|
Oh for gently caress's sake Edit: Terrible snipe
|
#
?
Mar 29, 2024 00:16
|
|
|
|
| # ? Apr 28, 2024 00:46 |
|
|
SyNack Sassimov posted:I mean at least VMs can't fall into spec buckets... Could be a koan. quote:If a VM falls into a spec bucket, does it make a splash? 
|
|
#
?
Mar 29, 2024 00:36
|
|
|
Virtually silent
|
|
#
?
Mar 29, 2024 03:04
|
|
|
God help me I'm planning out a response to one of those "one way interview" bullshit things where they want to hear you talk out loud about some puff piece question they ask to make sure you're aligned with the mission but won't even give you the courtesy of a phone call. All for a job that would pay roughly 2/3 of what my last job did. With no health insurance (seems like the company is small enough they aren't required to offer it). But it's still better than unemployment and I can keep looking with less money stress if I get it. Judging by the JD I'm massively overqualified. I wouldn't even dignify this one way interview poo poo with a response if I wasn't desperate, 1 interview in 5 months.
|
|
#
?
Mar 29, 2024 05:02
|
|
|
Gotta do what you gotta do. Good luck goon.
|
|
#
?
Mar 29, 2024 05:12
|
|
|
It gave me the opportunity to listen to the recording to make sure it went through okay and I have to say I am the most bland white guy sounding bland white guy aside from the lingering remnants of my speech impediment making r sound a little different. I was also eyeing my cat as he decided to come see what the noise was in hopes he wouldn't ruin the take. He decided he was more interested in his food. 22 Eargesplitten fucked around with this message at 05:35 on Mar 29, 2024 |
|
#
?
Mar 29, 2024 05:33
|
|
|
mllaneza posted:We're in luck, our lockdown implementation also blocks \\127.0.0.1\c$ More good news for my team!
|
|
#
?
Mar 29, 2024 11:00
|
|
|
I've found a strategy for getting interviews - only apply to job postings less than 3 days old. Anything older than that has been so slammed with resumes they will only pay attention to the most impressive looking ones that come in.
|
|
#
?
Mar 29, 2024 12:37
|
|
|
Arquinsiel posted:Does it block 127.0.0.1 specifically or all the addresses that resolve to localhost? We didn't check. I already have one can of worms open in the GxP space, so I'll leave it at that.
|
|
#
?
Mar 29, 2024 12:47
|
|
|
Keep it in the back pocket for an easy win down the line so.
|
|
#
?
Mar 29, 2024 13:13
|
|
|
If you accidentally end up on Bing and do a search, you are presented the search results as usual, note that according to the scroll bar you are at the top of the page You scroll down to look at the results, then you scroll back up to maybe look at the first result again, or to click on Images or whatever. I hope you didn't accidentally send a scrolling input after the page was already at the top though, because if you did then it's time to run some JavaScript animations and take over the entire browser tab to show you some *~Copilot~* garbage. Nobody uses Bing anyway, making the UX intentionally awful because someone wants a bonus for getting people to use a new feature isn't going to encourage takeup.
|
|
#
?
Mar 29, 2024 13:56
|
|
|
Sirotan posted:Spent like 50 hours working on an inventory reconciliation project over the last 2 weeks or so, I have been looking at spreadsheets so much I am starting to have dreams about them. If I can play devil's advocate for a minute, it's not enough to be "right." It's a bit presumptuous to create tickets and assign them to another team. They don't work for you. Yes, this should happen, but this probably should have been a conversation between managers instead. Right or wrong, your approach is going to upset people. And they may genuinely not have time -- their priorities might not be your priorities, and they may be under-resourced. Also, sometimes higher-ups will know you are right, but also know that making "friends," organizationally, can be worth more. As far as VMs go, I think it's worth having them an inventory so you don't lose track of them for things like patching, but it depends what the goal of the inventory is. If the goal is just to track physical hardware, then yeah, there isn't a point. And if that isn't the goal, but they think it is, they might view it as a waste of their time. Either way, you're best off advocating for VM inventory tracking to be policy.
|
|
#
?
Mar 29, 2024 15:10
|
|
|
guppy posted:It's a bit presumptuous to create tickets and assign them to another team. lol The org structure here is such that I am basically tier 3, and tickets were going to tier 2. Sending tickets to T2 asking them to fix poo poo is a not insignificant part of my job, it doesn't happen every day but it is pretty routine. Some days I might send 2 tickets, some days I might send 40. I am also not the only one in my team who tickets issues out to T2. The manager that made the biggest fuss got all of 8 tickets. Tickets were marked low priority, and I had no expectation that they needed to be resolved same day or even same week. It is a 1-5min job really. Other T2 groups resolved the tickets I sent them and didn't yell at me about it. If I have learned anything it is that I have a fundamentally different understanding of how a ticketing system works compared to several teams in my org. Majority of VMs in our environment are tracked in inventory and I wasn't aware until this week that we needed to literally have that in writing somewhere to ensure compliance with organizational norms. I'm sure there will be some meetings about it.
|
|
#
?
Mar 29, 2024 15:57
|
|
|
I've been using Bing for a while to google problems and its automated Copilot answer dealie is actually pretty good at getting me results out of SEO Hell.
|
|
#
?
Mar 29, 2024 15:59
|
|
|
I think using Bing was somewhat worth it with a microsoft account cause you could accumulate points to trade in for poo poo with actual monetary value, gently caress using it with that new garbage though lol Need web rings to come back so I don't have to use search engines anymore
|
|
#
?
Mar 29, 2024 16:02
|
|
|
Reoxygenation posted:I think using Bing was somewhat worth it with a microsoft account cause you could accumulate points to trade in for poo poo with actual monetary value, gently caress using it with that new garbage though lol I won so many copies of Vista (that I then sold on eBay) with those Live Search 'games' that inflated their search user numbers. Had a boring AF campus job at the time and had bots going on like a half dozen spare laptops. Ah, the good ole days.
|
|
#
?
Mar 29, 2024 16:04
|
|
|
Sirotan posted:lol First things first, I completely sympathize with you and it’s completely bull to have your colleagues complain to your grandboss. Especially for something small like this. That said, manually inventorying virtual machines seems like a very strange requirement (they’re virtualized - by definition there’s already a digital record of them). it should really have been an automated report that you pull from your virtualization or cloud platform’s APIs, or it should be automated from launch time. In any event, having policies down on paper is also essential to shield you from the blowback you got too. The Iron Rose fucked around with this message at 18:10 on Mar 29, 2024 |
|
#
?
Mar 29, 2024 18:07
|
|
Cat Army
|
Manually inventorying anything is loving dumb. I hate it so much. I have been advocating for an automated inventory solution for years now and there is never enough funding or time or [insert excuse here]. So instead I have to nag people to update their poo poo when they forget, or make a new record when they don't. I do not enjoy doing this, it is a waste of everyone's time, and I wish we had a better way. But we don't, I have been told our existing solution must be our source of truth, and thus I have to tell people to add their VMs there.
|
|
#
?
Mar 29, 2024 18:20
|
|
|
We have to manually inventory and it sucks but we're also government and if something goes missing it's a big deal because it looks bad on reports that make it look like we've got poor security and are pissing away taxpayer money.
|
|
#
?
Mar 29, 2024 18:25
|
|
|
Our owner has Rapid7 installed on everything and it's an impossible cycle to ensure everything is 100% "compliant". It's only been a month but I know my team is starting to burn out. edit: unsaid, I'm trying to figure it out. We've been offered "support" (offshore). Also been told I can probably get more headcount ... but I don't want to manage more people, and my people just want more money in general. Headcount would destroy raises. edit2: poo poo that pisses you off, old story, company leadership trying to bribe staff with "culture" instead of just loving paying their bills. teethgrinder fucked around with this message at 18:44 on Mar 29, 2024 |
|
#
?
Mar 29, 2024 18:41
|
|
|
If you have a compliance requirement and these other group managers are going "We don't have time to document things", then you escalate that compliance problem to someone else and wash your hands of it. If YOU are responsible for ensuring compliance, then time to sit people down and go "Your lack of organization isn't my problem, but your refusal to do poo poo asked of you is."
|
|
#
?
Mar 29, 2024 19:51
|
|
|
loving hell just use Microsoft Authenticator on your phone, we'll even pay you for the privilege.
|
|
#
?
Mar 30, 2024 00:05
|
|
|
I kinda liked inventorying, I’m almost certainly in the minority. It was like a treasure hunt and gave me a break from my job. What was lovely was the government side “borrowing” our equipment then getting fussy when we wanted it back and we had no idea where it was. Buy your own drat transconductance amplifier you cheap fucks I was glad I was also never the one in charge of it though, no thanks I don’t want to be accountable for some crappy monitor that’s been at someone’s house for two years and they live on the opposite coast
|
|
#
?
Mar 30, 2024 23:50
|
|
|
https://www.reuters.com/technology/microsoft-separate-teams-office-globally-amid-antitrust-scrutiny-2024-04-01/ It's a Reuters report so not 100% reliable but if teams will be sold as a separate sku with a price over zero we will be hosed. Our management will try to force us on shite alternatives like gotomeeting or worse. EU going all in on making my work poo poo for entirely frivolous reasons, first with the DMA making us worry about third party markets getting spyware filled apps on unmanaged mobiles, now to replace our IM middleware just because slack couldn't fleece microfiber vest wearing fuckers hard enough.
|
|
#
?
Apr 1, 2024 18:46
|
|
|
It is anti-competitive though, the same as Apple insisting that they should be the only people permitted to provide applications for a mobile platform that they enjoy over 50% market share on, while taking a 30% cut of all purchases. Microsoft could have chosen not to price their bundles in a way that Slack would have to have zero cost to be able to compete, but they didn't, and now they have to eat poo poo over it. I don't really understand the malware bit as it applies to phones either - if company data is on unmanaged devices then you need to assume that it's been leaked by being attached to a WhatsApp message anyway.
|
|
#
?
Apr 1, 2024 18:56
|
|
|
SlowBloke posted:EU going all in on making my work poo poo for entirely frivolous reasons, first with the DMA making us worry about third party markets getting spyware filled apps on unmanaged mobiles… Nobody at the European Commission had ever had to tell a grandma with a spyware-and-virus-laden Windows XP machine in 2004, choked with CoolWebSearch, Bonzibuddy, MyDoom and Sasser that with her budget, she could only afford to retrieve her data and pictures of her grandchildren or have a working PC, and it shows.
|
|
#
?
Apr 1, 2024 19:01
|
|
|
Thanks Ants posted:I don't really understand the malware bit as it applies to phones either - if company data is on unmanaged devices then you need to assume that it's been leaked by being attached to a WhatsApp message anyway. Until now you could expect that outlook from the apple app would be the correct one with MAM rules being correctly applied rather than something from a rando storefront which won't along with stealing all the data. We are now assessing cutting access from mobiles that are not under mdm, which will require us to add thousands of euros of budget to mobiles instead of allowing users that are not under a phone plan to use their personal ones. We will also look like uppity dipshits cause waving the security flag as a justification always look like we are the cause rather than others.
|
|
#
?
Apr 1, 2024 19:17
|
|
|
You can already restrict the clients that are used to access your M365 data in Conditional Access so you can restrict non-official Outlook apps the same way
|
|
#
?
Apr 1, 2024 19:20
|
|
|
Thanks Ants posted:You can already restrict the clients that are used to access your M365 data in Conditional Access so you can restrict non-official Outlook apps the same way Nothing stops a bad actor client app to self report as the official client so we excluded that path in our assessments when 17.4 EU changes were announced. It makes iOS as trustworthy as aliex phones and let me tell you, stating that to iPhone users is a barrel of fun.
|
|
#
?
Apr 1, 2024 19:28
|
|
|
It has a different application ID and publisher details in Entra, connections will be rejected unless your tenant is configured to permit end users to authorise any applications they want to use. Assuming you aren't using basic auth or anything like that.
|
|
#
?
Apr 1, 2024 20:07
|
|
|
Thanks Ants posted:It has a different application ID and publisher details in Entra, connections will be rejected unless your tenant is configured to permit end users to authorise any applications they want to use. Assuming you aren't using basic auth or anything like that. The application id and other registration items are in the package code, if someone grabs the official IPA, adds whatever spyware and MAM circumvention they like, publish on an alternative store and have it install, entra would still see it as the correct official one when it attempts to to log in.
|
|
#
?
Apr 1, 2024 20:41
|
|
|
Thanks Ants posted:It is anti-competitive though, the same as Apple insisting that they should be the only people permitted to provide applications for a mobile platform that they enjoy over 50% market share on, while taking a 30% cut of all purchases. Microsoft could have chosen not to price their bundles in a way that Slack would have to have zero cost to be able to compete, but they didn't, and now they have to eat poo poo over it. I feel like responding with that comic that ends in "I.....GUESS!" with an annoyed face. I mean, objectively you and the EU Commission are 100% correct, this is anticompetitive bundling and it leads to more monopoly and blah blah blah, but from an ease of use/licensing/making the argument to C-levels perspective it's just a monumental loving pain in the rear end. I already deal with enough headaches because clients insist on using Google Workspace (which does not work as a loving identity system unless you're one of those idiots who thinks OIDC authorization is exactly the same as SAML) and won't pay for Okta, which leaves us with Entra, and on top of that 1/3 of the people inevitably want to use the Microsoft tools, including, WITHOUT FAIL, loving OUTLOOK to connect to GSuite. Please don't get me wrong, I am basically a 150% Microsoft homer and I loving live in (old) Outlook, I love (old) Outlook, I'm used to all its shittiness and the heavy lift that is using it day to day. However, as always, the right loving tool for the job, and Outlook plus GWSMO plus Google Workspace is a recipe for hell on earth. I list all these random problems to point out that the very last thing I need is additional headache in selling the Microsoft stack because the EU has split the stack more than it was. Bottom line, this may be, quote, good for the market, but it's not good for anyone who just wants to loving provision some apps for users and go home, without getting C-levels up in their grill asking about extra costs and line items. I WANT Microsoft products to be bundled and included in one license so that I can just say "buy this and stop bothering me", and I can drink away the pain and stupidity of using Entra solely as an identity system to provision and control GSuite. And I mean, I get it, GSuite is pretty nice from a user point of view, Google has done a good job with the speed and functionality of those webapps. It just blows to admin because GSuite was built by smart users for smart users so admin and admin abilities are a complete afterthought. goddamn I hate gsuite SyNack Sassimov fucked around with this message at 07:19 on Apr 2, 2024 |
|
#
?
Apr 2, 2024 07:17
|
|
|
If the EU gets my French company to get rid of loving Teams I’ll fly to euro land and blow the generalissimo or whatever they have over there
|
|
#
?
Apr 2, 2024 07:22
|
|
|
This is all also correct and I know our tight-rear end company and tight-rear end clients wouldn’t be using SSO if Entra wasn’t a bundled M365 feature, and wouldn’t be using an internal IM app if Teams wasn’t bundled. Google Workspace sucks a fat one to administer.
|
|
#
?
Apr 2, 2024 07:58
|
|
|
SyNack Sassimov posted:I feel like responding with that comic that ends in "I.....GUESS!" with an annoyed face. I mean, objectively you and the EU Commission are 100% correct, this is anticompetitive bundling and it leads to more monopoly and blah blah blah, but from an ease of use/licensing/making the argument to C-levels perspective it's just a monumental loving pain in the rear end. This is all true, but once Teams is embedded in enough orgs and there are no serious competitors left, Microsoft will have no incentives whatsoever to properly support it.
|
|
#
?
Apr 2, 2024 11:26
|
|
|
SlowBloke posted:Nothing stops a bad actor client app to self report as the official client so we excluded that path in our assessments when 17.4 EU changes were announced. It makes iOS as trustworthy as aliex phones and let me tell you, stating that to iPhone users is a barrel of fun. Soooo what do you do with users that have Android phones? Just, like, do the same thing.
|
|
#
?
Apr 2, 2024 14:21
|
|
|
Doing a big update to sales tax stuff, and the new accounting department person we're working with seems to be dead. There's this giant unanswered question that's keeping us from deploying yesterday to get this out for Q2. I emailed this guy last Tuesday and have not heard a single peep. The project manager had to contact the third party we're working with directly, when previously the old accounting person did that. We're also in a group chat, and nothing, not even a thumbs up. He doesn't seem to be on vacation, but I'd like to see proof of existence. Edit: He exists, just responded to a direct IM in the group chat. Maigius fucked around with this message at 16:46 on Apr 2, 2024 |
|
#
?
Apr 2, 2024 16:32
|
|
|
Maigius posted:Doing a big update to sales tax stuff, and the new accounting department person we're working with seems to be dead. There's this giant unanswered question that's keeping us from deploying yesterday to get this out for Q2. I emailed this guy last Tuesday and have not heard a single peep. The project manager had to contact the third party we're working with directly, when previously the old accounting person did that. We're also in a group chat, and nothing, not even a thumbs up. He doesn't seem to be on vacation, but I'd like to see proof of existence. Accountants just SEEM like they're dead, poke them enough or shout something deliberately wrong about amortisation or depreciation calculations and they soon spring to life.
|
|
#
?
Apr 2, 2024 17:20
|
|
|
Man do I love working with teams who ignore my recommendations all year then scramble when its time for the audit. "Hey were getting asked what we do to monitor firewall logs and traffic into our VPC, can you give us a screenshot of our setup for the auditors?" "No, because you dont have anything setup, i'll forward you the email from earlier in the year when you responded it was to costly. Best I can do is a screenshot of your security groups for ec2 instances.""Oh well how will me meet this control than?" "I dont know, good luck. Let me know if you need anything else."
BaseballPCHiker fucked around with this message at 19:07 on Apr 2, 2024 |
|
#
?
Apr 2, 2024 18:10
|
|
|
|
| # ? Apr 28, 2024 00:46 |
|
|
BaseballPCHiker posted:Man do I love working with teams who ignore my recommendations all year then scramble when its time for the audit. I hope you had the smudgest look on your face the whole time.
|
|
#
?
Apr 2, 2024 18:23
|
|