|
Thanks Ants posted:Probably wasn't clear enough in the post - their issue with the cert was that it didn't come from a public provider, not that it was specifically self-signed. As in they want to see a valid Verisign or whatever certificate on the device for a domain that doesn't exist in public DNS. You say encouraging http here is backwards; it's not. A false sense of security is worse than no security at all.
|
#
?
Jun 3, 2016 00:33
|
|
|
|
| # ? May 14, 2024 02:20 |
|
|
poo poo pissing me off: people. We have pretty lax security, but the policy has always been 'mobile devices on guest wifi, laptops on internal wifi'. This is how it was originally configured. I just rolled out SSL inspection which requires all systems to get the firewall cert via GPO, which works great for our windows users, mac users can gently caress off, I don't care about them. dozen complaints because gmail isn't working on tablet/phones because of the change. No poo poo it isn't, get them the gently caress off my corporate wifi, why the gently caress did someone change the policy to allow this? No one will own up to making the change either. Motherfuckers.
|
|
#
?
Jun 3, 2016 00:44
|
|
|
can you even get a cert signed by someone from outside for a domain that is not public?
|
|
#
?
Jun 3, 2016 00:44
|
|
|
KennyTheFish posted:can you even get a cert signed by someone from outside for a domain that is not public? The domain has to be registered to get a CA cert generated for it.
|
|
#
?
Jun 3, 2016 00:45
|
|
|
keseph posted:You say encouraging http here is backwards; it's not. A false sense of security is worse than no security at all. I'd take your point if we were talking about a public service and encouraging staff to click through certificate errors, because yeah then they're going to click right through them when joined to a network that is MITM everything, but I can't see how it matters that much internally on something that isn't end-user facing. More and more devices don't even have HTTP as an option any more. It was more a comment on firms that bill themselves as security professionals that just pitch up with a laptop and run a scan to generate a checklist with highlighting this cert as an example of that.
|
|
#
?
Jun 3, 2016 00:50
|
|
|
I think a lot of the teamview issues acrually stem from people reusing the same password + the enormous Linkedin user dump that just happened. It doesn't take much to put two and two together and assume that a lot of IT professionals will be using some sort of remote access software.
|
|
#
?
Jun 3, 2016 04:01
|
|
|
The only thing I wonder about with the guessable password theory is the number of people who were affected that said they had 2 factor auth enabled. So, at the very least, it's guessed passwords plus a 2FA exploit which is better but still not great.
|
|
#
?
Jun 3, 2016 04:07
|
|
|
bull3964 posted:The only thing I wonder about with the guessable password theory is the number of people who were affected that said they had 2 factor auth enabled. If the 2FA was rigged to send to an email account, it's not too far of a stretch to assume the email account has the same password. That makes 2FA trivial to break.
|
|
#
?
Jun 3, 2016 04:13
|
|
|
Spring Heeled Jack posted:I think a lot of the teamview issues acrually stem from people reusing the same password + the enormous Linkedin user dump that just happened. I was lucky that when my password was cracked for teamview I was actually on one of the computer which when it was first connected to. The popup on the lower right hand window came up and the computer name wasn't something I recognized. I immediately changed the password and checked every teamviewer log on every computer I use it on.
|
|
#
?
Jun 3, 2016 04:13
|
|
|
Raerlynn posted:If the 2FA was rigged to send to an email account, it's not too far of a stretch to assume the email account has the same password. That makes 2FA trivial to break. Not too far of a stretch, but it's stretching more. If someone is going to go through the effort for 2FA, there's a better than average chance that they aren't the 'use the same password everywhere' type.
|
|
#
?
Jun 3, 2016 06:48
|
|
|
Inspector_666 posted:Godammit what the hell am I gonna use to remotely support my parents now. There's hardly any huge danger in putting TV Quicksupport on their desktop and having them click on it when you're on the phone with them.
|
|
#
?
Jun 3, 2016 08:00
|
|
|
It's been three months since I highlighted an issue with an internal system that holds critical data, set out a plan to get it onto a stable platform and documented, and just asked for time to be allocated to get it done. Still waiting  .bull3964 posted:Not too far of a stretch, but it's stretching more. I have definitely met people who feel like they can use the same password everywhere because they also use 2FA.
|
|
#
?
Jun 3, 2016 09:34
|
|
|
flosofl posted:A lot of these fly-by-night "security" companies
|
|
#
?
Jun 3, 2016 09:41
|
|
|
Collateral Damage posted:A bit unrelated, but what does the term "fly-by-night" mean in this context? I've seen it thrown around and haven't been able to figure it out. Personally I've always understood it to be in reference to People who trade / sell stuff either from shops or stalls that overnight just vanish. Wikitionary has: One who departs or flees at night in order to avoid creditors, law enforcement etc. (often used attributively). This is UK British usage
|
|
#
?
Jun 3, 2016 12:05
|
|
|
Collateral Damage posted:A bit unrelated, but what does the term "fly-by-night" mean in this context? I've seen it thrown around and haven't been able to figure it out. In US usage, it's similar to seadweller's definition, except it has dropped the definition of fleeing by night. It means any company, outfit, or operation that was or is setup to fold quickly - usually in a context of avoiding the post-sale customer service aspect and/or disappearing with money spent e.g. on a support contract. The context is that if you spend your money with them, you will probably not get what you paid for.
|
|
#
?
Jun 3, 2016 13:22
|
|
|
Why do I have to clear my browser cache? It's 2016, I do not have a slow or limited connection. My browser shouldn't be caching anything.
|
|
#
?
Jun 3, 2016 15:08
|
|
|
FogHelmut posted:Why do I have to clear my browser cache? It's 2016, I do not have a slow or limited connection. My browser shouldn't be caching anything. I honestly don't know if you're being sarcastic or not.
|
|
#
?
Jun 3, 2016 15:12
|
|
|
FogHelmut posted:Why do I have to clear my browser cache? It's 2016, I do not have a slow or limited connection. My browser shouldn't be caching anything. The servers may have a slow connection, relative to the amount of clients served, and we still haven't invented FTL communications so roundtrip times will often also matter.
|
|
#
?
Jun 3, 2016 15:19
|
|
|
Gounads posted:I honestly don't know if you're being sarcastic or not. I'm not. There is no reason for it. It's some silly legacy thing from the early 90s. The browser should be loading the freshest poo poo each time. It is insane that when I'm trying to get some vendor's garbage software to work I have to go through three menu levels to press a button and then reload the browser. It's been SOP for a hundred years now, its like the world is brainwashed.
|
|
#
?
Jun 3, 2016 15:20
|
|
|
FogHelmut posted:I'm not. There is no reason for it. It's some silly legacy thing from the early 90s. The browser should be loading the freshest poo poo each time. It is insane that when I'm trying to get some vendor's garbage software to work I have to go through three menu levels to press a button and then reload the browser. It's been SOP for a hundred years now, its like the world is brainwashed. I would think that caching for the sake of efficiency is still valid in the year of our lord 2016.
|
|
#
?
Jun 3, 2016 15:25
|
|
|
FogHelmut posted:I'm not. There is no reason for it. It's some silly legacy thing from the early 90s. The browser should be loading the freshest poo poo each time. It is insane that when I'm trying to get some vendor's garbage software to work I have to go through three menu levels to press a button and then reload the browser. It's been SOP for a hundred years now, its like the world is brainwashed. First, I'll agree. You should never have to go clear the cache. If you do, the app was poorly designed to handle caching. But, you're crazy if you think there should never be any caching. It should be completely invisible to the user except their poo poo loads a ton faster. On a well designed site, it's the difference between clicking a link and having the page come up in a couple hundred milliseconds vs. coming up in a few seconds. That's huge. On a poorly designed site, it might be the difference between a couple hundred milliseconds and 10 seconds of downloading JS dependencies. Give someone a lovely connection, and you might save them half a minute. nielsm posted:The servers may have a slow connection, relative to the amount of clients served, and we still haven't invented FTL communications so roundtrip times will often also matter. Plus that.
|
|
#
?
Jun 3, 2016 15:27
|
|
|
FogHelmut posted:I'm not. There is no reason for it. It's some silly legacy thing from the early 90s. The browser should be loading the freshest poo poo each time. It is insane that when I'm trying to get some vendor's garbage software to work I have to go through three menu levels to press a button and then reload the browser. It's been SOP for a hundred years now, its like the world is brainwashed.
|
|
#
?
Jun 3, 2016 15:27
|
|
|
Yeah why should my browser cache forum avatars, I demand the absolute freshest bits every single time I  a thread.
|
|
#
?
Jun 3, 2016 15:29
|
|
|
xzzy posted:Yeah why should my browser cache forum avatars, I demand the absolute freshest bits every single time I Somethingawful probably saves terabytes on bandwidth a month on avatar caching alone with all the users. Oh wait we still have some archaic 100kb limit, so few hundred gigs? Reading 20 pages in a thread is let's assume half that so 50*50=250kb of avatars. 20 pages brings that to 5MB I'd hazard that's about average for oh let's just say 1000 users per day. Remember you don't have to read the full page we aren't caching so reading 1 new message or pressing f5 will refresh everything. that's 5GB/day 150GB/month in bandwidth savings at a probably very conservative estimate over 50kb files. On dialup often you were the limiting factor, now the servers are the limiting factor.
|
|
#
?
Jun 3, 2016 15:36
|
|
|
Then start caching the ads if efficiency is such a concern. I'm done clearing my cache.
|
|
#
?
Jun 3, 2016 15:39
|
|
|
This seems like a very strange hill to die on.
|
|
#
?
Jun 3, 2016 15:42
|
|
|
FogHelmut posted:Then start caching the ads if efficiency is such a concern. I'm done clearing my cache. Dude, just turn off your caching if it's such a big deal.
|
|
#
?
Jun 3, 2016 15:43
|
|
|
FogHelmut posted:I'm not. There is no reason for it. It's some silly legacy thing from the early 90s. The browser should be loading the freshest poo poo each time. It is insane that when I'm trying to get some vendor's garbage software to work I have to go through three menu levels to press a button and then reload the browser. It's been SOP for a hundred years now, its like the world is brainwashed. There's a reason Google hosts a CDN for popular Javascript libraries. (https://developers.google.com/speed/libraries/) That way one cache entry is valid for thousands of sites and doesn't require yet another round trip as part of every page load. You need to fix your actual problem. If you're having to clear your cache regularly something is horribly stupid with whatever site is causing you to do that.
|
|
#
?
Jun 3, 2016 15:50
|
|
|
Spring Heeled Jack posted:I think a lot of the teamview issues acrually stem from people reusing the same password + the enormous Linkedin user dump that just happened. Is the linkedin thing super new, or is that why they told me to change my password a month or two ago?
|
|
#
?
Jun 3, 2016 16:26
|
|
|
2012 incident and more credentials were leaked in the last few weeks, IIRC.
|
|
#
?
Jun 3, 2016 16:39
|
|
|
Gounads posted:First, I'll agree. You should never have to go clear the cache. If you do, the app was poorly designed to handle caching. As someone who works for a company who's product is a Webapp - you are forgetting lovely browsers/lovely addons/lovely PC's/etc. Our stuff ~shouldn't~ need to be refreshed to grab any of the latest updates. But on a lot of peoples PC's it needs to be forced. You can code as well as you like, but when there's poo poo on someones computer that's preventing your code from working...whelp.
|
|
#
?
Jun 3, 2016 16:42
|
|
|
I've got my IE cache set to a max of 250MB, yet youtube keeps filling a temp folder elsewhere with gigs of temp video
|
|
#
?
Jun 3, 2016 16:52
|
|
|
spog posted:I've got my IE cache set to a max of 250MB, yet youtube keeps filling a temp folder elsewhere with gigs of temp video
|
|
#
?
Jun 3, 2016 17:15
|
|
|
anthonypants posted:Does YouTube on IE still use Flash? HTML5 It's a bunch of big files: C:\Users\...\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1ACC43X\videoplayback[2].mp4 120,693 KB C:\Users\...\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DR4VIKKT\videoplayback[1].dat 32,768 KB C:\Users\...\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1E1JSXVV\videoplayback[1].dat 24,448 KB C:\Users\...\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1E1JSXVV\videoplayback[5].mp4 23,613 KB
|
|
#
?
Jun 3, 2016 17:21
|
|
|
poo poo that pisses me off: Spilled sweet tea on my laptop. poo poo not pissing me off: Fuckin' saved it 
|
|
#
?
Jun 5, 2016 00:06
|
|
|
People who drink sweet tea get what they deserve!
|
|
#
?
Jun 5, 2016 16:45
|
|
|
MC Fruit Stripe posted:People who drink sweet tea get what they deserve! Shots fired!
|
|
#
?
Jun 5, 2016 17:06
|
|
|
poo poo pissing me off: Someone did SOMETHING to the auth mechanism on our internal documentation site, and now none of the engineering dept can actually log into it, even with known good accounts that have had nothing changed. How hard is it to NOT break a thing that was working fine 2 weeks ago?
|
|
#
?
Jun 5, 2016 17:16
|
|
|
MC Fruit Stripe posted:People who drink sweet tea get what they deserve! Arnold Palmer supremacy
|
|
#
?
Jun 5, 2016 17:23
|
|
|
|
| # ? May 14, 2024 02:20 |
|
|
spog posted:It's a bunch of big files: 
|
|
#
?
Jun 5, 2016 17:33
|
|
