|
That mirrors our relationship with Esri. We currently spend a not insignificant chunk of our budget on the annual license renewal. They said they wanted more money, more than our entire budget in fact. So we are just dropping them. I guess they prefer making no money over not making all the money.
|
#
¿
Dec 27, 2019 17:56
|
|
|
|
| # ¿ May 10, 2024 16:49 |
|
|
CloFan posted:Sup academia friends, having a guaranteed two week winter break is pretty nice yeah? I'm paid like poo poo, but I have 30 days vacation a year, so yay? My workplace is shut down except for experiments that can't be turned off. They even turn down the heating over the holiday.
|
|
#
¿
Dec 27, 2019 22:49
|
|
|
Sickening posted:If I stopped implementing policies like this because there was a narrow/tedious work around how many security policies would I have left? Well, you'd be left with those that actually work 
|
|
#
¿
Jan 21, 2020 11:40
|
|
|
CLAM DOWN posted:2008 is end of life.... How very apropros, that's how I feel after trying in vain to move license servers off a 2008 box without everything blowing apart…
|
|
#
¿
Jan 23, 2020 16:36
|
|
|
MF_James posted:I have a customer with a win2k box. Yes, they are in manufacturing, why do you ask? The electron microprobe is connected to several Win98 PCs… Luckily, that's an SEP.
|
|
#
¿
Jan 23, 2020 19:55
|
|
|
bull3964 posted:Our org locked down webmail so it can only be accessed by a corporate machine due to the concern that someone could screenshot or copy and paste data out of the browser on to an unsecured machine. Your org uses whatsapp or a similar service for collaboration, just not officially.
|
|
#
¿
Jan 26, 2020 17:02
|
|
|
Meanwhile, I got to work to this fun email:"" posted:ZFS has detected an io error:  That's one of our data graves. It's a large array for storing research data and I know for a fact that not all of it is backed up. And even the stuff that's backed up would be a very lengthy restore. code:Look like 9 UREs, but the disk is otherwise healthy…
|
|
#
¿
Feb 3, 2020 09:50
|
|
|
devmd01 posted:So uh, Microsoft isn’t having a good week, are they? That's our default anyway. 
|
|
#
¿
Feb 5, 2020 16:55
|
|
|
I think you could get really, really far just with all the really dumb low-hanging fruit stuff. I'm not convinced fancy books are going to help that much because when you look at how orgs get owned, it's universally for an insanely dumb reason. Using my sysadmin knowledge I could own us all day every day and stay undetected until I blkdiscard all devices on all boxen simultaneously. My first foray into this was sitting at home with a nonfunctional VPN but still wanting to wfh. So I found a way in (misconfigured network ACL exposing ssh on a host that had password based auth active), fixed the VPN and fixed my "backdoor". And I thought "blimey, how many more of this is there?" OH GOD HOW MUCH MORE IS THERE THAT MANGLEMENT WON'T LET ME FIX Realistically, what will get you owned isn't some 1337 h4x0r stack-overflowing some arcane bits in your network stack. It's the county password inspector calling a manager or some webdevs not updating their Apache Struts despite known security vulnerabilities. All really obvious
|
|
#
¿
Feb 6, 2020 00:04
|
|
|
I used to do IT consulting with a focus on integration work. Basically defusing time bombs hacked into the clients org by the last contractor, then putting in my own because nobody has time for a proper fix. Learned a lot, never want to work like that again. So I did what every reasonable person does, I went public sector to work for less money. The insitute I work for does a lot of earth science, i.e. both climate change research and how the earth works (to extract more oil and gas). Gotta say though, they have some cool poo poo. Earth radar, an electron microprobe (running win98  ), gigantic hydraulic presses that can apply about 600MPa pressure from all directions, drones…
|
|
#
¿
Feb 8, 2020 00:03
|
|
|
vivat virtute posted:All these subnet posts are like Timecube to me Nor surprising. For some reason people overcomplicate them into insanity. The prevalence of dotted quad notation for ipv4 addresses doesn't help, because a /23's boundaries don't align neatly with the last octet and people forget that dotted quad notation is a common representation of an address, but not the address itself. All one needs to remember is that the subnet mask defines how many contiguous bits of the IP are reserved for the network address. There are 32 bits in an ipv4 address, so a /30 would leave two bits for addresses and you can have 30 bits worth of networks. If you want to know exact dimensions, use a calculator. The only use for a subnet mask is so a computer can decide whether a given IP is on its own network and can be sent directly, or if it has to consult its routing table to find a router responsible for that network. That's why subnet mismatches between devices are so fun to debug, because A may think it can reach B directly, but B may not
|
|
#
¿
Feb 8, 2020 17:21
|
|
|
The Iron Rose posted:one of the guys on there used to run his fingers through my hair all the time Er. Wat.
|
|
#
¿
Feb 8, 2020 17:22
|
|
|
The two magic words are Neighbour Discovery Protocol (NDP) (for addresses) and DHCPv6 (for other information). Router Advertisements (part of NDP) are basically announcements "here be router, here be subnet, pick an address, any address, and send your traffic here" whereas DHCPv6 is fairly close to its v4 version.
|
|
#
¿
Feb 10, 2020 22:41
|
|
|
Vargatron posted:the installer package can't be trusted drat right. 
|
|
#
¿
Feb 11, 2020 18:59
|
|
|
Add anything with software. Have you seen the software? Doesn't matter where, have you seen it? It's universally awful and a small wonder it hasn't killed anyone yet. In some places the software has killed people, and you don't want to work there, but if you are working with software, your software is going to kill someone some day. And now I've written 'software' so many times the word has gone funny to me. Soft-ware. It's soft, like your innards. The ware is poo poo, also like a lot of your innards. Have you tried farming goats instead?
|
|
#
¿
Feb 12, 2020 16:25
|
|
|
Well, at least it's not a raised floor. Also, is that a Zlad! reference in your AV?!
|
|
#
¿
Feb 17, 2020 14:10
|
|
|
devmd01 posted:all systems go  I've never seen anyone else acknowledge the awesomeness that is Zlad! Prepare for downcount!
|
|
#
¿
Feb 17, 2020 17:16
|
|
|
Methanar posted:Sharing an l2 domain with an untrusted 3rd party is an interesting choice. We have, for contrived reasons that are complex even for university IT, a /26 allocated to one of our computer pools. However, policy apparently was to allocate VLANs per building, so we are actually within an l2 we share with the other networks carved from the /24 allocated to the building. It's fascinating to watch. One neighbor institute has a server 2003 machine running there that is broadcasting garbage and there's nothing we can do about it because we don't know who that is or who is responsible. Listening in on their traffic is equal parts entertaining in a "ha ha look at those freaks" kind of way, but also horrifying because we are network room mates…
|
|
#
¿
Feb 21, 2020 15:10
|
|
|
Super Slash posted:I mean people already complain about transfer speeds from home when working on our several terabyte game projects, so this'll be a hoot with god knows how many hundreds of staff. Sounds like you need Citrix for those people so they don't have to transfer terabytes of stuff over the network, onto networks/computers out of your control. You can decide for yourself how serious I am.
|
|
#
¿
Feb 26, 2020 14:57
|
|
|
I was browsing through the 167 tunables of the zfs kernel module when I found this:quote:zfs_admin_snapshot I've been thinking about this since it defaults to on. Is this a good thing or not? I didn't know this feature existed and it never occurred to me to try. It's certainly very POSIXy, but an out of control rm -rf could also nuke the snapshots and force us to restore huge double-digit TB data from backup, if we expose the .zfs subdirectory, which we do, because hiding special folders entirely is not very POSIXy. Also: ZFS apparently has the concept of a "prescient prefetch" and the docs say they have a 100% hit rate. I'm convinced this is literally magic because the actual mechanism is really boring and doesn't do "prescient" justice.
|
|
#
¿
Feb 27, 2020 12:17
|
|
|
Anyone with root access to the fs also has access to the ZFS management commands and we have no no_root_squash exports outside of hypervisor-internal networks. After stewing on it a bit I think I'll disable the feature because I want fs management commands to be run through the management interface and this can potentially torpedo the reason why we are using snapshots in the first place. On the other hand, and I just thought of this, a recursive rm would skip because snapshots represent a file system boundary or error out because everything below is read only. Hrm. We have a few users who know of the .zfs directory and they can use it to restore their own files. It's really convenient because it contains the last 168 hourly snapshots while the backup runs daily. Note that the .zfs is at the root of the dataset, similar to the lost+found you get with ext4, so it's not littered everywhere. Using ZFS is a little weird in general tbh., because a lot of POSIX was designed with assumptions about storage that simply do not apply and do not map well. Inline compression alone is confusing as hell to deal with and quota accounting is a can of worms whether you want space used by snapshots to count against someone's quota or not.
|
|
#
¿
Feb 27, 2020 16:18
|
|
|
 We deleted some stuff and I watched it get garbage collected 
|
|
#
¿
Feb 27, 2020 16:32
|
|
|
It's a bit surreal that writing zeroes to something makes it take less space, but such is the weird world of storage. Another 400GB freed. Hooray. It'll be interesting to see how the virus shakes up my workplace. Right now it is being treated like another influenza. I don't have an official wfh arrangement but during the last heat wave we were told that we could work from home regardless if it got too hot. That was a nice few days of work, but then summer was over again and I had to go back to my office…
|
|
#
¿
Feb 28, 2020 15:47
|
|
|
taqueso posted:they were trained on voice only conference long ago and it never occurred to them that they aren't helping I've been trained on Eve Online voice comms.  You'll never even think of using anything but push to talk ever again.
|
|
#
¿
Feb 29, 2020 10:20
|
|
|
The Fool posted:Same, and I’m seriously considering setting the max attachment size in exchange to 0 bytes. We've had a Megabyte for some time. Everything else goes to Nextcloud. There are some attachments you want to keep, mostly signature stuff, vcard crap etc. The worst thing about email attachments is that base64 overhead is really huge…
|
|
#
¿
Mar 3, 2020 10:41
|
|
|
Tab8715 posted:Real talk, Hello. Can't really find a compelling use case. Everything "Cloud" is at least one order of magnitude more expensive while bordering on unusable from a performance standpoint. Not to mention that none of them seem to offer (multi) 10Gbit connections to us. Of course, apart from that there are some problems because a number of large cloud vendors are within the jurisdiction of a hostile country. A not insignificant number of them have in the past blocked some of our researchers for example. Domestic vendors are more trustworthy and cheaper, but they are still an order of magnitude more expensive.
|
|
#
¿
Mar 6, 2020 09:26
|
|
|
Wibla posted:drat, where are you located? Northern Germany, at a university. We have a very international group of researchers and half a petabyte of hot data.
|
|
#
¿
Mar 6, 2020 15:06
|
|
|
I'm referring to "what if we hosted this somewhere else". We have large amounts of data with a requirement for low latency and good throughput to local workstations. Every time I price out equivalent offerings it gets obscenely expensive compared to the bunch of whitebox ZFS hosts we currently have.
|
|
#
¿
Mar 6, 2020 19:25
|
|
|
Tab8715 posted:What kind of application is that exactly? This sounds like more of the exception than the norm. What do you mean with "application"? This is research. Code to process data is being written all the time. Some of it gets pushed to big iron in the end, but that's near the end of someone's dissertation. The maddening part of speaking to cloud evangelists is that they cannot comprehend something that isn't web poo poo. You could be running weather simulations on HPC and some knucklehead would start talking about "oh, sure, if you're just doing a lift and shift…  ".
|
|
#
¿
Mar 6, 2020 21:28
|
|
|
Tab8715 posted:What does this code provide? I do not understand that question. It provides a stream of processed data on stdout? A GUI to interpret GPR data without having to manually interpret an 8TB dataset? Antigravitas fucked around with this message at 09:27 on Mar 7, 2020 |
|
#
¿
Mar 7, 2020 09:25
|
|
|
FISHMANPET posted:a server that will last ~5 years will cost them $8k, but the same use case in Azure will cost $30k over 5 years. Yeah, it's even worse for us. I sometimes check but just traffic costs would murder us, storage would blow through our entire budget several times over. Like, for giggles, price out 5 years of 120TB hot block storage and, say, 2 years of a 16 core 96GB RAM machine.
|
|
#
¿
Mar 7, 2020 21:24
|
|
|
120TB in S3 is over an order of magnitude more expensive before bandwidth costs. Just storage, not accessing it. Also, LOL at the thought to trying to teach everyone how to use hadoop. At least it's only several times more expensive than what we have.
|
|
#
¿
Mar 7, 2020 22:51
|
|
|
It's not about security. In some processes lawmakers have said that faxes are fine, or even equivalent to sending dead tree. People got used to it but can't figure out scanner and mailing, in no small part because software is garbage, printers are hot garbage, scanners are the devil, and combining all of them leads to tears and suffering. And I beg to differ regarding fax machines. They are absolutely everywhere.
|
|
#
¿
Mar 9, 2020 18:21
|
|
|
No, I mean a literal single-purpose fax machine. Absolutely everywhere, especially around anything manufacturing related. MFPs are garbage at faxing.
|
|
#
¿
Mar 9, 2020 18:42
|
|
|
We've been using OTRS for ages but might want to switch because we've had a string of bad SMIME bugs with it. A lot of ticket systems seem to focus on some convoluted web crap but that's not how we work. The public interface for everyone in the org is email. They send to our published mail addresses, they get mail back. We prioritise and sort incoming tickets ourselves. Only people answering tickets ever interact with the web trash.
|
|
#
¿
Mar 9, 2020 21:28
|
|
|
Blinkz0rz posted:Why in God's name would you browse the forums on a work network, much less your work computer? Why would I not? I am always spinning many plates at once but at some point I just have to wait for something to finish and I have a few minutes to read internet forums.
|
|
#
¿
Mar 10, 2020 23:52
|
|
|
Shut up Meg posted:a cat that you believe understands every word you say. What are you implying? My cat is a very attentive listener
|
|
#
¿
Mar 11, 2020 00:07
|
|
|
Sirotan posted:No directives yet for staff.  You'd think, considering current developments, that it would be prudent to perhaps involve IT in planning so people can do their work remotely. But, as usual, nobody seems to consider involving IT in this, so when the state ministry decides to close the university they'll be shocked that nothing was prepared. I don't feel like wildly implementing things like a headless chicken when there's a good chance they'll never be used. So, so far, only select few people have VPN access, and only two people (colleague and me) have "backdoor" access via ssh tunneling over a bastion host.
|
|
#
¿
Mar 11, 2020 22:21
|
|
|
Thanks Ants posted:I wonder which firewall vendor is going to be the first to offer free VPN client licenses that are valid for the next month, to buy some PR points I wonder which AV vendor is going to go for the obvious and extremely tasteless PR opportunity.
|
|
#
¿
Mar 12, 2020 19:37
|
|
|
|
| # ¿ May 10, 2024 16:49 |
|
|
There is no chance in hell I'm going to jump ship from my position as a state employee considering the storm on the horizon. I guess it all depends on whether you think your new employment is more recession proof than your current one.
|
|
#
¿
Mar 12, 2020 21:50
|
|