|
EoRaptor posted:Severance would be a good stopper for that, but good luck getting it in a non-management or non-union position. Someone responded to that with a good point. If they're not willing to tack on a severance clause with a time limit (say, 2 years), they're absolutely gunning to shitcan you ASAP, and you take the new job.
|
#
?
Jan 26, 2018 22:09
|
|
|
|
| # ? Apr 19, 2024 07:40 |
|
|
dogstile posted:I briefly worked at one and the general thing was you could have any game you wanted installed on your PC, so long as you were willing to interrupt it if you got suddenly called to do something and only played it at lunch/after work. They were wanting to talk about you right away. Nobody telling you about what was bothering them about you usually means the thing they didn't like was embarrassing to mention or you blow up easily. The stinky guy, bad breath guy, rear end crack guy, and disgusting habit guy generally fits those themes really well. Did you eat your own boogers or something?
|
|
#
?
Jan 26, 2018 22:20
|
|
|
Sefal posted:If you don't mind, would you be willing to share some policies you have going on, with regards such as running games on each employee's workstation and public game rooms? Sefal posted:perspective and more best practices, specifically for game companies. The way it works here is that every workstation has logins restricted to its owner only (IT of course have our own accounts to access everything) along with them being local admin of their machine, the local admin thing of course is total poo poo so you occasionally get some smart alec who borks their machine (repeat offenders get reimaged no questions) and I'm astounded we haven't been hit by crypto yet. The strangest thing is that all user data is stored locally only so no redirection and no backups at all, game project data is instead controlled by Tortoise SVN (wooo) but considering we're up to rolling out 8tb data drives I suppose we'd have monstrous storage issues. When it comes to playing games I'd say staff pretty much just stick to doing their job, you're free to install Steam and install/play any of your own games at the cost of your own disk space and can play at lunch time, I don't really bother but today I did have a crack at running XCOM 2 in 8k on my monster workstation. Oddly enough Origin is blocked and I'm not sure what else is out there, social media of any kind and all sorts of Internet stuff is blocked as well, of course we have heaps of console developer kits but I'm pretty sure you can't play retail games on them. I think local admin is going to be pulled at some point and we might be moving to Git instead of SVN, but overall its a bit bonkers.
|
|
#
?
Jan 26, 2018 22:25
|
|
|
So the returned printers came in.. three of them. One of them is the one that we sold them. Two of them are here as well and I have no idea why. I assume we are recycling them. No boxes, no cables, nothing just printers. Looking forward to seeing the bosses reaction when he gets into the office
|
|
#
?
Jan 26, 2018 22:58
|
|
|
blackswordca posted:So the returned printers came in.. three of them. One of them is the one that we sold them. Two of them are here as well and I have no idea why. I assume we are recycling them. No boxes, no cables, nothing just printers. He'll ask you to buy parts for them and resell them and never ever throw them out.
|
|
#
?
Jan 26, 2018 22:59
|
|
|
Sickening posted:They were wanting to talk about you right away. It was a game company. Why are you assuming he did something? Gamers, and by extension, the people making he games, aren't exatcly known for their social abilities. Awkward, emotionally retarded goons that can't handle the slightest bit of confrontation. Way easier to have the boss fire them and just cut them out of their digital lives than , god forbid, actually talk to the person.
|
|
#
?
Jan 26, 2018 23:08
|
|
|
Johnny Aztec posted:It was a game company. Why are you assuming he did something? Gamers, and by extension, the people making he games, aren't exatcly known for their social abilities. It doesn't have to be one or the other
|
|
#
?
Jan 26, 2018 23:30
|
|
|
Johnny Aztec posted:Awkward, emotionally retarded goons that can't handle the slightest bit of confrontation. It tickles me when "loving goons  " is typed out unironically by, get this, a loving goon
|
|
#
?
Jan 27, 2018 00:29
|
|
|
Weatherman posted:It tickles me when "loving goons He may have meant goons-as-in-not-the-SA-nickname.
|
|
#
?
Jan 27, 2018 00:41
|
|
|
Avenging_Mikon posted:He may have meant goons-as-in-not-the-SA-nickname. Doubtful
|
|
#
?
Jan 27, 2018 00:45
|
|
|
Johnny Aztec posted:It was a game company. Why are you assuming he did something? Gamers, and by extension, the people making he games, aren't exatcly known for their social abilities. When I asked the poster if they ate their own boogers did that not tip you off that I am might be talking somewhat in jest? Call down Francis.
|
|
#
?
Jan 27, 2018 01:24
|
|
|
Johnny Aztec posted:It was a game company. Why are you assuming he did something? Gamers, and by extension, the people making he games, aren't exatcly known for their social abilities. Like, if it weren't something they did or something about their person, then what do you even imagine these goons would confront them about? "poo poo, I really feel awkward saying hello to that person every day at work, better form a conspiracy with all the other awkward dweebs at work to push them out" already requires far more social skills than you're ascribing to them. And even if it was that, it would still be good to know that the reason you lost your job was because you were socially intimidating to the wizards.
|
|
#
?
Jan 27, 2018 05:54
|
|
|
GreenNight posted:There is a new condo building across from the main office, and one of the new wifi networks broadcasting is called "sendnudes". Now HR is throwing a huge fuckoff fit telling us we need to block all equipment from seeing this SSID. We have dealt with complaints like this before. Even if it were feasible, interfering with a wi-fi network not your own is an FCC violation. Telling them that it's illegal is generally enough to get them off your back.
|
|
#
?
Jan 27, 2018 12:40
|
|
|
guppy posted:We have dealt with complaints like this before. Even if it were feasible, interfering with a wi-fi network not your own is an FCC violation. Telling them that it's illegal is generally enough to get them off your back. It's not an unreasonable request. What if vendors or clients see that? Not a good look. There's no real way to solve that though. You could probably stay in compliance if you did it only on employee hardware, which doesn't solve the problem. And that's if it's even possible to hide a SSID in that way.
|
|
#
?
Jan 27, 2018 12:51
|
|
Cat Army
|
The Iron Rose posted:What if vendors or clients see that? Not a good look. What if vendors or clients have to go near poor people outside? What if it rains on them? What if they get stuck in traffic on the way to the office? Not a good look. Sometimes people need to accept that there are factors outside of our control.
|
|
#
?
Jan 27, 2018 13:38
|
|
|
But this is [Company], where HR's word is law! Just make it happen, what do we even pay you for, ect ect 
|
|
#
?
Jan 27, 2018 13:40
|
|
|
I'm pretty sure you can set a GPO to ignore an SSID, but that wouldn't prevent people who aren't in your domain from seeing it (Such as visitors)
|
|
#
?
Jan 27, 2018 15:49
|
|
|
Avenging_Mikon posted:He may have meant goons-as-in-not-the-SA-nickname. That why I always use the capital G when referring to a member of the august fraternity!
|
|
#
?
Jan 27, 2018 15:59
|
|
|
The Iron Rose posted:It's not an unreasonable request. What if vendors or clients see that? Not a good look. It is an unreasonable request though. It's someone outside of the company's control doing something that's completely legal and within their power. There's nothing for anyone at the company to do about it except trying to find the person and politely ask them to change it. If it was a banner hanging in their window no one would consider it reasonable to ask maintenance to prevent it from being seen, how is asking IT to stop an external WiFi signal from appearing any different? That said I'd half expect the kind of person who'd set their SSID to "sendnudes" to be the kind of person to change it to something like "$company toilet camera" if that happened.
|
|
#
?
Jan 27, 2018 16:21
|
|
|
guppy posted:We have dealt with complaints like this before. Even if it were feasible, interfering with a wi-fi network not your own is an FCC violation. Telling them that it's illegal is generally enough to get them off your back. This is truth. You need to be very careful with any kind of wireless "countermeasures". There are times when you can, but almost always its to prevent unauthorized wireless clients from communicating with wireless networks you directly control (this is a simple dumbed down example). The FCC takes a very dim view of interfering with unlicensed spectrum (which 802.11 networks use) and will come down like a ton of bricks if it's determined to be deliberate. They fined Marriott around $600K for knocking mobile hotspots out of the air to force conference attendees to use their guest networks. Granted Marriott charged a fee for those, but the punishment would have probably been the same even if the guest networks had been free of charge.
|
|
#
?
Jan 27, 2018 18:26
|
|
|
wolrah posted:It is an unreasonable request though. It's someone outside of the company's control doing something that's completely legal and within their power. There's nothing for anyone at the company to do about it except trying to find the person and politely ask them to change it. If it was a banner hanging in their window no one would consider it reasonable to ask maintenance to prevent it from being seen, how is asking IT to stop an external WiFi signal from appearing any different? Sorry, I should have amended that. It's a reasonable request for HR, who knows gently caress all about how computers or wifi networks work, to make. It's obviously unfeasible and unreasonable, if not actively impossible, to do anything about. But it's not a ridiculous request to make if you don't know anything about computers.
|
|
#
?
Jan 27, 2018 19:55
|
|
|
Every request is reasonable to make if you are genuinely open to the possibility of the response being "no", and a reason why. It's not a reasonable request to make if you're going to follow up by insisting that the IT team make it happen.
|
|
#
?
Jan 27, 2018 22:28
|
|
|
Just set up hundreds of wi-fi networks in your own building so the odds of the one across the street showing up in the first screen of results on anyone's device is really low.
|
|
#
?
Jan 28, 2018 00:08
|
|
|
Knormal posted:Just set up hundreds of wi-fi networks in your own building so the odds of the one across the street showing up in the first screen of results on anyone's device is really low. This is clearly the best plan. Just present it to HR along with the cost for 500 access points, an appropriate number of power strips, potential electricity costs and note that microwave radiation is different to WiFi and so there's no risk of liquifying everyone's internal organs and you should be good.
|
|
#
?
Jan 28, 2018 12:18
|
|
|
Fil5000 posted:This is clearly the best plan. Just present it to HR along with the cost for 500 access points, an appropriate number of power strips, potential electricity costs and note that microwave radiation is different to WiFi and so there's no risk of liquifying everyone's internal organs and you should be good. Serious question that I've had on my mind for a while: What;s the cheapest/simplest method of broadcasting multiple SSIDs, even if none of them have the ability to act as an AP?
|
|
#
?
Jan 28, 2018 12:54
|
|
|
spog posted:Serious question that I've had on my mind for a while: https://tools.kali.org/wireless-attacks/mdk3
|
|
#
?
Jan 28, 2018 13:59
|
|
|
Knormal posted:Just set up hundreds of wi-fi networks in your own building so the odds of the one across the street showing up in the first screen of results on anyone's device is really low. I know this is a joke, but just in case people haven't run across this before, too many SSIDs will degrade performance as the amount of airtime required for overhead increases. This chart is the one usually cited: http://www.revolutionwifi.net/revolutionwifi/2013/10/ssid-overhead-how-many-wi-fi-ssids-are.html
|
|
#
?
Jan 28, 2018 14:15
|
|
|
If you're using different devices to broadcast a ton of SSIDs though presumably there's no performance hit above the extra RF channel usage, which will be small if there's no actual client traffic being handled by the fake APs, and you raise the beacon interval.
|
|
#
?
Jan 28, 2018 14:43
|
|
|
larchesdanrew posted:We had performance appraisals today. This post makes me happier and prouder than any other I've ever read in this thread. You are a good man and you deserve to have fulfilling work. I'm so happy for you. 
|
|
#
?
Jan 28, 2018 15:17
|
|
|
I was hoping for something a bit more whimsical, rather than violent.
|
|
#
?
Jan 28, 2018 19:01
|
|
|
spog posted:I was hoping for something a bit more whimsical, rather than violent. There's a lot of wifi beacon sample code for an ESP8266 microcontroller (they have wifi baked in). You could be good or evil with those. I don't think they would have a lot of range so evil is probably not a good choice.
|
|
#
?
Jan 28, 2018 19:21
|
|
|
spog posted:I was hoping for something a bit more whimsical, rather than violent. it's a tool, you can use it in a whimsical fashion.
|
|
#
?
Jan 28, 2018 21:16
|
|
|
Student backlash over the new web filter is hitting a fever pitch. Whiteboards around campus are consistently emblazoned with "DOWN WITH SMOOTHWALL" and "FIGHT THE MAN." Since we're a BYOD campus, SSL decryption involves a certificate installation on all personal devices. Rabblerousers are starting a grassroots movement to spread misinformation whereas I am Big Brother and I am collecting all of their data. Nevermind that I don't necessarily need the certificate, nor the web filter, to see what they're doing on my network, nor do I really even care. I just want to remain CIPA compliant so I can stay out of jail. Anyways, I flipped the switch earlier to begin SSL decryption. Up to this point, I just turned off all filtering for SSL and HTTPS, and gave the students a week to install the cert. If they don't install it, oh well. Mere minutes after I flipped the switch, emails started pouring in. My favorite was: quote:Hello, Sent by a junior with  as his profile picture. After responding and explaining what the cert is and why it's needed for the millionth time, he responds quote:For what it is worth, I am conceding and installing it for now. This is very obviously his way of warning me that he will be looking for workarounds, much like the failed VPNs and proxies everyone is attempting to use to circumvent it. Teenagers are fun PS. Yes, I know about banking and medical sites. This has been anticipated and whitelisted. A Frosty Witch fucked around with this message at 04:20 on Jan 29, 2018 |
|
#
?
Jan 29, 2018 04:17
|
|
|
What reason do you have for needing SSL decryption?
|
|
#
?
Jan 29, 2018 08:17
|
|
|
Tell the kids how to beat it: show you're not the real bad guy. SSH socks proxy (with appropriate SSH keys) on port 443 to a jump box in digital ocean and shove everything through that. If DPI is a thing for some reason and all SSH traffic is being dropped still , then wrap everything in stunnel first. Methanar fucked around with this message at 09:11 on Jan 29, 2018 |
|
#
?
Jan 29, 2018 09:04
|
|
|
The fact that, like, 90% of web pages use encryption and I’d prefer actual content filtering to babysitting a blacklist of six thousand URLs/IPs that are subject to change at any point? The old web filter couldn’t do SSL inspection and everything that needed to be viewed had to be whitelisted by IP, which meant that every time something got erroneously blocked, it was a 20+ minute process of going over traffic logs trying to pinpoint which IP address needed to be exempted. Expecting a web filter to do anything when it can’t tell what traffic is going through it is a laugh and when it comes to services like Gmail and Skype who have a nearly endless list of IP addresses they cycle through nearly daily, it gets to be far too much work and hassle, especially for a single person to manage. So, if someone has to install a cert so I don’t have to spend a majority of my day manually filtering out web traffic then so be it.
|
|
#
?
Jan 29, 2018 09:11
|
|
|
Wtf, don't try to manually manage blacklists by IP. Use your firewall's content categories. https://fortiguard.com/webfilter/categories You don't need SSL inspection to block by DNS. If the kids are using DNS over HTTPS, well then let them. That's definitely not in scope of CIPA
|
|
#
?
Jan 29, 2018 09:15
|
|
|
Nope, without inspection dns means precisely dick to the filter. You can whitelist domains all day but IP addresses get blocked for bullshit reasons like “weapons” and “porn” because the filter doesn’t know what it’s looking at, so you have to figure out the IP associated with the domain and whitelist them both. I’d love to just throw on the filter and let it go without inspection but it barely functions without it and while I’ve got students pissing about the filter blocking too much, I’ll have Do-gooders tattle if it’s not blocking enough either. It’s a fight I can’t win so don’t lecture me on this.
|
|
#
?
Jan 29, 2018 09:37
|
|
|
larchesdanrew posted:Nope, without inspection dns means precisely dick to the filter. You can whitelist domains all day but IP addresses get blocked for bullshit reasons like “weapons” and “porn” because the filter doesn’t know what it’s looking at, so you have to figure out the IP associated with the domain and whitelist them both. Besides, it loops back to it is the school's WiFi. If the kids don't like it, then they can provide their own connection. I bump into the Fortigate at work every so often, but I don't bitch because it is their connection and every MB I snag is one less I have to provide myself...
|
|
#
?
Jan 29, 2018 09:52
|
|
|
|
| # ? Apr 19, 2024 07:40 |
|
|
I have a hard time believing a device bought in the last 5 years can't properly handle what you're asking of it. But fine, you somehow do. Buy a used Fortigate 100d and FortiGuard license for like, 2000 dollars altogether on ebay and use that. But fine you can't afford that. Then buy an off-lease piece of poo poo dell server on ebay for 350 dollars and put pfSense on it. Hell, buy two and put them in active-passive with VRRP. https://doc.pfsense.org/index.php/SquidGuard_package https://www.ebay.com/itm/Dell-Power...EsAAOSwH2VaMApE Methanar fucked around with this message at 09:55 on Jan 29, 2018 |
|
#
?
Jan 29, 2018 09:53
|
|