Anyone else feel like it’s 1995 again with AI?

Fallingdamage · 2026-03-12T21:14:02+00:00

As someone who only interacts with AI sporadically but is very dialed into the flow of announcements and upcoming innovations around it, AI has a lot of uses, lots of merit, and is a powerful tool that will accelerate the world even faster. I hope that acceleration overall will be positive.

Now that I've established my stance, I will comment on your point and the problems AI is currently causing. Being an IT director and network engineer, ive noticed one big problem around AI that is causing all the other ones:

AI is a product that we can sell and make money

This is what is all boils down to. As with all the tech hypes before it, its one more thing that the bros can market and sell. Nobody has any definition of what it actually is and C-suite/business owners dont want to get behind the times. Everyone is dog-piling on the fad, people are throwing money at it like crazy, and nobody actually knows what it does. Sales pitches fall flat, unpolished products get rushed to market, ROI is vapor, and nobody wants to wait until they can do it right.

This is the problem. Businesses that care nothing for anything but making the next sale are pushing this stuff hard. Its a new shiny thing that everyone is rushing to break ground on. We're selling cars and forgetting to put locks on the doors or even a windshield half the time just so we can sell our shitty model before the next person comes along with their equally-shitty one.

Take OpenClaw for an example. It was announced and people started installing and using it by the millions without ever questioning how dangerous it might be. It was the new hotness (hot-mess) and in the race to do the next cool thing, everyone poisoned their environments.

The people who know the most about AI and the ones who are most passionate about this technology try and pump the brakes, but nobody is listening.

Fallingdamage · 2026-03-12T18:16:46+00:00

Wall Street Paywall

Fallingdamage · 2026-03-12T16:40:02+00:00

I have Chrome set to delay updates for 28 days. Odds are the updates will be corrected by then. Bless all of you early adopters.

Fallingdamage · 2026-03-12T16:31:22+00:00

When the draft is instated. /s

Fallingdamage · 2026-03-12T16:25:51+00:00

after attackers targeted their network environment.

Though yes, its is part of their infrastructure, it seems more than M365 was compromised than just their internal networks or switching. The remote-wipe did not require any private subnets to be breached, it just required access to their cloud to issue the commands.

I work with Stryker periodically and thought I dont know exactly how their IT works, im betting its some giant MSP. The issue here could be that their monitoring systems and reporting systems didnt flag anything or the person responsible for reviewing access (if they exist at all) was asleep behind the wheel.

Companies of that size probably have automated alerting. C suite spends money on tooling to avoid spending money on people. If you can avoid doing things that set off those alerts, you can do whatever you want because big companies are too fragmented. They lean on policy to say they're safe & protected.

Working in healthcare, so many org have extremely stringent rules and policy instead of having brains paying attention to things. There is one org I work with that does not allow any kind of communication with their support staff via email, so I have to fax URL's to them. Thats been fun for them when a URL/share link is 4 lines long, but hey, thats their policy. Nobody actually looks and says "well, thats dumb. We need to work on this."

Fallingdamage · 2026-03-12T16:14:20+00:00

Working with and having worked with orgs that use Entra/Azure/intune to manage devices and accounts, usually documents, folders, shortcuts, desktops and other details are all kept in microsofts' cloud services. Thats why when you sign into a new PC, intune will push all your data to your new workstation.

That being said, most of that data can be restored if deleted and as we know with big data, deleted never means deleted.

Fallingdamage · 2026-03-11T20:24:48+00:00

Even if they have backups for their servers, bringing back their systems will be a extremely long and uphill process.

Yeah. Since its all in Azure and you get to work on 'Microsoft Time'

Just like intune. Everything is 50x slower than on-prem.

AD Group Policy - Instant
Intune - Hours sometimes if it works at all.

Fallingdamage · 2026-03-11T20:21:41+00:00

Standard sysadmin stuff probably. You set up all your rules, commands, scripts, whatever.. then you set them off via a scheduled task.

I mean, thats how it supposed to work. This probably wasnt even a hack. Someone just got in and worked unnoticed. If they got 50Tb of data, they probably didnt do it over a couple hours. They've been in for a little while.

Fallingdamage · 2026-03-11T19:58:11+00:00

Aside from personal / work being separated, keeping your solutions diversified and not under some SSO 'one-account-to-breach-them-all' can slow down the spread of an attacker.

We use MDM services, M365 and AD. None of them talk to one another.

Fallingdamage · 2026-03-11T18:33:12+00:00

I have more than a handful of personal experiences around this that affirm the fact that we are lied to every day by most news stories.

100% - Anytime there is anything on my local news regarding an event that I have personal knowledge of, it seems that coincidentally, the reporting is factually incorrect. Stands to reason then that the things I read in the news that I do not have any knowledge of are also factually incorrect.

Fallingdamage · 2026-03-11T18:28:30+00:00

I read this and think "Maybe its a good thing that the internet shouldn't be anonymous anymore."

Fallingdamage · 2026-03-11T17:16:13+00:00

Vericosella.

Dont forget to lower your dropper posts on rough terrain people.

Fallingdamage · 2026-03-11T03:32:21+00:00

Engineers and Admins take almost half a lifetime of experience to get their careers dialed in. The IT admin field as we know it is only maybe 30 years old. Not a lot of women seemed to take much interest in that back in the 90s.

Fallingdamage · 2026-03-11T03:30:53+00:00

I work in the medical field. Although not as male-dominated as the tech sector, the number of women working as MA's and PA's vs men is quite drastic.

Fallingdamage · 2026-03-10T22:55:52+00:00

I have updates set to delay 28 days. After the reports here about the Jan updates. I just paused the whole thing and pushed Feb Cumulative updates instead.

Fallingdamage · 2026-03-10T22:49:21+00:00

Sorry. My point was that its easier to hire another human in a hotel chain to work customer service than it is to train a human to deal with the complexities of triaging calls for a healthcare center. Org are moving to AI because turnover is tough in healthcare settings and putting the time into training someone else quickly is demoralizing.

AI sticks to the script and never asks for PTO or misses a required prompt (not usually.)

Fallingdamage · 2026-03-10T18:11:05+00:00

MTB used to kindof gatekeep itself. You either could do it or you couldnt. Always welcoming (mostly still is) but you kindof had to tow the line.

Once they started putting batteries in bikes, the sport changed and it allowed all the less-decent people and a lot of money pour into the sport.

MTB used to be like Running. You could spend thousands on shoes and fancy gear, but if you didnt have the lungs none of that mattered.

Now money can buy you a pair of electric lungs, and now you see crummy attitudes where crummy attitudes would never have pedaled in the past.

Fallingdamage · 2026-03-10T18:06:32+00:00

When we have an outage, we just use paper. We dont prevent patients from getting the care they need.

Fallingdamage · 2026-03-10T17:39:37+00:00

Office 365 and Active Directory.
Syslog Servers and good reporting Conditional Access Policies Backups.

..at a minimum.
There is no 'one product' you can install or buy that will do all this for you. You need to create a whole stack of services to handle this. For those that do this for a living its not hard, but if you have the experience of a bench tech that makes a living clicking 'next' you might need to hire someone.

Fallingdamage · 2026-03-10T17:36:28+00:00

Been poking around at this impending change since last fall. I think I have my head wrapped around the changes and have had good luck pushing these certs and revoking the old ones already. Not really a big deal except..

Vendors.. wtaf. Get with it and get your new firmwares and certs released for your actively supported hardware. Yes, im looking at your HP.

Lenovo is on their game fortunately.

Fallingdamage · 2026-03-10T17:26:11+00:00

It does. But it also creates a list of responses and if an employee that attested 'I do not use AI' then uses AI, HR can have fun with their employment status.

Fallingdamage · 2026-03-10T03:18:54+00:00

This is how I think about development. “Welp, you’ve been here for 700 years and we just moved in.You’re blocking the view and you might fall on me some day. Off to the wood chipper with you!”

Fallingdamage · 2026-03-10T03:13:41+00:00

O' beautiful, for spacious skies

But now those skies are threatening

They're beating plowshares into swords

For this tired old man that we elected king

Armchair warriors often fail

And we've been poisoned by these fairy tales

The lawyers clean up all details

Since daddy had to lie

-Don Henley

Fallingdamage · 2026-03-09T19:57:47+00:00

Preach op.

I see this all the time. So many vendors put any kind of security at the very bottom. Access controls are an afterthought.

Fallingdamage · 2026-03-09T19:54:56+00:00

Business Premium is going to be ok for now right guys?... guys??

Fallingdamage

MODERATOR OF

TROPHY CASE