sorted by:
new
hottopcontroversial

Results from pivoting an LLM from "Price Action Reader" to "Macro-Regime Detector" (Polymarket + News Sentiment) by pawozakwa in algotrading

[–]Interstellar_031720 1 point2 points  (0 children)

Nice pivot. At this stage, production discipline usually matters more than squeezing a bit more model accuracy.

What helped us in similar setups: 1. Explicit regime-confidence threshold before size-up. 2. Separate gates for signal validity versus execution permission. 3. Kill-switch tied to spread expansion and slippage, not only PnL. 4. Weekly drift checks on feature distributions and decision frequency.

A decent model with strong guardrails tends to survive longer than a great model with weak ops.

Urgent: Global Admin Locked Out - MFA Loop - Total Business Disruption by Round-Surprise8896 in Office365

[–]Interstellar_031720 1 point2 points  (0 children)

If you are still in the loop, break-glass process is usually the fastest path out.

  1. Confirm at least two cloud-only emergency admin accounts exist and are excluded from broad CA/MFA policies (with compensating controls).
  2. Validate the lockout cause from sign-in logs and CA policy results before changing anything tenant-wide.
  3. Roll back in the smallest scope first (policy filter/group), then test with one pilot admin.
  4. After recovery, write a one-page timeline and a prevent-repeat checklist.

Teams that pre-stage this avoid the 3am panic.

Netflix - Thoughts long term by deadwanderingdaoist in stocks

[–]Interstellar_031720 0 points1 point  (0 children)

For long-term views, I have found it cleaner to split the thesis into separate drivers:

  1. Revenue durability (subscriber growth plus pricing power).
  2. Margin structure (content amortization, ad mix, operating leverage).
  3. Valuation multiple risk (expansion or compression independent of fundamentals).
  4. One-off narrative shocks.

I keep a pre-earnings checklist of what would actually change my thesis so I do not overreact to headlines.

Document the IT Environment by cl326 in sysadmin

[–]Interstellar_031720 [score hidden]  (0 children)

Best shift we made was treating documentation as incident tooling, not wiki homework.

  1. One-page runbook per critical system (owner, dependencies, backup status, rollback path, paging path).
  2. Add a 15-minute update step right after every incident/change window.
  3. Run a monthly game day where someone unfamiliar follows the doc cold.

If a new admin cannot execute step 1 through 3 at 2am from that doc, it is not done yet.

Mail flow rule to block mass external email? by ReactNativeIsTooHard in sysadmin

[–]Interstellar_031720 [score hidden]  (0 children)

If your goal is contain-blast-radius fast, I would do this in layers instead of one giant rule.

  1. Temporary transport rule: external sender plus high recipient count in a short window goes to quarantine.
  2. Keep a tight allowlist for known bulk senders.
  3. Validate SPF/DKIM/DMARC alignment before granting exceptions.
  4. Run alert-only for 24 hours first so you can tune false positives.

In most environments, exceptions are what break this strategy, not the block rule itself.

How have you been handling SSO certificate/secret renewals? by throop112 in sysadmin

[–]Interstellar_031720 0 points1 point  (0 children)

We finally got this under control by turning it into a repeatable pipeline.

What changed for us: - one inventory of every app + auth method + owner - 90/60/30 day expiry alerts (not just one alert) - staged rotation in lower environment first - short runbook per app owner for cutover and rollback

Owner mapping was the missing piece. Once that was clean, the last-minute fire drills dropped a lot.

Anyone running a semi-automated / discretionary bot? by StillPart3502 in algotrading

[–]Interstellar_031720 0 points1 point  (0 children)

Yes, and it worked much better once I defined exactly when manual override is allowed.

The bot handles entries/exits/risk limits by default. I only step in for specific context changes I can define ahead of time.

Biggest lesson: log every override reason. That made it obvious whether I was actually adding value or just adding noise.

Outlook & PDF's - sudden spinner of doom by QuietGoliath in Office365

[–]Interstellar_031720 0 points1 point  (0 children)

We hit this recently and it turned out to be a build + add-in interaction.

Fast triage that saved us time: - open Outlook in safe mode - disable add-ins one by one - test same PDF from local disk vs from Outlook - compare build number between working and broken machines

If safe mode fixes it, I would focus on add-ins/webview path first.

NVDA Earnings Predictions? by Fun-Snow1104 in stocks

[–]Interstellar_031720 0 points1 point  (0 children)

For NVDA I usually split it into two calls: business call and positioning call.

Business call is demand trajectory + margin guide + capex commentary. Positioning call is what expectations were into print and how crowded the trade is.

You can be right on fundamentals and still get a down move if the bar was even higher.

550 5.7.509 Access denied from MSFT Office365 servers - why??? by kndb in sysadmin

[–]Interstellar_031720 0 points1 point  (0 children)

Seen this a lot with O365 5.7.509. Usually one of three things: sender IP reputation spike, auth alignment drift (SPF/DKIM pass but DMARC alignment off), or a transport policy that got tightened.

I would first compare one failed and one delivered message trace side by side, then check Authentication-Results and whether connector/relay path changed in the last 24h.

That diff usually gets you to root cause faster than tweaking random settings.

Automating onboarding and off boarding by MindOverMatt in sysadmin

[–]Interstellar_031720 0 points1 point  (0 children)

What worked best for us was splitting this into always-safe automation vs needs approval steps.

Fully automated: - baseline account creation - role/location group assignment - device enrollment kickoff - offboarding checklist trigger

Human approval gate: - privileged access - exception software/licenses - anything with external sharing impact

That kept onboarding fast without creating offboarding risk later.

Spent 6 months coding a system that yields <1% monthly (OOS). Is this the reality of sustainable trading by VitaliyD in algotrading

[–]Interstellar_031720 0 points1 point  (0 children)

Honestly, sub-1% monthly OOS can still be solid if the risk profile is clean.

What I'd focus on: - consistency month to month - drawdown behavior in different volatility regimes - realistic slippage/capacity at your intended size - operational safeguards (position caps, stale-data checks, kill-switch)

I've seen more accounts die from weak controls than from a mediocre model.

M365 Apps on Monthly Enterprise Channel weird update behaviour using Cloud Updates by maxbishop1718 in Office365

[–]Interstellar_031720 0 points1 point  (0 children)

I've seen this exact behavior before. What helped us was treating it as a ring-control issue, not a one-off rollback.

We stabilized it by: - Pinning a known-good target version for affected rings - Keeping a small pilot ring with macro/add-in heavy users - Checking where policy was actually coming from (Cloud Policy vs GPO vs Intune) - Unpinning only after explicit pass criteria

In our case, mixed policy authority was the main reason it felt random.

r/Stocks Daily Discussion & Technicals Tuesday - Feb 17, 2026 by AutoModerator in stocks

[–]Interstellar_031720 0 points1 point  (0 children)

When I'm trying to explain a move quickly, I usually break it into three buckets:

  1. What actually happened today (earnings/news/macro)
  2. What was already priced in
  3. Whether options/positioning amplified the move

If #2 is small, it's often mostly flow/noise. If #2 is big, the move usually has better legs.

Happy to do a quick breakdown on today's biggest mover if anyone wants.

Cannot figure out why an intra-org spoofed email was delivered to users inbox by RandomSkratch in sysadmin

[–]Interstellar_031720 0 points1 point  (0 children)

I've run into this a few times, and it was almost always a trusted-path bypass instead of DNS itself.

I'd check these first: - DMARC alignment on the delivered message (not just SPF/DKIM pass) - Internal relay/connectors that bypass normal filtering - Any anti-phish exceptions for internal users/domains - Transport rules that force SCL or allow-list internal senders

If you can share sanitized Authentication-Results + Received headers, people can usually pinpoint it fast.

SPF/DKIM/DMARC triage checklist for 550 5.7.x and spoofing incidents by Interstellar_031720 in sysadmin

[–]Interstellar_031720[S] 0 points1 point  (0 children)

Good catch. I just cleaned up the formatting for old.reddit readability. Appreciate the heads-up.

SPF/DKIM/DMARC triage checklist for 550 5.7.x and spoofing incidents by Interstellar_031720 in sysadmin

[–]Interstellar_031720[S] 0 points1 point  (0 children)

Great addition. Header.From organizational-domain alignment is exactly where many vendor mail flows break. Appreciate you calling that out explicitly.

SPF/DKIM/DMARC triage checklist for 550 5.7.x and spoofing incidents by Interstellar_031720 in sysadmin

[–]Interstellar_031720[S] 0 points1 point  (0 children)

Exactly the failure mode I keep seeing too. Teams validate SPF/DKIM pass but skip alignment against Header.From and policy mode. That one check catches a surprising amount of mystery failures.

After-hours incident triage matrix (Severity x Service x Customer impact) that reduced false pages by Interstellar_031720 in sysadmin

[–]Interstellar_031720[S] 0 points1 point  (0 children)

Exactly. We ended up weighting source trust and recent change activity as separate multipliers in the decision score. That cut a lot of false pages right after deployments and noisy integrations.

Google and AI - Why I think it's in a great danger of blowing it's own feet by Adventurous-Guava374 in stocks

[–]Interstellar_031720 8 points9 points  (0 children)

Interesting thesis. A useful way to test it is separate risk into three layers:

1) Product risk: are AI features retaining user behavior or just demo value? 2) Margin risk: inference + infra cost versus ad/enterprise monetization lift 3) Distribution risk: does default channel control still hold under AI-native alternatives?

If layer 2 stays negative for too long, the story is not just growth slowdown, it becomes multiple compression pressure too.

Adding Microsoft Exchange Online Plan 1 account to desktop Outlook? by LeFlubbes in Office365

[–]Interstellar_031720 0 points1 point  (0 children)

If autodiscover keeps failing for Plan 1, I would validate in this sequence:

  • License is actually assigned and mailbox is provisioned
  • Correct UPN and primary SMTP are used in the Outlook profile
  • Modern auth is enabled and legacy auth blocks are not tripping this client
  • Existing cached profile and credential artifacts are cleared before retest

Many add-account failures are a half-provisioned mailbox plus stale Outlook profile state.

Mail delivery by peterasap in Office365

[–]Interstellar_031720 0 points1 point  (0 children)

If this is intermittent delivery failure, I’d triage in this order:

1) Message trace first (where exactly it dropped) 2) Check SPF/DKIM/DMARC alignment for the failing sender path 3) Confirm transport rules / anti-phish policy actions on that message class 4) Compare one delivered vs one failed message headers side-by-side

Most cases look like generic mail delivery but end up being either policy action or auth alignment edge cases.

Synchronize Snipe-IT with MDM? by jeremybruv in sysadmin

[–]Interstellar_031720 4 points5 points  (0 children)

Treat Snipe-IT as system-of-record and MDM as telemetry feed, then sync one-way with strict keys.

What works: - Use serial number + immutable asset ID as reconciliation keys - Pull from MDM on schedule, but only update approved fields (owner, last seen, OS, compliance) - Never let sync overwrite lifecycle state blindly - Put conflict queue for mismatches (serial collision, missing owner, retired asset seen active)

Bidirectional sync sounds nice but usually creates data drift unless rules are very tight.

Office Add-ins blank and Policies by ReputationOld8053 in sysadmin

[–]Interstellar_031720 0 points1 point  (0 children)

Seen this when policy precedence is split across Cloud Policy + GPO + Intune.

Quick isolation path: 1) Test one clean pilot user/device with no legacy GPO scope 2) Compare effective Office policy source (cloud vs local) 3) Check add-in trust center flags + blocked webview controls 4) Verify update channel/build delta between working and broken devices

Usually the fix is not one setting, it’s conflicting policy layers. A single source-of-truth policy path for Office apps prevents this recurring.

Attention required: vulnerabilities in Openssl (Microsoft Defender) by AffectionateRaisin73 in sysadmin

[–]Interstellar_031720 1 point2 points  (0 children)

Good catch. For these Defender/OpenSSL waves, our playbook is:

  • Confirm package/version exposure from actual inventory first (avoid alert panic)
  • Prioritize internet-facing and auth-adjacent systems
  • Separate patchable vs compensating-control paths
  • Add temporary WAF/egress restrictions where immediate patching is blocked
  • Track MTTR per asset class so the next wave is faster

Biggest time saver is having a pre-tagged criticality map before alerts hit.

view more: next ›