|
Can never be said enough.
|
# ? Feb 3, 2021 21:25 |
|
|
# ? May 27, 2024 04:59 |
|
Boss just called and told me I am getting a 12.5% bonus for last year
|
# ? Feb 3, 2021 21:55 |
|
A ticket came in: a colleague Of course I was only notified after he had already left us, when I got the mail from the owner asking me to forward his mail to him. Also, did I happen to have this person's admin passwords to our company social media? And maybe the login to his computer?
|
# ? Feb 4, 2021 07:34 |
|
dragonshardz posted:...MTU? Where would I see what it's set to, and how would I validate that it is correct? Have a look the below link and let us update.
|
# ? Feb 4, 2021 14:29 |
|
I saw a post about a Linux job and it says "Working across 24 hour shifts"
|
# ? Feb 4, 2021 15:06 |
|
Bob Morales posted:Have a look the below link and let us update. That's a very good impression. Do you moonlight on the Microsoft Community Forums telling people to run chkdsk and kindly revert after the needful task is completed? fakeedit: The ISP tech fixed the user's issue by factory resetting the router.
|
# ? Feb 4, 2021 17:20 |
|
dragonshardz posted:That's a very good impression. Do you moonlight on the Microsoft Community Forums telling people to run chkdsk and kindly revert after the needful task is completed? Would you mind letting me know the result of the suggestions? If you need further assistance, feel free to let me know. Bob Morales MVP, MCP Microsoft MVP - Windows 10 My Blog: http://msmvps.com/blogs/bobmor/ Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
|
# ? Feb 4, 2021 17:26 |
|
My favourite vendor support forums are the ones that some ISPs run that seem to be full of people who spend their own time volunteering to tell you that you're an idiot for expecting any sort of level of competent customer service.
|
# ? Feb 4, 2021 17:33 |
|
A ticket came in. User is getting a headache every day because the refresh rate on their laptop monitor is 60hz instead of 75hz. They want to know if we can "do anything" about this or if they have to file a reasonable accommodation request to get it fixed. I'm sitting here like...drink more water?
|
# ? Feb 4, 2021 17:36 |
|
Thanks Ants posted:My favourite vendor support forums are the ones that some ISPs run that seem to be full of people who spend their own time volunteering to tell you that you're an idiot for expecting any sort of level of competent customer service. You'd love https://community.ui.com/!
|
# ? Feb 4, 2021 17:46 |
|
dragonshardz posted:A ticket came in. Of course he was a ~*~developer~*~ so the way the case came in was that the nvidia control panel wasn't actually changing the refresh rate of the monitor, and he refused to believe that the app couldn't affect the refresh rate of a graphics card that didn't exist because he was a ~*~developer~*~ and had googled the specs of his machine. Fucker had no idea what the empy PCI-E slots in his lovely Dell Optiplex meant...
|
# ? Feb 4, 2021 17:55 |
|
Arquinsiel posted:I actually had this way back in 2007 when I was but an intern. The solution is "sit further away from the monitor". Get them a USB keyboard and mouse. The dude in my case had his nose about eight inches away from his CRT... There's this massive eyestrain thread on MacRumors on the 15" vs 16" https://forums.macrumors.com/threads/eye-strain-returned-my-2019-16-macbook-pro.2212479/
|
# ? Feb 4, 2021 17:59 |
|
nexxai posted:ok what makes sense to me. they can stand on the porch if they want to talk. if they want to come inside they can ask a judge
|
# ? Feb 4, 2021 18:37 |
|
Bob Morales posted:Would you mind letting me know the result of the suggestions? If you need further assistance, feel free to let me know. If you found the advice in this post helpful, or it solved your problem, please remember to click the Mark as Helpful link below.
|
# ? Feb 4, 2021 19:10 |
|
Bob Morales posted:There's this massive eyestrain thread on MacRumors on the 15" vs 16"
|
# ? Feb 4, 2021 19:16 |
|
Weatherman posted:If you found the advice in this post helpful, or it solved your problem, please remember to click the Mark as Helpful link below. i truly cannot think of a single instance of a suggestion from a Microsoft MVP solving my problem
|
# ? Feb 4, 2021 19:31 |
|
Weedle posted:makes sense to me. they can stand on the porch if they want to talk. if they want to come inside they can ask a judge I was watching a show with my kids and the scene was a federal agent standing on the porch grilling a high schooler with no other adult present. They two then went into the high schoolers house in which the fed continued the interrogation. My pre-teen daughter was full of outrage. “Why doesn’t the kid tell the fed to leave? Why does he keep taking? Why doesn’t he call his dad and say there’s a cop here bothering me?” I am a proud papa and this is my acab story. /derail
|
# ? Feb 5, 2021 01:02 |
|
Agrikk posted:I was watching a show with my kids and the scene was a federal agent standing on the porch grilling a high schooler with no other adult present. They two then went into the high schoolers house in which the fed continued the interrogation.
|
# ? Feb 5, 2021 02:11 |
|
https://twitter.com/OverSoftNL/status/1357296455615197184?s=20 aaahhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh tldr it's a device with an unchangable SSID/password that's a default that is running a barely modified raspbian instance with an easily crackable admin password.. that gives anyone who does that unfettered access to your network.
|
# ? Feb 5, 2021 21:00 |
Jesus loving christ that's bad. But it's not hard to see how things get into that kind of state. I was once presented with a design where the account password fields wouldn't take certain characters. This is usually a red flag that the input isn't properly sanitized (bad). Then later, in the reset password flow, it wouldn't let you reuse previous passwords. This means they were planning to store the old passwords (super bad) and that they could call them up at-will to validate against them against user input (read: probably stored in plaintext, SUPER BAD). I mean, these aren't devs. They're designers. They don't know poo poo about security. But the Product Manager over it all should. If the PM gives this to devs without clarifying, well... Way too many devs just build exactly what they're presented without thought. They're not security people either, usually. Let's just say that I got my buddy in the infosec department together with the PM. The end result: the technical parts of that password flow was redesigned from the ground up with infosec requirements met. But if I hadn't stuck my nose into this...would infosec have ever been brought in? There's an uncomfortably high chance the answer was "no"
|
|
# ? Feb 5, 2021 21:14 |
|
Sometimes sanitisation will just check for those characters and moan at you. It's not necessarily a red flag. Password re-use detection is similarly not always a problem, as long as you're salting correctly. I think Google are still storing your last 30 passwords, for example, although it's been a while since I tested it. It's never a bad idea to get infosec to take a sniff at things before they go live just in case though. Always easier to fix poo poo then rather than have a sudden panic later. Pretty apt MP3 to include in the device too
|
# ? Feb 6, 2021 01:11 |
|
Arquinsiel posted:Sometimes sanitisation will just check for those characters and moan at you. It's not necessarily a red flag. Password re-use detection is similarly not always a problem, as long as you're salting correctly. I think Google are still storing your last 30 passwords, for example, although it's been a while since I tested it. It's never a bad idea to get infosec to take a sniff at things before they go live just in case though. Always easier to fix poo poo then rather than have a sudden panic later. yeah, isn't password reuse checking normally done by comparing stored hashes?
|
# ? Feb 6, 2021 01:17 |
|
Yeah, but there are ways to check wrong though. Password storage is hard.
|
# ? Feb 6, 2021 01:27 |
|
Arquinsiel posted:Yeah, but there are ways to check wrong though. Password storage is hard. one of my favorite error messages that got sent to the local infosec people was "new password too similar to old password."
|
# ? Feb 6, 2021 02:20 |
|
Kurieg posted:one of my favorite error messages that got sent to the local infosec people was "new password too similar to old password." That’s fine if you are entering your current password and new password at the same time, doesn’t involve any storage
|
# ? Feb 6, 2021 02:31 |
|
I signed up for an account for my new elliptical machine yesterday and it promptly e-mailed me the password I set back in plain text. I contacted them and bitched because that's inane on multiple different levels.
|
# ? Feb 6, 2021 03:05 |
|
The Fool posted:That’s fine if you are entering your current password and new password at the same time, doesn’t involve any storage No it was comparing it to one of my stored passwords.
|
# ? Feb 6, 2021 03:10 |
|
shortspecialbus posted:I signed up for an account for my new elliptical machine yesterday and it promptly e-mailed me the password I set back in plain text.
|
# ? Feb 6, 2021 03:22 |
I could swear I saw a password complexity error dialog once that said “you cannot use the following characters” and it was ONLY the characters you would strip out in order to protect against a little bobby tables style SQL insertion attack, like “-“ and “;” and “(“ Meaning they were slapping your input right the gently caress into an unsanitized database query and storing it plaintext.
|
|
# ? Feb 6, 2021 03:42 |
|
Data Graham posted:I could swear I saw a password complexity error dialog once that said “you cannot use the following characters” and it was ONLY the characters you would strip out in order to protect against a little bobby tables style SQL insertion attack, like “-“ and “;” and “(“ One of the e-learning portals I have to use for work does that. Or rather, switched to doing that. They used to have sane password requirements and then suddenly switched to real crazy requirements like that and also forced everyone to change their passwords after logon. My money's on they got breached and just quietly tried to 'fix' it instead of doing the legally required disclosure.
|
# ? Feb 6, 2021 04:08 |
|
dragonshardz posted:A ticket came in. You didn't work in the CRT days. Back then, refresh rate meant something. And what it usually meant was "headache". Back when I was at the ad agency we visited ask.com. The project team brought me along because all they ever did was "Ask Mllaneza". We get onsite and their marketing team takes us to their bullpen for a standup discussion (this is 10 years before Agile, so I think they just couldn't get the boardroom reserved). Every display in the area was set to 60Hz and it was awful. I was instantly angry. Of 10 monitors, all 17" or larger, all of them were set to 60Hz. I interrupted my agency's president to ask permission to change something on every machine right away. They said yes and twenty people stood around watching me kick displays up to 75 or 90 Hz. After the third one the ask.com Marketing department had declared me to be their Lord and Savior. We ended up not getting the business, but even more so than in the projector story, it was not IT's fault. mllaneza fucked around with this message at 04:40 on Feb 6, 2021 |
# ? Feb 6, 2021 04:38 |
|
Bob Morales posted:I saw a post about a Linux job and it says "Working across 24 hour shifts" At least they're honest. This has been my experience with any sysadmin job where linux knowledge is required. I'm starting to believe there's a correlation between "free software" and "employee abuse".
|
# ? Feb 6, 2021 04:42 |
|
Data Graham posted:I could swear I saw a password complexity error dialog once that said “you cannot use the following characters” and it was ONLY the characters you would strip out in order to protect against a little bobby tables style SQL insertion attack, like “-“ and “;” and “(“
|
# ? Feb 6, 2021 17:39 |
|
Do the validation in JavaScript and leave the backend completely vulnerable, this gets you extra points.
|
# ? Feb 6, 2021 18:32 |
|
Thanatosian posted:The first level is "having to set up an account for an elliptical machine," right? Sort of - technically it's just to get the free training videos and such in the app on my ipad. The elliptical itself has no connectivity of any sort, just a convenient spot to rest a tablet or phone and I thought I'd see what their suggested workouts were since I'm new to recumbent ellipticals.
|
# ? Feb 7, 2021 20:35 |
|
"Hi <first name>" message came in teams. On Tuesday. I still haven't answered because they still haven't told me wtf they want.
|
# ? Feb 8, 2021 20:58 |
|
AlexDeGruven posted:"Hi <first name>" message came in teams. On Tuesday. I still haven't answered because they still haven't told me wtf they want. My last three messages from our accounting manager are this, with zero response from me over the course of the last month or so.
|
# ? Feb 8, 2021 21:32 |
|
Slack feature request: When someone sends a "Hi" message, it doesn't actually send until additional context is provided, and warns the user that it's still waiting for an actual message before it gets sent. Maybe if it senses something along the lines of "quick question" it prompts them to include the question first.
|
# ? Feb 8, 2021 21:57 |
Every time this comes up, I just sort of roll my eyes. It's not hard to imagine the following as a verbal conversation. "Hey, Bob!" "Hey Fred, what's up?" "Got a minute to look into something for me?" "Sure!" But god forbid someone does this in a chat. I get there's an argument to be made for INCLUDE EVERYTHING YOU NEED IN THE FIRST MESSAGE, if only for the sake of efficiency, but for gently caress's sake guys. You'd think saying "Hey Fred, what's up?" was a Herculean effort.
|
|
# ? Feb 8, 2021 22:06 |
|
|
# ? May 27, 2024 04:59 |
|
I'm always willing to throw a "Hey, what's up?" back at them but it's on them after that.
|
# ? Feb 8, 2021 22:08 |