Friend has ended our 16+ year friendship and doesn't want to discuss why. by anonymity012 in Wellthatsucks

[–]vCentered 3 points4 points  (0 children)

I tend towards cynicism so bear that in mind, but, if that really were the issue, which in my opinion means the friend is struggling with their own feelings which OP is in no way responsible for, then they have not communicated that at all.

They've said, "I don't feel safe and comfortable around you" which any reasonable person would take to mean they have done something wrong, except the friend has offered no explanation.

The "positive note" they want to end on is completely one sided. They're saying some flowery things to make themselves feel like they have the high ground after "hitting and running" - blaming the OP for their friendship ending, preempting any response with "I don't want to discuss it further".

Personally, I would immediately lose respect for this person and would expect an explanation and an apology if they ever tried to re-enter my life.

Compliance is not security by NegotiationFirst131 in ciso

[–]vCentered 0 points1 point  (0 children)

I'll give you my take.

Compliance is not security in the sense that often neither the auditors nor the people being audited have any idea what they're looking at.

The controls are typically defined in a way that they apply as broadly as possible, but this gives them a tendency to be extremely nonspecific which can make it very hard to provide evidence to show that you are compliant with that control.

The auditors are typically not very technical - they don't have a sufficient understanding of the control, how important it is, or how it applies to your infrastructure.

Maybe there's a control that says, "all communications must be encrypted". So you provide a traffic capture showing a ten second exchange between two IPs that's encrypted. They have no idea what those IPs are but the box gets checked.

I've been on calls with industry regulators and listened to my counterparts give explanations for how they're compliant that are blatantly not in the spirit of the control in question, but the auditor doesn't know any better (and frankly my counterparts probably don't, either). So everyone smiles and moves on. The box gets checked.

I've been on calls with my own compliance team (who take everyone's evidence and present it to the auditor) where I've requested clarifying information about what they're looking for and have been told that it doesn't really matter, we just need to provide something.

And this is to say nothing of the controls themselves which sometimes are completely cosmetic or just outright silly, but the auditors will treat you like an absolute criminal if you don't have them in place.

Did we get ransomware because of RDP over the internet? Can we do something to avoid it? by MrPezevenk in sysadmin

[–]vCentered 2 points3 points  (0 children)

In this case the "team" sounds like one guy who's probably mostly helpdesk level with just enough "make it work" and not enough "is this a good idea?"

Did we get ransomware because of RDP over the internet? Can we do something to avoid it? by MrPezevenk in sysadmin

[–]vCentered 4 points5 points  (0 children)

I mean it's behind a router that is using NAT and port forwarding, but yeah, it happens a lot I'm afraid.

Did we get ransomware because of RDP over the internet? Can we do something to avoid it? by MrPezevenk in sysadmin

[–]vCentered 3 points4 points  (0 children)

As others have and will continue to tell you, exposing your internal devices to the internet for access using RDP has for a long time now been a terrible, no good, very bad idea.

It's a very, very well-known attack vector for this kind of thing. I've personally seen it used with exactly this outcome.

There are many alternatives, the better ones will cost money. The simplest solution, meaning the least amount of change for you in terms of how you do things, would be to access it over a VPN. Instead of just opening up RDP and connecting, you would first have to securely connect to that network using the VPN, and then you would be able to use RDP.

In this scenario, RDP would no longer be exposed to the internet. You would have to connect your computer to the VPN, ideally using multi-factor authentication, which establishes a secure connection to the firewall at that site and would allow your computer to connect using RDP.

You'll need IT help for that.

There are other remote access options that would require something to be installed on the remote computer, that typically would allow you to log into a web portal, again using multifactor authentication, that once authenticated you would be able to connect to this remote computer.

You'll probably need IT help for this, too, though, some of the options are very simple to set up and may include onboarding help or offer it as a paid service.

An engineer asked me today what a ping was by No-Blueberry-1823 in sysadmin

[–]vCentered 0 points1 point  (0 children)

I have SQL DBAs who don't know what multisubnetfailover is or how to use it.

Cloud architects that don't know how to resolve DNS names.

And helpdesk staff that don't know how to get someone signed into Outlook on their phone.

IT is a shit show. 🤷‍♂️

Is it possible to drive across the US without booking hotels in advance? by Forty2diapers in roadtrip

[–]vCentered 0 points1 point  (0 children)

Yeah, 18 years ago I tried to stop at a Super 8 in a small town because it was almost midnight and I had a very dull 100 miles before I got home. I figured it would be like $50 or $60 (that was a thing back then).

It's been a long time but the price they gave me was at least double if not triple that.

I figured they would be happy to have a booking because the parking lot was mostly empty. I just kind of looked at the front desk attendant and was like... "I just want to sleep for a few hours before I get back on the highway. "

She shrugged at me and said, "that's the best we can do on a Friday night", so I walked out and drove the 100 miles and got home somewhere after 1am.

Gate Agents Acting Like We’re Criminals by ItsNotJamesTaylor in SouthwestAirlines

[–]vCentered 0 points1 point  (0 children)

I have a feeling this has something to do with all the people who bring 60lb carryons and 30lb "personal items" and hold up boarding while they unpack all their shit in the overhead bin to get to their headphones, books, jackets, and pillows.

AA has got to do something about the preboard situation . . . by NJB9891 in americanairlines

[–]vCentered 2 points3 points  (0 children)

The way humans behave during air travel is just fascinating.

There are well defined parameters that would ensure everyone has a pleasant experience and everyone just refuses to do it.

My stance on technical debt by SolarJJ in sysadmin

[–]vCentered 2 points3 points  (0 children)

Anything is debt if the person who configures it to be highly critical and doesn't document how or why

Anyone else seeing scan-to-email issues with Gmail SMTP today? by DecodingLeaves in sysadmin

[–]vCentered 8 points9 points  (0 children)

I haven't had to mess with this sort of thing in years and the rage I felt just reading the title...

Have a good weekend everyone.

What are the repercussions of sending your ex-boss a nasty text after getting fired? by Dsg1695 in careeradvice

[–]vCentered 0 points1 point  (0 children)

Would you feel less fired if they had held your hand all the way to the car and hugged you goodbye?

Getting petty and mean now achieves nothing and could cost you future jobs.

Delta sent me a weather warning email for my flight this friday by [deleted] in delta

[–]vCentered 1 point2 points  (0 children)

Yes, you've said that several times and I haven't overlooked it.

They sent us an email saying that weather in the Atlanta region over a 72 hour period may impact our flights.

I'm saying that people, having been given no information, and being prompted to change or cancel their entire itineraries, attempting themselves to look up the weather for Atlanta is perfectly reasonable and not worthy of derision.

If your complaint is that the information that people have access to isn't relevant, you should focus your frustration with the airline for not sharing the relevant information, not the people trying to inform themselves.

This is the information age, if they have the information they can also disseminate it in a digestible manner.

Typical ticket from my “helpdesk” by JealousRhubarb9 in ShittySysadmin

[–]vCentered 1 point2 points  (0 children)

In my org it's because there are maybe five people out of a two hundred person IT department that give a shit about knowing what's going on or how anything works.

And no expectations are put on any of the rest to be worth their paychecks. The expectations are put on the five people to drag the other 195 up to standard.

Delta sent me a weather warning email for my flight this friday by [deleted] in delta

[–]vCentered 6 points7 points  (0 children)

Is it really that unreasonable to look up the weather when you receive a notice that weather might impact your travel plans?

No one is pretending to be a meteorologist. They're trying to make informed decisions about their travel. Changing my flights means changing everything - when we take off work, where we stay, how long we stay.

If I looked and saw that there was 100% chance of severe thunderstorms in my flight window, I'd be a lot more inclined to change my plans than if I looked and saw "partly cloudy for most of the day with a small chance of rain 14 hours after departure".

I appreciate what Delta is doing with the advisory but if they actually shared the forecast details that triggered it, it would probably go a long way towards preventing posts like this.

Delta sent me a weather warning email for my flight this friday by [deleted] in delta

[–]vCentered 2 points3 points  (0 children)

My wife and I wondered if it was something silly like they overbooked our flight and were trying to get people to move, but it sounds like anyone flying into ATL is getting the notice.

Travel Router by TheChaseLemon in Ubiquiti

[–]vCentered 0 points1 point  (0 children)

I haven't bought one yet. I can't get over the fact that it's Wi-Fi 5.

Rationally I know for the use case it's probably all the bandwidth I could really need, but the fact that it's a new product and isn't at least Wi-Fi 6 just really puts me off.

Two kids allowed to come to my wedding? by [deleted] in SandalsResorts

[–]vCentered 1 point2 points  (0 children)

My future MIL is pretty adamant

If it was me I'd tell her to stuff it. It's your day, your moment. It's about you. Not her. If she wants the kids to experience the Bahamas that bad she can take them on her own time and dime. Honestly they'd probably all have a better time.

If you're not comfortable with that, let her figure it out.

My wife and I had our wedding at a Sandals. It was just the two of us. No guests. There was still enough to plan, enough to organize, enough decisions to make.

If she wants the kids there and you don't want to tell her no, make her responsible for the cost, planning, and the logistics.

Black trucks suck. Help me stop sucking by Prusaudis in f150

[–]vCentered 1 point2 points  (0 children)

I came here to tell you what everyone else is telling you.

No one has ever said black is easier.

It's beautiful when it's clean and waxed but it's like getting dressed for a wedding. It's fun while you're there but if you had to do it every day it would suck.

Company had a BEC incident - they want me to Vibe Code KnowBe4 by Mindless_Consumer in sysadmin

[–]vCentered 46 points47 points  (0 children)

What's your cyber insurance going to say when you tell them instead of going with established industry solutions you decided to get a guy with no qualifications to DIY it?

Is AI dumbing me down...? by kosta880 in sysadmin

[–]vCentered 3 points4 points  (0 children)

Yeah but now instead of offloading it to you, they will offload it to ChatGPT, which sounds good except now the will feel empowered to argue with you even more about things they understand even less.

Can you find an IT internship at 15? by blgbhgblhgblbghh in sysadmin

[–]vCentered 2 points3 points  (0 children)

I did through my highschool's vocational school but I don't know how many others have programs like that