|
Executive assistants are my go-to for getting things I need fixed actually fixed. Back at the design studio our ISP (XO) put in a new CRM system, built in-house, the CTO had a big blurb in the 'about us' section of their website about it. They put me down as being in the Eastern timezone, I'm in Pacific. So whenever I had a ticket open, which was almost weekly because XO sucked, I'd get status calls starting at 5am. I begged my account manager to get it fixed for weeks. Nope, can't change someone's timezone. gently caress that. I looked up their corporate HQ and whatever jackass is in charge of their internal systems (that's when I saw the blurb about the new CRM tool). I called HQ and asked for the jackass' secretary and left her a detailed voicemail. Two days later I got an "it's fixed now, sorry for the inconvenience" email. loving XO man. Most of their management were the idiots who couldn't manage to get up to cool crimes with WorldCom but deserved to be in Stupidity Jail anyway.
|
# ? Oct 17, 2020 01:59 |
|
|
# ? Apr 25, 2024 18:27 |
|
6 hours of overtime on a Friday night because one of my predecessors didn't document poo poo or save backup configs. Oh, well. I get paid overtime and having to explain the bill to the customer isn't my problem. I ended up having to manually factory reset a some switches and bunch of wireless APs in a hotel. Funniest thing about the job was when I got the keys to the protective wall-boxes that all the WAPs are in from the building maintenance guy I got handed this huge ring of dozens of keys. Yes, they are all identical copies of a single industry standard key.
|
# ? Oct 17, 2020 05:04 |
|
Entropic posted:6 hours of overtime on a Friday night because one of my predecessors didn't document poo poo or save backup configs. Oh, well. I get paid overtime and having to explain the bill to the customer isn't my problem. https://www.youtube.com/watch?v=a9b9IYqsb_U
|
# ? Oct 17, 2020 05:12 |
|
Deviant Ollam talks are always great. I love the one he did about doors. Really though, the locks on so much stuff are not even really meant at all to stop a determined attacker who knows what they're doing, they're just there to stop random passers-by from touching your poo poo. E.g. this was a hotel that has fairly low-ceilinged hallways without drop ceilings, their WAPs were just wall mounted up against the ceiling where someone walking by could easily reach up and touch them. So they all had these hard plastic cases covering them, which of course were keyed alike because they bought them in bulk. If someone goes in with the goal of messing with your access points, a proper lock would just delay them by a minute or so while they pick it, and would cost a lot more, while these are perfectly fine for the job "make sure a drunk guest doesn't slap the AP for fun as they're walking by and break it". It's kinda like how the locks on most filing cabinets probably come with a key you could find on ebay in 2 minutes, but they're not there to stop industrial espionage, they're there to stop an employee or guest who's wandering by from pulling the drawer open because they're bored and curious. I mostly thought it was funny that they kept every single copy of the identical keys.
|
# ? Oct 17, 2020 15:45 |
|
Came here to link that. Watch all of Deviant Ollam's talks. They're amazing. This one here's another must-watch. Yes, it's long, but it's worth every minute. https://www.youtube.com/watch?v=ZUvGfuLlZus
|
# ? Oct 17, 2020 15:45 |
Ever since watching that video, whenever I see an elevator I look for the little holes in the doors and go
|
|
# ? Oct 17, 2020 15:48 |
|
Data Graham posted:Ever since watching that video, whenever I see an elevator I look for the little holes in the doors and go A lot of it really makes you just stop and just notice things you never thought about before. That's what I love about talks like that.
|
# ? Oct 17, 2020 15:51 |
|
I never regret re-watching that elevator video. You'd think that spending 2 hours watching something you've already seen would be a waste but it's just like looping TLO Roll Call like 50 times and really: when aren't you doing that?
|
# ? Oct 17, 2020 15:54 |
|
Entropic posted:6 hours of overtime on a Friday night because one of my predecessors didn't document poo poo or save backup configs. Oh, well. I get paid overtime and having to explain the bill to the customer isn't my problem. I used to have 3-4 copies of CH751 at my old job.
|
# ? Oct 17, 2020 18:00 |
|
The talk about IR door sensors is lol.
|
# ? Oct 17, 2020 18:12 |
|
Agrikk posted:Then jackass from my team, the same jackass who complains that he’s super slammed all the time and needs people to I have two of those jackasses on my team. I’ll get a ping about something out of band, like a firewall exception or testing a security agent, and I’ll tell the person to use our intake form because we have a loving process. Instead, Helpful Jackass 1 or 2 gets at mentioned over my head, they immediately drop everything to hop on it, fail to document anything, and act hurt when I have a meltdown in stand up over it several sprints later because now I’m on the hook for supporting their duct tape bullshit.
|
# ? Oct 17, 2020 20:14 |
|
Entropic posted:Deviant Ollam talks are always great. I love the one he did about doors. With physical security it's about the trade off between security, cost and how much it interferes with day to day operations, along with the threat assessment. You'll never get perfection, you'll get the compromise you hope is enough.
|
# ? Oct 18, 2020 04:45 |
|
This is also true of IT security
|
# ? Oct 18, 2020 04:55 |
|
Thomamelas posted:With physical security it's about the trade off between security, cost and how much it interferes with day to day operations, along with the threat assessment. You'll never get perfection, you'll get the compromise you hope is enough.
|
# ? Oct 18, 2020 05:04 |
|
Thomamelas posted:With physical security it's about the trade off between security, cost and how much it interferes with day to day operations, along with the threat assessment. You'll never get perfection, you'll get the compromise you hope is enough. Security is a journey, not a destination. Data Graham posted:Ever since watching that video, whenever I see an elevator I look for the little holes in the doors and go I've certainly looked at our office elevators after watching that and realized just how stupidly unsecure the "secure" lift actually is. Neddy Seagoon fucked around with this message at 08:25 on Oct 19, 2020 |
# ? Oct 19, 2020 08:21 |
|
a ticket came inquote:slow computer
|
# ? Oct 19, 2020 15:24 |
|
computer AS gently caress
|
# ? Oct 19, 2020 15:59 |
|
Weedle posted:a ticket came in
|
# ? Oct 19, 2020 17:14 |
|
Weedle posted:a ticket came in Panicking about someone sending emails from a Comcast.net account that had been compromised and its display name changed to resemble that of our org. "What can we do about it?" Fuckall, that's what.
|
# ? Oct 19, 2020 19:07 |
|
dragonshardz posted:Panicking about someone sending emails from a Comcast.net account that had been compromised and its display name changed to resemble that of our org. If it's being sent to your domain, there is stuff like Mimecast's Impersonation Protection that can help to some degree, even for just display names. https://community.mimecast.com/s/article/Configuring-Impersonation-Protection-Definitions-2027248726 I have had VIPs "tell" me to call the FBI over this. Ahahahaha
|
# ? Oct 19, 2020 19:11 |
|
I once sent my wife an e-mail from pope@vatican.va asking for nudes to prove a point that the sender e-mail address should not be trusted to be the actual source without digital signing.
|
# ? Oct 19, 2020 19:12 |
|
Internet Explorer posted:If it's being sent to your domain, there is stuff like Mimecast's Impersonation Protection that can help to some degree, even for just display names. If you don't have mimecast it is super easy to do this with transport rules. We killed probably 60% of our phishing e-mails with a transport rule that blocks e-mails trying to impersonate the executive team.
|
# ? Oct 19, 2020 19:15 |
|
The Fool posted:If you don't have mimecast it is super easy to do this with transport rules. Do you just create a transport rule that blocks anyone with the same exact display name as someone on the exec team?
|
# ? Oct 19, 2020 19:17 |
|
Internet Explorer posted:Do you just create a transport rule that blocks anyone with the same exact display name as someone on the exec team? We have it a drop a report to the helpdesk so we can review for false positives, but otherwise yeah. I'm sure the mimecast product does a bunch of additional fancy stuff, but you can get a lot of mileage with minimal work using transport rules.
|
# ? Oct 19, 2020 19:20 |
|
That's a clever solution. Thanks for sharing. Might look into implementing it at the current place.
|
# ? Oct 19, 2020 19:21 |
|
Isn't something like that built into O365 now anyway?
|
# ? Oct 19, 2020 19:21 |
|
Thanks Ants posted:Isn't something like that built into O365 now anyway? IIRC, it's a part of O365 ATP.
|
# ? Oct 19, 2020 19:23 |
|
You can also use transport rules to duplicate a basic version of Inky's service.
|
# ? Oct 19, 2020 19:24 |
|
Internet Explorer posted:That's a clever solution. Thanks for sharing. Might look into implementing it at the current place. This is okayish until you figure out someone in the executive team uses their gmail to forward funny things to their coworkers internal email addresses.
|
# ? Oct 19, 2020 19:25 |
|
The Fool posted:IIRC, it's a part of O365 ATP. Interesting. One of the problems I've had at current place is that they were on the O365 and Azure bandwagon early, so they have all the old defaults and I am not intimately familiar with all the current best practices. Add on some aversion to change as an org, and presto! Sickening posted:This is okayish until you figure out someone in the executive team uses their gmail to forward funny things to their coworkers internal email addresses. Hahaha, yes, for sure. Dealt with that when implementing any sort of impersonation protection. Just took some announcement beforehand and dealing with the fallout. Pros still outweighed the cons.
|
# ? Oct 19, 2020 19:35 |
|
Sickening posted:This is okayish until you figure out someone in the executive team uses their gmail to forward funny things to their coworkers internal email addresses. Executive teams are the reason one off exceptions exist, just poke a hole for their gmail account. Last I checked google signs gmail.
|
# ? Oct 19, 2020 19:36 |
|
RFC2324 posted:Executive teams are the reason one off exceptions exist, just poke a hole for their gmail account. Last I checked google signs gmail. Managing those exceptions is kind of my point. Okay, you have whitelisted the CEO's gmail so it doesn't get caught. gently caress, he just sent that from his icloud because he was on his phone. Repeat to infinity.
|
# ? Oct 19, 2020 19:38 |
|
Yeah it's a losing battle, maybe try and get the lawyers on side and talk about compliance if you're regulated in some way
|
# ? Oct 19, 2020 19:42 |
|
Internet Explorer posted:If it's being sent to your domain, there is stuff like Mimecast's Impersonation Protection that can help to some degree, even for just display names. I am a lowly Service Desk peon with no power to buy poo poo, so...thanks, but I can't do anything with that. :/
|
# ? Oct 19, 2020 20:44 |
|
Fair enough, but at least now you know of a potential solution, and actually now I know of two more that are similar to it. Transport rules are free, and if you already have O365 ATP it sounds like there might be some options included there. "Managing up" is a good thing and if you're noticing that sort of thing, it might be worth trying to bring up the ladder.
|
# ? Oct 19, 2020 20:49 |
|
shortspecialbus posted:I once sent my wife an e-mail from pope@vatican.va asking for nudes to prove a point that the sender e-mail address should not be trusted to be the actual source without digital signing.
|
# ? Oct 19, 2020 21:25 |
|
Arquinsiel posted:Looking at their SPF record that should have been caught trivially, assuming they haven't changed it recently. The easiest thing in the world is to set the name field to the email address you want to spoof, and watch 75% of people on the internet fall for it. It's probably the biggest thing we can focus education efforts on, imo
|
# ? Oct 19, 2020 21:42 |
|
Yeah for all the effort that goes into SPF, DKIM, DMARC etc. there's still people who will just send emails from "Company CEO" <davejohn54321@gmail.com> asking for four figures of prepaid credit cards and get victims all day long.
|
# ? Oct 19, 2020 22:28 |
|
We add banners to incoming e-mail. One for all external e-mails and another for any e-mails that fail spf. A lot of organizations fail spf.
|
# ? Oct 19, 2020 22:55 |
|
|
# ? Apr 25, 2024 18:27 |
|
The Fool posted:We add banners to incoming e-mail. One for all external e-mails and another for any e-mails that fail spf. Ugh, I hate those stupid banners. And if people fail SPF, I put my foot down. Failed SPF doesn't get delivered. It's been around for far too long and it's far too simple. I don't want to hear it.
|
# ? Oct 19, 2020 22:59 |