread.
But, what happens is you're going to take that thread and you're going to be moving
it in and out of this fabric.
What's happening is you're wearing out the threads on the sides.
So, as little thread that you can get away with in the eye of the needle, the better
it is for your thread when you make your stitches.
It takes a while to get used to keeping your thumb and forefinger or your middle finger
on the eye to keep the threads from coming out.
Even an advanced stitcher such as myself ;-) ... no, seriously ... when we pull we can take that
needle away from the thread in an instant.
It gets caught on your clothes, it gets caught on a button, it gets caught on the cat.
So, whatever it gets caught on, it's good practice because then you can rethread your
needle.
So ... I like to have at least an inch and a half to two inches between me and the place
where I'm going to start.
So, there is what's called a waste knot or an away knot.
It's out of my way.
I will then come up here and find a vertical thread which will be our next class.
So, practice tying your knots and I'll see you next week.
So, today we are going to show you how to knot the end.
There are a lot of different philosophies out there about knots.
-------------------------------------------
কিভাবে ছোট চাচীকে পটিয়ে সেক্স করলাম [Bangla HD Vedios] - Duration: 18:52.
কিভাবে ছোট চাচীকে পটিয়ে সেক্স করলাম [Bangla HD Vedios]
-------------------------------------------
Possessed Girl (Without SFX Products !) - Duration: 6:02.
My friend of Bermuda.
I should really stop with this guy. It makes several days that I run on the videos of Efkan KNZ, aka Fromhumantogod for the most sports of you
I can't stop playing on a loop the series on Vanessa in the beam shampoo at Carrefour. This guy makes me trip. He's so fu**in' stupid... That makes me laugh.
If you took the time to read the channel's description, You normally had to read that I was going to make SFX makeup, without using SFX products, and it's there that gets more complicated.
We forget about latex, fake blood etc. for today, we are ONLY going to use face paint' products.
Set apart a single product which we're going to use today and which one we can find in certain SFX makeup, it's some petroleum Jelly.
Before we get into the makeup, I'm gonna show you how I proceeded to create my shadows.
The technique that I'm going to teach you is often used in realistic makeup because it was the purpose today. I had to make something more or less realistic.
Tell me in comments if I wallowed or if I managed in time one of few to meet my challenge.
This is a technique that I personnally never seen on YouTube, I've learned it in a book which one is about Realism in face painting. So, I think that is a good thing to teach it you today.
If you're interested by the book I'm talking about, I'll put a link below to help you find it.
We stop brewing of air, it's time to take our brushes and begin to work. Let's go !
(The Wash techniques)
First, I get my brush wet.
I go back and forth into my pot.
I put down the quantity taken in the lid of the latter.
I rince my bresh and dry off the excess on a towel or a bathmat, whatever.
I take back a little bit of the quantity that's in the lid and now, you can see the difference between the "watered paint" and the classical one.
For my base, I made it as usual, without using the technique I've just shown you.
With my index finger, I am going to make drool the product to begin my irritation of the skin.
I do the same thing on my lower lip.
I mixed together my red and black face paints to create my first shadow,, using "the wash techniques" and I deposit this new color into the most cramped places.
For every duet which are going to follow, I used this famous technique.
I focus my shadows always on the same areas, without going as further as my previous shadow. I do not know if it is very clear but I hope that you understood the idea.
I found that it missed depth thus to correct that, I applied little bit of black lipstick.
To begin my work of lights, I clean my brush, remove the surplus and I tap it at the level of the widest zones, where the light is used to finding accommodation.
I increase these areas with the white, I just rubbed the product.
Keeping my white, I come to highlight certain zones because, it's well known, the lights highlight the shadows and inverse is correct too.
I take back my red and I poursuit the process of irritation. I've also used the purple face paint, the Brown and a yellow one, that I've forgot to mention to accentuate the redness.
I do the same things for my swollen lip.
I add stitches with black.
For shadowing, I've just diluted the black as I taught you.
To create this flesh-coloured side in lively, flesh-coloured exposed, I applied some petroleum jelly in the center of my wounds, where I put my lights.
I don't forget to load well my brush with red to create to create spatters of blood and there, I think that you are relatively badass to haunt the nights of your close friends.
-------------------------------------------
future - Duration: 0:08.
wheouat let dog, niggas weren't fee
weyo
You really shouldn't mumble.
Because I can't understand a word you're saying.
-------------------------------------------
Crochet Messy bun hat tutorial (eng sub) pattern - Duration: 55:00.
Crochet Messy bun hat tutorial
Make headband first
Ch 16
Start into 3rd chain from hook. Double crochet in each stitch (14). Ch 2, turn
FPdc, dc 2, (FPdc, dc 2), to last stitch of row. Last FPdc, dc in chain 2 space.
Ch 2, turn.
dc, FPdc 2, dc, (FPdc 2, dc) repeat of end last dc, dc in chain 2 space. Ch 2, turn
FPdc, dc 2, (FPdc, dc 2), to last stitch of row. Last FPdc, dc in chain 2 space.
Ch 2, turn
dc, FPdc 2, dc, (FPdc 2, dc) repeat of end last dc, dc in chain 2 space. Ch 2, turn
FPdc, dc 2, (FPdc, dc 2), to last stitch of row.
Last FPdc, dc in chain 2 space.
Continue until your work is 20" or 21" long. (For headband strap done).
Go back to video beginning and start again Ch 16 etc. When Strap done. Sew together headband.
This will be first stitch of hat. Join yarn, ch 1
Front Post double crochet
double crochet 2
Front Post double crochet
double crochet 2
Repeat FPdc and dc 2
Front Post dc, dc 2
Front Post dc
double crochet 2 still in headband
Front Post in very first stitch of headband strap
double crochet 2
Front Post double crochet, dc 2
Front Post double crochet, dc 2
Front Post in very last stitch of headband strap
double crochet in next 2 stitches
Repeat Front Post double crochet and dc 2 to end of round
FPdc , dc and 2dc in last stitch
join
Ch 2, FPdc and dc 2 repeat to end of round
FPdc, dc 2
FPdc
skip stitch, join
Repeat Ch 2, FPdc and dc 2 , join / 3 more rounds
5 rounds all together done
Ch 2, FPdc and dc together and dc
Repeat - FPdc and dc together and dc to end of round
Last stitch FP dc and join with slip stitch
Ch 2, FPdc and dc together, dc
last stitch FPdc and join with slip stitch
Ch 2, FPdc ( 2 stitches in it, both together make FPdc) and dc together
Repeat FPdc and dc together
Last stitch FPdc and join witch slip stitch
Last round, Ch 2,
dc2tog repeat all around
sorry do not look very good
dc2tog again
dc in the same stitch and dc in next stitch together
join
Fasten off. Weave ends
-------------------------------------------
Ready To Wear 5piece Denim Collection - Duration: 4:28.
For more infomation >> Ready To Wear 5piece Denim Collection - Duration: 4:28. -------------------------------------------
Its 2017 Are You Willing to Fail - Duration: 0:27.
Hey Everyone, Kent Burns Simply Driven
Executive Search. It is 2017! Are you
willing to fail? And how many times are
you willing to fail? Because, failure is
the key to success.
The more you fail, the faster you succeed.
Are you really willing to believe that,
and get busy failing your way into 2017!
-------------------------------------------
Career Breakthrough - Do You Believe? - Duration: 0:36.
Hey Everyone, Kent Burns Simply Driven
Executive Search in our series on
"Creating a Career Breakthrough" Belief!
Belief is critical to creating a career
breakthrough.
Do you believe in yourself? Do you
believe it can happen?
Do you believe that you're in conditions
that can allow it to happen? If you don't
believe in yourself
that's agenda item number one. Gotta work
on that! If you don't believe in your
conditions or your circumstances, time to
ask yourself how you can change those. If
you can't change those, maybe it's time
to find a different environment.
-------------------------------------------
Ms. Annie Smith - Pursue Your Interests - Duration: 1:01.
Hi! I'm Annie Smith.
I would like to share some of the opportunities offered at the Jay Shop.
Whether you enjoy working with machines or people,
we are willing to assist you in building a career.
We train individuals to pursue their interests,
using coaching, traditional education and apprenticeships in numerous fields.
You can benefit greatly by trying new and different jobs.
Sometimes, volunteering or just being visible will help prospective employers to see your qualities.
If you write poems, speak publicly,
draw, are skillful with tools, or have another special gift,
you can find a job that is very accommodating.
So, put your best foot forward at all times.
Thank you!
-------------------------------------------
Anti-trump Protesters at the University of Washington Library - Librarian replied them like a Boss - Duration: 0:46.
Please Subscribe Our Channel for more !
Không có nhận xét nào:
Đăng nhận xét