[liotier]

I suspect that dystopian environments of locked-down mandatory corporate Windows laptops with no software installation privileges, firewalled networking and even the USB ports disabled are also part of the reason for every function being crammed into the browser to the point that the browser has become an operating system host... Creativity (and catastrophes) happens where there is freedom: local scripting and browser scripting !

[TeMPOraL]

Yes. At this point it's well-known that ports 80 and 443 are the two ports no company[0] can afford to block. This means, among other things, that making your product as a webapp is by far the best approach if you want to "worm your way into" corporate environments, as any worker can use it out of the box, while anything else would require IT approval.

--

[0] - Except those creating high-security environments with airgaps and whatnot, but that's a special case.

[actionfromafar]

Proxies can be pretty harsh too. Not sure if we have a whitelist or a blacklist but it’s pretty restrictive.

[letsdothisagain]

Yeah in the early 2000s Java was supposed to be the universal platform of write once run everywhere. And then every IT department locked Java out, so we said fuck it and wrote everything in PHP.

[anthk]

>no software install...

https://portableapps.com

I think there's even a Lazarus IDE available for every company user who wants to create reliable RAD based software bound to corporateware.

[liotier]

Depends on the level of corporate restrictions. Workstations with the "developer" policy applied may do that (if they managed to smuggle the executable through the HTTP proxy, and as long as the program doesn't open an inbound port - upon which event the OS kills it) but others can only run whitelisted executables. Every day I miss the Debian computer I have at home.

[nolongerthere]

Best practice security recommendation for executables these days (in corp env) is to block all execution of all executables outside of protected folders, i.e. Program Files and Windows. Severely limits the initial attack surface (disable that rule or supply chain attack).

As a developer who hates installing programs that might be one offs, I hate the idea of it, but I can't deny the benefits.

[anthk]

That was my idea from the beginning among forbidding macros in Office and enforcing text email everywhere for corporate comms among an internal Jabber/SIP server for group videoconferences and a hacked up News (NNTP) server for internal discussions and news, which would be one of the best tools to implement an easy discussion board to mark both issues and schedules. But $BOSS won't like that, they want to execute anything everywhere.

[baz00]

Try getting those through a corporate DLP proxy.

[kabes]

You say creativity happens where there is freedom, but I often hear artists claim they work best when given constraints.