|
hobbesmaster posted:“amazing” is usually reserved for something unexpected
|
# ? Apr 8, 2021 00:41 |
|
|
# ? Apr 25, 2024 16:18 |
|
a TCL series 6 is perfectly happy with you skipping the integrated Roku setup and can do firmware updates via USB so it’s the big dumb hdmi input of your dreams
|
# ? Apr 8, 2021 01:29 |
|
Googles released a writeup on last years Bluetooth exploit. https://google.github.io/security-research/pocs/linux/bleedingtooth/writeup.html Timeline has some understated digs at Intel
|
# ? Apr 8, 2021 01:59 |
|
mystes posted:This is like one of those situations where people often misuse "ironic" to mean "exactly as anyone would have expected." i always find it ironic when people do this
|
# ? Apr 8, 2021 15:27 |
|
mystes posted:This is like one of those situations where people often misuse "ironic" to mean "exactly as anyone would have expected." it's like rain on your wedding day
|
# ? Apr 8, 2021 18:07 |
|
whats peoples experience with siems here? anything you like? we are doing some eval right now and have heard some stuff from google chronicle (leery about trusting google with something like this, weird pricing model), alienvault/att (seems alright, we run a small on-prem legacy VM version of alienvault in one colo now but are looking at usm anywhere now), splunk ($$$), qtarget (dont know a ton about them yet), palo alto cortex pro (seems neat but also not quite a siem entirely), but rapid7's insightidr also seems interesting. does anyone have any positive experience with any of these, or thoughts on siems in general?
|
# ? Apr 8, 2021 19:52 |
|
I quite liked azure sentinel when I used it
|
# ? Apr 8, 2021 19:55 |
|
unless you are going to develop and train a 24/7 security operation or watch floor as part of your ops I favor paying an enterprise managed detection and response where you just ship everything and they run Chronicle or siem and alert and do run books off it. if still want to proceed the options you listed are fine I am familiar with Chronicle and Splunk. I get the thought on Google but I think the platform is solid.
|
# ? Apr 8, 2021 23:37 |
|
Hed posted:unless you are going to develop and train a 24/7 security operation or watch floor as part of your ops I favor paying an enterprise managed detection and response where you just ship everything and they run Chronicle or siem and alert and do run books off it. Yeah, I think managed detection or at least some sort of shared responsibility model would be best for us. Chronicle from our MSP seems pretty solid. Chronicle's pricing model is also a bit weird (based on seats in your domain instead of eps or data ingress in TB or whatever) but doing the math it actually works out ok. Pricing still works out to be less than Splunk. I am working on building a security team out at my org but we're pretty far out from having a real SOC much less a 24x7 SOC. I get the case that a SIEM on its own doesnt really do anything, but based on some of the calls I've taken, isn't the SOC just going to be waiting for an alert to come in too? They aren't necessarily actually actively 'watching' our SIEM dashboard 24x7, right? I think I'm going to have some pressure from above to run it on my own, self-managed + a couple days of consulting to tune the alerts will probably end up being like a third of the cost of a managed solution and I know that's going to be attractive to management, but I can acknowledge my limitations here and know I could use some help to make this thing as useful as possible.
|
# ? Apr 9, 2021 00:18 |
|
Fuckin' hell that accellion breach just keeps going. My SO works at one of the breached bureaucracies, which made me realize that I get to get free credit monitoring (again) because my info is in their benefits system too.
|
# ? Apr 9, 2021 02:26 |
|
Ansible Adams posted:whats peoples experience with siems here? anything you like? we are doing some eval right now and have heard some stuff from google chronicle (leery about trusting google with something like this, weird pricing model), alienvault/att (seems alright, we run a small on-prem legacy VM version of alienvault in one colo now but are looking at usm anywhere now), splunk ($$$), qtarget (dont know a ton about them yet), palo alto cortex pro (seems neat but also not quite a siem entirely), but rapid7's insightidr also seems interesting. does anyone have any positive experience with any of these, or thoughts on siems in general? we've been using humio for a couple years now with their unlimited ingest license and I'm pretty happy with it
|
# ? Apr 9, 2021 02:58 |
|
Ansible Adams posted:They aren't necessarily actually actively 'watching' our SIEM dashboard 24x7, right? I think I'm going to have some pressure from above to run it on my own, self-managed + a couple days of consulting to tune the alerts will probably end up being like a third of the cost of a managed solution and I know that's going to be attractive to management, but I can acknowledge my limitations here and know I could use some help to make this thing as useful as possible.
|
# ? Apr 9, 2021 03:18 |
|
thanks for your advice all, that's helpful.
|
# ? Apr 9, 2021 04:24 |
|
fun with planesquote:A software mistake caused a Tui flight to take off heavier than expected as female passengers using the title “Miss” were classified as children, an investigation has found.
|
# ? Apr 9, 2021 10:45 |
love their fix: "The operator subsequently introduced manual checks to ensure adult females were referred to as Ms on relevant documentation."
|
|
# ? Apr 9, 2021 12:11 |
|
u brexit ukip it posted:Investigators described the glitch as “a simple flaw” in an IT system. It was programmed in an unnamed foreign country where the title “Miss” is used for a child and “Ms” for an adult female. which pedophile and/or forced marriage land is it
|
# ? Apr 9, 2021 12:15 |
|
If it's got to work that way you'd imagine they had access to dates of birth
|
# ? Apr 9, 2021 12:38 |
|
how did they make it work for men? trying to work out how much someone weighs based on their name is dumb enough, but i assume they had another more accurate method they were using for men but decided to do this name thing for women only?
|
# ? Apr 9, 2021 13:45 |
|
Chalks posted:how did they make it work for men? trying to work out how much someone weighs based on their name is dumb enough, but i assume they had another more accurate method they were using for men but decided to do this name thing for women only? the way load sheet calculations work is by assuming a standard weight for each passenger + their carry-on luggage, mentour did a p good video on it a little while ago: https://www.youtube.com/watch?v=ZdC-J3fOQn8 basically it's just rules based on gender and age and nothing else Shame Boy fucked around with this message at 14:08 on Apr 9, 2021 |
# ? Apr 9, 2021 14:05 |
|
that's bonkers but i guess if you don't need to be perfect than it's good enough. i would have never guessed that, though.
|
# ? Apr 9, 2021 15:11 |
|
Shame Boy posted:the way load sheet calculations work is by assuming a standard weight for each passenger + their carry-on luggage, mentour did a p good video on it a little while ago: but i thought the issue was they were guessing the age based on the women being "miss" or "mrs", which is why they hosed it up so bad - for men surely they had to make the same age calculation but used something more sensible (which would also have been available for the women)?
|
# ? Apr 9, 2021 15:31 |
|
CRIP EATIN BREAD posted:that's bonkers but i guess if you don't need to be perfect than it's good enough. yeah the main goal is just to make sure you don't ever under-estimate it (so lol at this stupid software for loving up what's basically its one important job), with a secondary goal to make sure you don't severely unbalance the plane.
|
# ? Apr 9, 2021 15:33 |
|
Chalks posted:but i thought the issue was they were guessing the age based on the women being "miss" or "mrs", which is why they hosed it up so bad - for men surely they had to make the same age calculation but used something more sensible (which would also have been available for the women)? yeah that's the issue, i was just trying to give context as to how it's normally done also i'm gonna go ahead and guess the "more sensible" thing is that all the men started with "mr"
|
# ? Apr 9, 2021 15:33 |
|
Shame Boy posted:i'm gonna go ahead and guess the "more sensible" thing is that all the men started with "mr" but how does that help them judge whether they should use an adult or child weight?
|
# ? Apr 9, 2021 15:34 |
|
if mr, man if ms, woman else, child bing bong so easy
|
# ? Apr 9, 2021 15:35 |
|
Chalks posted:but how does that help them judge whether they should use an adult or child weight? code:
|
# ? Apr 9, 2021 15:38 |
|
talking past each other on this one i think!
|
# ? Apr 9, 2021 15:41 |
|
gonna guess it's either that, or it's a massive switch statement that goes through every single possible prefix, which they frantically patch every time they find a new one from a new language or edge casecode:
|
# ? Apr 9, 2021 15:43 |
|
Chalks posted:talking past each other on this one i think! nah i get what you're saying. if they had this rule for ladies to determine if they're children, there's no equivalent rule for men, so they would have had to use age or something, so why didn't they just use that for both genders. and while i don't actually know, i can say with certainty that the answer, as always, is Programmers Are Dumb
|
# ? Apr 9, 2021 15:44 |
|
Shame Boy posted:
Would it be cheaper to evaluate gender, then if its female just parse on the name instead of doing a math calculation?
|
# ? Apr 9, 2021 15:47 |
it was interesting to fly on a Cessna Caravan once because the pilot weighed everyone. and assigned seats after doing a bit of math.
|
|
# ? Apr 9, 2021 15:51 |
|
if it was serious enough i'm sure there'll be a more detailed formal report put out by the AAIB that should be a fun read
|
# ? Apr 9, 2021 15:53 |
|
curious as to what the standard weight is for a manchild
|
# ? Apr 9, 2021 16:06 |
|
Powerful Two-Hander posted:curious as to what the standard weight is for a manchild Bout 400lbs
|
# ? Apr 9, 2021 16:15 |
|
Didn't the FAA have to increase the standard assumed adult weight a couple decades ago because Americans had gotten a whole lot fatter and it caused a plane to crash on takeoff?
|
# ? Apr 9, 2021 16:28 |
|
Shame Boy posted:nah i get what you're saying. if they had this rule for ladies to determine if they're children, there's no equivalent rule for men, so they would have had to use age or something, so why didn't they just use that for both genders. and while i don't actually know, i can say with certainty that the answer, as always, is Programmers Are Dumb You are clearly unfamiliar with the line between mister and master. (ie, that's the male equivalent)
|
# ? Apr 9, 2021 16:34 |
|
Sassafras posted:You are clearly unfamiliar with the line between mister and master. please, mister blaster was my father
|
# ? Apr 9, 2021 17:02 |
|
what happens if I'm booking one leg of a world tour for Mr. Mister
|
# ? Apr 9, 2021 17:05 |
|
klosterdev posted:Didn't the FAA have to increase the standard assumed adult weight a couple decades ago because Americans had gotten a whole lot fatter and it caused a plane to crash on takeoff? apparently not
|
# ? Apr 9, 2021 17:26 |
|
|
# ? Apr 25, 2024 16:18 |
haveblue posted:what happens if I'm booking one leg of a world tour for Mr. Mister there’s probably plenty of real people called Miss Mister or Mister Miss
|
|
# ? Apr 9, 2021 17:33 |