|
 It gets worse.. See the "User Settings" link? When you click this is takes you straight to the User Profile screen and into the account thus bypassing 2FA entirely. Its almost like they implemented "2FA" by cut and pasting someone else's code. Edit: I just cannot believe what a hilariously massive failure this is... How did someone not catch this?! stevewm fucked around with this message at 16:37 on Jun 24, 2019 |
#
?
Jun 24, 2019 16:25
|
|
|
|
| # ? Jun 3, 2024 18:42 |
|
|
Security as smoke and mirrors
|
|
#
?
Jun 24, 2019 16:48
|
|
|
bobmarleysghost posted:Security as smoke and mirrors SMaaS. Now available outside Nevada!
|
|
#
?
Jun 24, 2019 17:08
|
|
|
stevewm posted:
Turns out the QA department was you the whole time!
|
|
#
?
Jun 24, 2019 17:09
|
|
|
Wizard of the Deep posted:SMaaS. Only $5.99 per user per month, integrates with Gsuite and O365.
|
|
#
?
Jun 24, 2019 17:25
|
|
|
We had an issue with password resets once. If you tried to reset a users password you'd get an error and partially logged into the account. This wouldn't let you enter the main site, but you could edit the users profile info including email. Don't think they were too terribly quick resolving that either.
|
|
#
?
Jun 25, 2019 00:50
|
|
|
That's the type of poo poo you get either when the CEO's nephew writes it or someone buys some software and an unqualified IT monkey gets tasked to get it integrated no matter what because there's too much money invested now.
|
|
#
?
Jun 25, 2019 01:05
|
|
|
PBS posted:We had an issue with password resets once.
|
|
#
?
Jun 25, 2019 01:30
|
|
|
My new found shortcut is proving useful for now. It makes you do the "2FA" every login. And I can easily bypass that with only 2 clicks! It really is a great time saver!
|
|
#
?
Jun 25, 2019 03:33
|
|
|
Aesis posted:Seems to me like your server was refusing authentication as intended but adding the requested account into session at the same time. Not that I use sessions at all, but this looks like the case. Beats me, not really familiar with that kind of development. I was a little curious as to how that might happen though
|
|
#
?
Jun 25, 2019 06:17
|
|
|
poo poo pissing me off: I accepted a job offer from a US company and they wanted to do a background check. Immigration offices have asked me less than these nosy motherfuckers. At least I might get some satisfaction after they complete it by waving the GDPR around since I am living and working in the EU.
|
|
#
?
Jun 25, 2019 16:56
|
|
|
Sprechensiesexy posted:poo poo pissing me off: I accepted a job offer from a US company and they wanted to do a background check. Immigration offices have asked me less than these nosy motherfuckers. Since they can't find anything about you from the US, why not offer to get a DBS check? Only costs £25 and you don't need to tell the US company anything.
|
|
#
?
Jun 25, 2019 17:07
|
|
|
Shut up Meg posted:Since they can't find anything about you from the US, why not offer to get a DBS check? I don't live in the UK, anyway I got nothing to hide but I dislike people digging in my personal life as a matter of principle. Also, 2 months notice here is the legal requirement so I agreed with new company on a 1st of September start date (Notice period of July/August) and this background check taking 3 weeks was starting to potentially gently caress with my timeline.
|
|
#
?
Jun 25, 2019 17:11
|
|
|
Sprechensiesexy posted:I don't live in the UK, anyway I got nothing to hide but I dislike people digging in my personal life as a matter of principle. Also, 2 months notice here is the legal requirement so I agreed with new company on a 1st of September start date (Notice period of July/August) and this background check taking 3 weeks was starting to potentially gently caress with my timeline. When I assumed you were in the UK, I made an rear end out of me and me. The basic check in the UK is pretty good - you only give your personal info to the govt (who has it already) and you get a proper certificate that lists your criminal record (or lack thereof), so you don't have to give your inside leg measurement and sexual orientation to your company's HR dept. Of course, when my company did it, they outsourced the process to a third party whose T&C's were 'we take no responsibility if we let your personal info be stolen), so I told them to get stuffed. I really sympathize with your situation, though.
|
|
#
?
Jun 25, 2019 17:30
|
|
|
Shut up Meg posted:When I assumed you were in the UK, I made an rear end out of me and me. Yeah, this background check was done by an external company from the US as well so I trust them to sell/lose my data at some point.
|
|
#
?
Jun 25, 2019 17:50
|
|
|
Lmao, remember that Hackathon nonsense I posted about a while ago? "We are pushing the dates out to a little later this year. Actual dates are still in discussion, but we will fill you in as soon as the dates are nailed down so you have plenty of time to plan. You’ll also be happy to hear that we are planning on moving the timeline to be a Thursday afternoon to Friday evening so you can still have your weekend free!" I love how shocked they've been that no one wants to give up their entire weekend to put in 12 unpaid overtime hours each day.
|
|
#
?
Jun 25, 2019 19:17
|
|
|
Had a Fortinet SSO issue this morning. It's not the DNS - I thought There's no way it's the DNS - I told my self It was the DNS
|
|
#
?
Jun 25, 2019 19:19
|
|
|
How is this hackathon, where you are only going to be working on things that provide value to ongoing projects different than a normal work day? The only hackathons I've been a part of the department just broke into little groups depending on who was interested in what project. At the time it was a lot of people wanting to get their hands dirty on some GO code, but not being on a team that works with the language day to day. At the end we just show eachother what we built, and usually that's the end since they aren't really production quality stuff. It's just a networking event really, getting people to talk and work together, ask questions, ect. And of course it was during work hours, not the weekend. WTF?
|
|
#
?
Jun 25, 2019 19:58
|
|
|
Mute_Fish posted:Had a Fortinet SSO issue this morning. I too had a "its not DNS" moment this morning. login.live.com wasn't working and throwing certificate errors. Turns out our DNS web filtering service had mis-categorized one of the domains login.live.com points to, thus breaking it.
|
|
#
?
Jun 25, 2019 19:59
|
|
|
fargom posted:How is this hackathon, where you are only going to be working on things that provide value to ongoing projects different than a normal work day? Exactly. You're officially more qualified than at least 3 managers in my company who thought this was a good idea.
|
|
#
?
Jun 25, 2019 20:43
|
|
|
BaronVonVaderham posted:Exactly. You're officially more qualified than at least 3 managers in my company who thought this was a good idea. One of your leaders has a hard on for this event and simply won't let it go. I assume someone read up on it and is having fantasies about it or someone is looking to setup an event that looks good for a yearly review. This event is all for show and pointless. I bet whoever wants it isn't going to go.
|
|
#
?
Jun 25, 2019 20:55
|
|
|
I just discovered that someone in the past added change password permissions for the Everyone group in AD to the default permissions on the user object class in the schema. 
|
|
#
?
Jun 26, 2019 00:31
|
|
|
Deciding on whether or not to be bothered by something... I'd like some goon input. Couple of months ago we got a new Director. She reorganized a bunch of teams, I went from my small 3 man team (officially responsible for networking and security) to a 7 man team, now responsible for all infrastructure as well as our security stance. I did not receive a title change as part of this, nor any salary change. Now I'll be honest, I'm pretty well paid in my position, I've fought hard over the last 5+ years here to make sure I'm compensated well, so I'm not really bent out of shape about it financially, but it still kind of chaps my rear end. My Director has said that before the end of the year she'll be doing a salary and title review, but that feels so vague. So goonfriends, should I push this? Just wait a few more months and see if my Director starts the process?
|
|
#
?
Jun 26, 2019 00:43
|
|
|
DigitalMocking posted:Deciding on whether or not to be bothered by something... I'd like some goon input. Has the actual work you're doing increased at all?
|
|
#
?
Jun 26, 2019 00:45
|
|
|
Thanatosian posted:Has the actual work you're doing increased at all? To be honest, not really? I mean I have to do quarterly reviews and I have another 2.5 hours of 1 on 1s every month, but not much has really changed since I gave the infrastructure guys a lot of guidance before they became officially mine. Thanks for the perspective, I haven't really looked at it like that.
|
|
#
?
Jun 26, 2019 00:46
|
|
|
Thanatosian posted:Has the actual work you're doing increased at all? Also, are you managing direct reports or are you a worker bee here? It's unclear from your post.
|
|
#
?
Jun 26, 2019 00:56
|
|
|
HiroProtagonist posted:Also, are you managing direct reports or are you a worker bee here? It's unclear from your post. He has direct reports. I would also consider this: Has the new Director ever not done something that they said they would? If so, push. If not, be patient.
|
|
#
?
Jun 26, 2019 01:06
|
|
|
DigitalMocking posted:Deciding on whether or not to be bothered by something... I'd like some goon input. kensei posted:He has direct reports. Tbh this smells like bullshit and I would not at all be surprised if you found four of your team suddenly assigned roles somewhere else in the company without your knowledge.
|
|
#
?
Jun 26, 2019 01:14
|
|
|
Myself, last Monday: Guys? I know you had that new product in the pipeline that is going to require that we be on X tooling, I'm changing off of X tooling next week and won't be back onto it for a month, do you have the details set with the customer? Sales & Marketing: *crickets* Last Thursday: Hey, tactlessbastard, are you all set to run that new product? I have everything I need except the labeling requirements from Sales & Marketing. We're changing off that tooling on Monday, but if they can get it to me before then I'll run it, otherwise it's going to be mid July before we get back on that tooling. Sales & Marketing: *crickets* This Monday: Hay guys I'm about to change off that tooling, do you want the new product run? Sales & Marketing: *crickets* *changes tooling* Last night I get called wanting to know if we can change the tooling back and run the samples of the new product because sales told them to expect them there by Friday.
|
|
#
?
Jun 26, 2019 11:17
|
|
|
It's good to be able to tell people to eat large amounts of poo poo in these situations
|
|
#
?
Jun 26, 2019 11:43
|
|
|
Thanks Ants posted:It's good to be able to tell people to eat large amounts of poo poo in these situations Yeah, it would but we're owned buy a guy that made his bones in sales and the CEO is the former VP of sales and they are definitely driving this car.
|
|
#
?
Jun 26, 2019 11:52
|
|
|
DigitalMocking posted:My Director has said that before the end of the year she'll be doing a salary and title review, but that feels so vague. Why can't it happen now? Unless there's a law against it or your contract has stipulations on when compensation is reviewed there's nothing truly stopping her from doing it earlier. Company policy is largely bullshit and is ignored all the time, especially by higher ups. Unless you have something in writing or actual cash in your account you might as well act like it didn't happen.
|
|
#
?
Jun 26, 2019 12:37
|
|
|
COO trying hard to make me look guilty. Had lunch with team leader. He was having half day off in the afternoon so decided to work through lunch then go home an hour early, but changed his mind when he saw me working my rear end off through lunch. Got asked about whether I wanted to work from home to chill my head a bit until Friday, since we’re moving into new office next Monday. Asked why, was told it’s cuz those three cunts are feeling ver uncomfortable by my presence as they sit right behind me. Not my bloody problem! Of course, this question was from COO as he always makes other person do his dirty biddings. Seriously he’s been doing these shizzle for past 3 years I’ve been in this company, to everyone. No loving wonder why people hate him that some would even state that as they quit! Anyways I just said ‘I have deadlines this and next Friday for 2 services (one rakes in money. And I am responsible for both) and therefore I do need to communicate with planning team, design team and other devs constantly regarding questions and issues they approach me for constantly. I think it is not right that even other people should be affected just because some people feel uncomfortable with me. Besides, I think it would make me look guilty if I work from home, as people will think I’m being punished by being told to stay at home’. Came back after lunch, was busy working my rear end off while there was some noise behind me. I finally took a break 3 hours later, got off my chair, found those cunts’ monitors and laptops gone. They moved their stuff to new office even while some works are being done there, because I stated that I was not going to work from home. There is a saying in Korea. If a monk hates the temple then he/she should leave. If you don’t like me around, piss off~ Where’s my ~deal wiz it~ smiley?
|
|
#
?
Jun 26, 2019 13:16
|
|
|
tactlessbastard posted:Myself, last Monday: Argh I'm so irritated I keep fat fingering poo poo into NetSuite and having to redo it. I need a break. Hail Satan.
|
|
#
?
Jun 26, 2019 13:27
|
|
|
Aesis posted:COO trying hard to make me look guilty. This all sounds like some middle school temper tantrums and gossip.
|
|
#
?
Jun 26, 2019 14:04
|
|
|
making me laugh: my boss found out I was interviewing, and pretended he was cool with it and would write me a letter of recommendation. Four days later he is openly punishing me for my disloyalty.
|
|
#
?
Jun 26, 2019 14:24
|
|
|
Aesis posted:COO trying hard to make me look guilty. I am having a hard time following what you are saying. Are you the loud guy in the office that people hate working around? Why are they uncomfortable?
|
|
#
?
Jun 26, 2019 14:28
|
|
|
Comradephate posted:making me laugh: my boss found out I was interviewing, and pretended he was cool with it and would write me a letter of recommendation. Four days later he is openly punishing me for my disloyalty. Scuttlebutt from a previous coworker is that ex-boss is telling everyone she's too busy to help with anything. I have no idea how she's still in that job, especially since her best bud the VP left a month after I did.
|
|
#
?
Jun 26, 2019 15:17
|
|
|
Honestly the whole describing women making harrassment claims as bitches and cunts thing is basically enough for me to conclude that mr. turbogoon over here probably did, in fact, harrass them. It's not like any of the men who sexually harassed me in IT had any idea they did anything wrong at any point lol. Fortunately, this whole thing seems like you're flaming out and alienating everyone so at least this should be a self correcting problem.
|
|
#
?
Jun 26, 2019 15:31
|
|
Cat Army
|
|
| # ? Jun 3, 2024 18:42 |
|
|
The Iron Rose posted:Honestly the whole describing women making harrassment claims as bitches and cunts thing is basically enough for me to conclude that mr. turbogoon over here probably did, in fact, harrass them. I was honestly just waiting for the inevitable "well you just call everyone that here!" retort like when you admonish Aussies who use that term all the time, myself. 
|
|
#
?
Jun 26, 2019 15:43
|
|
