|
my first question was why the water treatment system needs to be connected to the internet in the first place i’m not asking rhetorically, i don’t know anything about water treatment
|
# ¿ Feb 9, 2021 00:36 |
|
|
# ¿ Apr 24, 2024 14:38 |
|
Shaggar posted:edge syncs its passwords to microsoft authenticator which you can use as an ios password manager i do this, it became quite needs-suiting once microsoft fixed the edge bug that kept it from suggesting new strong passwords
|
# ¿ Jun 6, 2021 19:34 |
|
logging failures i can see the particular stupid logic of (“we need it for troubleshooting”) but why on earth would you log a hashed password on success? what operational capability does that provide?
|
# ¿ Sep 26, 2021 14:59 |
|
how is that even an “exploit.” “you can exploit the library to download and run arbitrary code by using the built-in feature designed to let you download and run arbitrary code.”
|
# ¿ Dec 10, 2021 17:53 |
|
ate poo poo on live tv posted:This seems like a fine question even if you are blind. As long as you have the clock defined as a mathematical construct, which it already is, it's a circle with discrete hours defined every 30 degree's and minutes defined every 6 degrees. Then you are just asking the person to do some geometry with the "cleverness" to understand how a clock works. For a millennial or a blind person who has no concept of an analog clock you just explicitly define the clock for them. an interview question that uses a concept that is intimately familiar to one subset of respondents but alien to another seems risky from a fairness perspective. even if your explanation of an analog clock is really good, the people who need it explained are going to have to use part of their brain to for understanding it that the other group will be able to use on the programming problem itself.
|
# ¿ Jan 5, 2022 16:33 |
|
Achmed Jones posted:nah i misunderstood. "bottom" was for bdsm thing, not for "gay guy who prefers a certain type of sex". when read correctly it's fine fwiw i read “bottom” as the bdsm kind and had the same reaction because i didn’t realize that it was supposed to reference a specific archetype of sub rather than generalizing across the whole category
|
# ¿ Jul 11, 2022 17:32 |
|
Subjunctive posted:FB got a lot of education (including security education) mileage out of little posters above urinals and on the back of washroom stall doors. the qr codes were a little awkward over the urinals, but they always put one by the door or some other “safe” spot so you could reasonably aim your camera the security education required you to scan a random QR code you found in a bathroom stall?
|
# ¿ Oct 21, 2022 03:27 |
|
Lain Iwakura posted:i have my full name on linkedin. it's useful for me to know if it is a robo email contacting me due to the inclusion of my middle name my linkedin job title is "computer button pusher" and every once in a while i get recruiter spam about how i'd be a great fit for a computer button pusher role they know of
|
# ¿ Dec 6, 2022 22:00 |
|
there's some ops guy at work who is trying to write some script to a monitor a thing. nobody has asked him for this. nobody wants it except him. but he's running into trouble because the only api that can be used to monitor it can't be invoked by an arbitrary script running somewhere. so he comes to me to ask my recommendation for how to handle it. he doesn't like my answer of "don't, nobody ask you to do this," and then we have this conversation: him: how do backend services use this api? me: their iam roles give them permission to do it him: oh, can i get that permission attached to a role i can assume? me: no him: i'm pretty sure that's possible no poo poo it's possible dude, i'm just not going to do it. this guy spends half his time complaining that my team builds things insufficiently securely and the other half of his time requesting nonsense like this.
|
# ¿ Jan 10, 2023 22:31 |
|
mystes posted:Obviously you should have said "you can but you may not" yeah i have historically had a problem being blunt at work so i'm working on that and apparently overcorrecting sometimes
|
# ¿ Jan 10, 2023 22:44 |
|
CommieGIR posted:He gives you poo poo about insecurity and yet he wants to attach his monitoring script to the api and get elevated privileges to do so? Why can't he just do what he wants through log aggregation and monitoring of said logs? for stupid historical reasons that are not his fault he doesn't have access to our logs. but this is because there's a huge loving wall between what he does and what we do, and the thing he's been told to do is throw some data over the wall (into an s3 bucket) and forget about it. but he wants to monitor everything we do with the data once he throws it over despite, again, him not being asked to do that in any way by anyone
|
# ¿ Jan 10, 2023 22:51 |
|
maxwellhill posted:sounds sketchy honestly he is a sysadmin who wants to be a software engineer, thought he had a chance to do some software engineering, and is mad that we’re taking away his toy nudgenudgetilt posted:yeah, isn't ops job typically to provide visibility into the health of services? i should not have used that term because it doesn’t mean the normal thing at my company Main Paineframe posted:if it's not his job to do it, claim you need his manager's signoff or something, so he wastes his boss's time with this poo poo instead of wasting your time. oh, it’s not happening. our common management ancestor is the cto. this guy has zero leverage. and if he does talk someone important into backing him, whatever, i’ll do whatever stupid poo poo senior leadership asks for as long as my checks cash.
|
# ¿ Jan 11, 2023 17:56 |
|
Chris Knight posted:grandboss or great grandboss? his grandboss, my great-grandboss. (he’s not a manager or anything, the reporting tree is just unbalanced)
|
# ¿ Jan 11, 2023 22:26 |
|
at the london science museum many years ago there was an exhibit called "don't touch." it was a big metal column with a big sign reading "DON'T TOUCH" on it. it hummed with the sound of electricity. on the floor was a big sign with arrows pointing to it reading "DON'T TOUCH." there was a convenient bench nearby where you could sit and watch person after person walk up to it, touch it, and get angry that it shocked them.
|
# ¿ Feb 2, 2023 00:07 |
|
i’m pretty drunk but i still genuinely do not understand running a plex server or client or any goddamn thing on a corporate machine your work box is your work box, if you want to watch weird hentai or whatever do it on your personal machine. why is this difficult.
|
# ¿ Mar 2, 2023 06:23 |
|
Pile Of Garbage posted:literally never did that are you all high or something your posts are bafflingly aggro to multiple people itt
|
# ¿ Mar 27, 2023 21:42 |
|
win11 has played much nicer with multiple audio devices than win10 did for me
|
# ¿ Jun 4, 2023 00:30 |
|
let’s all get really opinionated about a system we learned about five minutes ago entirely via a journalist’s third-hand attempt to explain a bespoke search algorithm
|
# ¿ Sep 6, 2023 14:47 |
|
a couple of jobs ago one of the staff engineers started a voluntary salary survey and shared it to the entire company as his hackathon project. he was smart enough to only do it after he'd made himself unfireable, which was good, because the c-suite was incensed.
|
# ¿ Sep 14, 2023 14:55 |
|
abigserve posted:i don't think I've ever met anyone that actually liked splunk and by the same token I've never met anyone that didn't hate cisco so seems like a partnership that should work out really well i like splunk. if i want to search for something in my logs i just type it and i when i want to visualize the search results i put the query into a widget and it just works.
|
# ¿ Sep 22, 2023 04:52 |
|
well-read undead posted:this is a super clear no-one-good-answer topic, because the characteristics of your deployment environment matter a huge amount. web app? fire poo poo out there, you can roll it back instantly if things go bad. mobile/desktop app? now a fix/rollback requires end users to receive an update, so you gotta be more careful. embedded software in an on prem device? lol idk how the gently caress that poo poo works at all plus, in some domains, change risk can vary over time - the correct deployment philosophy might be different on black friday or new year’s eve than then it was the week before. when reading someone else’s confident prescriptions about the correct way to do deployments, pay close attention to how well their circumstances match your own.
|
# ¿ Nov 6, 2023 22:58 |
|
the one phishing test email i fell for was purportedly from hr right before halloween asking us to not wear inappropriate costumes on the holiday - and which included a link to pictures of past colleagues making bad costume choices. yeah, i clicked the "look at pictures of your racist and/or slutty coworkers" link. the only consequence was a popup calling me an idiot so i'm not mad.
|
# ¿ Dec 7, 2023 13:43 |
|
a couple of jobs after that one the security team sent out an email announcing mandatory security training and the cto immediately followed it with an email saying "that was phishing, don't click it." it was not.
|
# ¿ Dec 7, 2023 13:58 |
|
SlowBloke posted:Once i grown tired of unifi bullshit, i moved to zyxel nebulaflex. If you feel that the government is watching you you can run them standalone, otherwise you can run them on cloud-based management. what's poe's law for technology companies
|
# ¿ Dec 21, 2023 18:19 |
|
Cybernetic Vermin posted:yep, agreed. in fact i'll also accept the extension on the technology side "what we're you *expecting* it to do?" as far as social impact if you don't understand anything about united states policing you probably think it provides timely information to competent, upstanding cops, thereby allowing them to intervene immediately after gunfire, which makes the community safer for everyone
|
# ¿ Feb 25, 2024 16:32 |
|
Last Chance posted:why is Zuckerberg such a huge piece of poo poo? billionaires are pieces of poo poo, tech bros are pieces of poo poo, and 20-year-olds (where his emotional development was frozen by $$$) are pieces of poo poo
|
# ¿ Mar 28, 2024 18:54 |
|
to be a fly on the wall right now of the office of whoever spent all the time and energy to set this up
|
# ¿ Mar 31, 2024 00:11 |
|
PIZZA.BAT posted:genuine question: do people really think this is a state actor? the patience definitely points to that but fumbling it in the way they did at the last minute looks like a lack of discipline i wouldn't expect to see. idk i'm not at all well versed in this area so maybe they fumble things like this all the time i know it's weird to see a government organization act incompetently but
|
# ¿ Apr 1, 2024 14:31 |
|
JunkDeluxe posted:My favourite is the 2 hr work-item in the afternoon going through all our repo's to check if any devs accidentally pushed secrets. why don't you have a robot do this
|
# ¿ Apr 17, 2024 15:21 |
|
|
# ¿ Apr 24, 2024 14:38 |
|
Volmarias posted:Why would you trust a robot to keep your secrets??? the robot doesn't need to keep any secrets, it just needs to know how to identify them. e.g. if it sees GITHUB_TOKEN=hex-lookin-thing it can try to use the token to do a github and tell you if it worked.
|
# ¿ Apr 17, 2024 17:05 |