|
Well at least you know NoAction didn't fail.
|
# ? Jan 16, 2019 17:47 |
|
|
# ? Apr 23, 2024 22:15 |
|
Super Slash posted:I like how at some point in the last few weeks someone somewhere decided to turn on SCCM reporting, with gems like this: I laughed more at that than I really should have. We've tried nothing and we're all out of ideas.
|
# ? Jan 16, 2019 17:49 |
It succeeded at doing nothing--it's like a dream come true!
|
|
# ? Jan 16, 2019 17:49 |
|
A magic copier came in. I was making rounds when a user flagged me down. Our copier doesn't have any toner in it. I'll have work service come change it out this afternoon. No, it literally doesn't have any toner in it but it's still printing. What. Sure enough, it has no toner cartridge in it and it's been printing away. I tracked the removal down to OVER A MONTH AGO where the student worker I tasked with changing it forgot to put a new one in. I checked the usage and they've printed over 1,200 pages since then. I feel like this is the IT version of the Seinfeld episode where Kramer and the car salesman drive as far as they can on empty and I'm curious how long this thing will continue printing with no toner. Forever? Is a blessed copier really a thing?
|
# ? Jan 16, 2019 18:50 |
larchesdanrew posted:A magic copier came in.
|
|
# ? Jan 16, 2019 19:01 |
|
Super Slash posted:I like how at some point in the last few weeks someone somewhere decided to turn on SCCM reporting, with gems like this: When you can't meet the standards, adjust the standards to meet you.
|
# ? Jan 16, 2019 19:09 |
|
D. Ebdrup posted:I fear that by even bringing up the idea of a blessed copier, the all of the universes printers will combine into some sort of monster that will haunt you forever, larchesdanrew. The universe craves balance.
|
# ? Jan 16, 2019 19:10 |
|
An interdepartmental slapfight came in. I posted about this tangentially in the "poo poo that pisses you off" thread but it's escalating in interesting ways. I run an education/training tracking system. There are objects like courses, classes (i.e. a single instance of course meeting or a web-based lesson), documents, and so forth. Of course everything in it has unique IDs. The class ID is usually a system-generated arbitrary integer string. However when I create classes using an import process, the system forces me to assign IDs. Since I don't often do imports like this, when I do them I use the class ID string to encode helpful information, something like $COURSEID_$DATESTAMP. It's pretty painless, it doesn't break anything, it's helpful for unique departments who offer 500+ class sessions in a year, and it actually avoids conflicts because the system is not designed to avoid an ID conflict with the autogenerated ones. My management just told me to stop doing this custom ID thing, and instead to keep a separate log of assigned sequential IDs for the imports. ("Start at 1000, make a note of where you leave off, then pick up there again for the next import.") Now one of the departments that relies on the custom IDs is throwing a shitfit, demanding to speak with my upper management. I'll do whatever I'm told, but: is it wrong to use custom IDs like this?
|
# ? Jan 16, 2019 19:43 |
|
D. Ebdrup posted:I fear that by even bringing up the idea of a blessed copier, the all of the universes printers will combine into some sort of monster that will haunt you forever, larchesdanrew. It can get in line.
|
# ? Jan 16, 2019 20:07 |
|
The Macaroni posted:I'll do whatever I'm told, but: is it wrong to use custom IDs like this? Yes. You're using one field to store multiple pieces of information, of a different type even. The id is the ID (whatever it is, string number, etc.) the date is the date, in its own field, and so on and so forth. Don't amalgamate them into one . It will cause all kinds of problems down the road.
|
# ? Jan 16, 2019 20:17 |
|
Got it. Ideally the system would let us have a different custom ID field besides the default one. But it doesn't, and it also makes it really difficult to locate the information separately. Edit: hold up, there are other custom fields. Maybe I can propose that we use one of those and make everyone happy. The Macaroni fucked around with this message at 20:53 on Jan 16, 2019 |
# ? Jan 16, 2019 20:48 |
How to remove your company from consideration.jpg
|
|
# ? Jan 16, 2019 22:20 |
|
At least they tell you instead of silently truncating after the 8th character.
|
# ? Jan 16, 2019 22:31 |
|
Do you work for my bank?
|
# ? Jan 16, 2019 22:35 |
|
Geemer posted:At least they tell you instead of silently truncating after the 8th character.
|
# ? Jan 16, 2019 22:39 |
|
I've seen max of 12, but never max of 8. None of these are good options though.
|
# ? Jan 16, 2019 22:48 |
Sheep posted:One place I worked at stored passwords by doing the equivalent of toupper(password)[0..7] and dropping extra characters. Also cleartext. I still wake up in sweats thinking of that one screenshot I saw that said "Your password must not contain the characters: ' or ; "
|
|
# ? Jan 16, 2019 22:55 |
|
A large credit card gateway system we use has some really stupid password requirements as well. It actually limits the possible password combinations. Not sure why the hell they think this actually makes a more secure password. Max of 9 characters, no less than 7. Numbers or letters only, no special characters allowed. Must have at least 3 capital letters. and at least 2 numbers. No repeating characters (i.e. can't have AA, BB, or 11) no in-sequence numbers or letters. (i.e. 12 is not acceptable, but 13 is, AB won't work, but AC will) Also it is required they change every 30 days. And it starts reminding you about the upcoming change 1 week before between EVERY SINGLE ACTION you do on the website. So basically you end up changing them every 3 weeks out of annoyance. I can tell you right now, for several years, the only change has been incrementing a number at the end, skipping some when the numbers end up in sequence or repeating. Edit: See the stupidity here.. This is the checklist you get when setting a new password. stevewm fucked around with this message at 23:05 on Jan 16, 2019 |
# ? Jan 16, 2019 22:56 |
|
That's a great example of hard for people to remember and easy for computers to guess, also known as "gets written down on a post-it note" school of password complexity requirements.
|
# ? Jan 17, 2019 00:02 |
|
Data Graham posted:I still wake up in sweats thinking of that one screenshot I saw that said "Your password must not contain the characters: ' or ; " I encountered this last week:
|
# ? Jan 17, 2019 01:21 |
|
https://twitter.com/lornekates/status/671731923090321408
|
# ? Jan 17, 2019 02:00 |
|
I've been making GBS threads my resume and poo poo all over the internet the last couple of weeks. My default setting is 32 CHARACTERS OF gently caress YOU for KeePass. If you won't let me use this, I get really annoyed at you.
|
# ? Jan 17, 2019 03:00 |
|
Didn't KeePass have a security breach relatively recently, or am I thinking one of the other -Pass named things
|
# ? Jan 17, 2019 03:03 |
|
Malachite_Dragon posted:Didn't KeePass have a security breach relatively recently, or am I thinking one of the other -Pass named things It’s probably last-pass. They have a history.
|
# ? Jan 17, 2019 03:07 |
|
KeePass used plain HTTP via port 80 to download updates and was vulnerable to a MITM attack, which when reported to the devs was responded to with "won't fix, want ad revenue" back in 2016. No idea if it's changed.
|
# ? Jan 17, 2019 03:16 |
|
D. Ebdrup posted:I fear that by even bringing up the idea of a blessed copier, the all of the universes printers will combine into some sort of monster that will haunt you forever, larchesdanrew. https://www.youtube.com/watch?v=SFXQ3qHsh_U
|
# ? Jan 17, 2019 03:19 |
|
Arquinsiel posted:KeePass used plain HTTP via port 80 to download updates and was vulnerable to a MITM attack, which when reported to the devs was responded to with "won't fix, want ad revenue" back in 2016. No idea if it's changed.
|
# ? Jan 17, 2019 03:28 |
Yeah, specifically the case I mentioned means not only are they storing it in cleartext, they're also preventing SQL injection by disallowing specific characters from the cleartext loving password at the UI level. I'd be surprised if the code didn't actively cause cancer
|
|
# ? Jan 17, 2019 03:35 |
|
Proteus Jones posted:It’s probably last-pass. They have a history. May 2011 and June 2015 was when they had "something" happen on their network, the only other things we know of were a few vulnerabilities that were found by researchers. An internal program at work is so ancient that if it gets anything that isn't ASCII in a field it has a stroke. Which is fun when dealing with things like shipping addresses to Puerto Rico.
|
# ? Jan 17, 2019 04:06 |
|
Ghostlight posted:It was changed in 2016 to use HTTPS and a digitally signed file, but it also never downloaded updates. It only ever downloaded a file that told it what the newest version number was, and if it was later than your existing one then it displayed a notification for you to update by visiting the website - so even when it was vulnerable the only thing a MITM attack could actually accomplish was trick you into needlessly visiting the KeePass website. https://www.youtube.com/watch?v=gOxcQSbpA-Q
|
# ? Jan 17, 2019 04:17 |
|
Sheep posted:That's a great example of hard for people to remember and easy for computers to guess, also known as "gets written down on a post-it note" school of password complexity requirements. This is exactly what was happening. We have more than 15 accounts with this gateway, so more than 15 passwords that change every 3 weeks.
|
# ? Jan 17, 2019 04:18 |
|
Kurieg posted:I have bad news for you.
|
# ? Jan 17, 2019 15:55 |
Kurieg posted:I have bad news for you.
|
|
# ? Jan 17, 2019 16:43 |
|
Uh, has anyone ever seen a good resource that teaches end-users how to submit good tickets / communicate issues in an actionable manner? We've got some marketing interns who believe that all issues are best expressed as "the server is down," and I'd like their boss to provide some valuable career advice.
|
# ? Jan 17, 2019 18:45 |
|
monsterzero posted:Uh, has anyone ever seen a good resource that teaches end-users how to submit good tickets / communicate issues in an actionable manner? We've got some marketing interns who believe that all issues are best expressed as "the server is down," and I'd like their boss to provide some valuable career advice. This is an impossible task. Even if you ask for specific info from a user they will refuse to provide it. It's the way of the world.
|
# ? Jan 17, 2019 18:46 |
|
I know it's our lot to suffer but I still want to push the rock up the hill.
|
# ? Jan 17, 2019 18:51 |
|
So a Lync conversation came in: DBA : hey are you working on the ticket with #app being down? Me: yes the SQL server service was down. I restarted it and it looks like it's working DBA : I have a task that the SQL import failed on that server as well Me: the SQL server service was down that was probably the cause. DBA : I'm looking through a text log but it's 900mb. 5 minutes later DBA: it looks like the SQL server service was down but it's back up now.
|
# ? Jan 17, 2019 18:58 |
|
Dirt Road Junglist posted:At least it's not ukelele music? I sat through half an hour of this before it hung up on me once. https://www.youtube.com/watch?v=pxd-iUrqGMU bell jar posted:I encountered this last week:
|
# ? Jan 17, 2019 20:01 |
At least they have Two-Factor Authentication now, right? Right?
|
|
# ? Jan 17, 2019 20:09 |
|
|
# ? Apr 23, 2024 22:15 |
|
ChubbyThePhat posted:Well my desk is being moved. I am sadly losing my excellent window cube and being moved to an open space to share with 3 other people. No window, no walls. Desk move complete. Turns out I still have a window (thanks team), but the lack of walls sucks.
|
# ? Jan 17, 2019 20:42 |