←back to thread

Material 3 Expressive

(design.google)
334 points meetpateltech | 4 comments | 13 May 25 17:20 UTC | HN request time: 0.641s | source
Show context
bflesch ◴[16 May 25 11:38 UTC] No.44004143[source]
How did these clowns manage to make my mouse cursor laggy? It is incomprehensible for me to live in such a big bubble with such a big paycheck and then spend zero brainpower on systems without graphics acceleration.

This is extremely bad engineering and these engineers should be called out for it. It takes a special kind of person to deliver this and be proud of it.

Once they made their millions at Google these engineers will be our landlords, angel investors, you name it. The level of ignorance is unfathomable. Very sad.

replies(42): >>44004209 #>>44004297 #>>44004309 #>>44004310 #>>44004330 #>>44004378 #>>44004468 #>>44004549 #>>44004638 #>>44004825 #>>44004861 #>>44004919 #>>44005080 #>>44005120 #>>44005144 #>>44005713 #>>44005761 #>>44005939 #>>44006054 #>>44006202 #>>44006222 #>>44006355 #>>44006362 #>>44006397 #>>44006542 #>>44006933 #>>44007513 #>>44007884 #>>44008050 #>>44008069 #>>44008126 #>>44008380 #>>44008411 #>>44008487 #>>44008805 #>>44008857 #>>44008864 #>>44009031 #>>44009167 #>>44009897 #>>44010290 #>>44010679 #
Raed667 ◴[16 May 25 13:11 UTC] No.44005080[source]
[Ticket Closed] resolution: user should buy a macbook pro with at least the M3 processor

/s

replies(3): >>44005186 #>>44006790 #>>44006948 #
cube00 ◴[16 May 25 13:21 UTC] No.44005186[source]
SecOps put CrowdStrike's Falcon and Windows Defender on our Macs so we'd have about 20% CPU left for our actual dev work. That's not an exaggeration, staring at the System Monitor is all you can do when everything is locked up.

The Android emulator sucks the remainder with ease. The app performs better on a low end Android burner phone then our dev machines so at least we know our users are having a reasonable experience.

replies(3): >>44005271 #>>44006260 #>>44007548 #
1. marcusb ◴[16 May 25 14:56 UTC] No.44006260[source]
I had a couple of customers that deployed 7 endpoint security tools of the "hook into processes and inspect everything" variety. The exact mix was customer-specific, but if you're wondering what that looks like:

* Stand-alone "best of breed" endpoint DLP

* Stand-alone "best of breed" EDR

* Process whitelisting tool

* NAC posture assessment agent

* Three different AV agents

This is not even counting their VPN client(s) or the third party disk encryption agent they used.

I marveled at how they even got all of the agents to coexist, let alone have enough CPU left for people to do their jobs.

replies(1): >>44007559 #
2. pico303 ◴[16 May 25 16:53 UTC] No.44007559[source]
And after all that, your company gets hacked through a misconfigured router.
replies(2): >>44007922 #>>44009757 #
3. marcusb ◴[16 May 25 17:28 UTC] No.44007922[source]
Or one of the seven endpoint agents, each of which has a kernel module and at least half of which are doing dodgy process injection and read process memory shenanigans.
4. thewebguyd ◴[16 May 25 20:55 UTC] No.44009757[source]
> And after all that, your company gets hacked through a misconfigured router.

Or a more likely scenario - some dev with admin on their machine grabs a malicious NPM package, EDR doesn't grab it because they successfully lobbied to have certain directories exempt for performance reasons (like DevDrive on Windows, or WSL). SSH keys get stolen, and despite all the fancy security products, the environment is still a mess (which is why there's so many products to cover up that fact) so the dev actually has keys to prod, then you're hosed.

I've seen my fair share of orgs with a plethora of security "solutions" and yet fail to understand some basic principles like least privilege or separation of concerns and think all their security software is going to save them.