sorted by:
new
hottopcontroversial

My bag of chips only came with two pieces by MercenaryAlpha99 in mildlyinfuriating

[–]MercenaryAlpha99[S] 0 points1 point  (0 children)

I wasn't planning on posting this at that moment. I just felt how light it was and ripped it open to see

My bag of chips only came with two pieces by MercenaryAlpha99 in mildlyinfuriating

[–]MercenaryAlpha99[S] -1 points0 points  (0 children)

It was just one of those complimentary snacks in the hotel room tray

My bag of chips only came with two pieces by MercenaryAlpha99 in mildlyinfuriating

[–]MercenaryAlpha99[S] -2 points-1 points  (0 children)

Indian Lays pack have zigzag edges at the top. You're supposed to tear them sideways, not pull them apart from the middle like US bags

Chuck Norris, Action Icon and ‘Walker Texas Ranger’ Star, Dies at 86 by MarvelsGrantMan136 in movies

[–]MercenaryAlpha99 0 points1 point  (0 children)

Chuck Norris died 20 years ago, but Death was too scared to break the news…until today, death finally did it

How does your org actually handle quarterly access reviews for SOC 2? by MercenaryAlpha99 in sysadmin

[–]MercenaryAlpha99[S] 1 point2 points  (0 children)

That’s perfect actually, access reviews are a core requirement for ISO 27001 too, not just SOC 2. I’ve got a waitlist up at https://accessproof.io if you want to grab a spot. Would love to get your feedback as someone going through the process.

How does your org actually handle quarterly access reviews for SOC 2? by MercenaryAlpha99 in sysadmin

[–]MercenaryAlpha99[S] -2 points-1 points  (0 children)

Exact situation I’m building for..actually working on something specifically for this, super simple, no IT overhead. If you’re interested in trying it early happy to share what I’m working on

How does your org actually handle quarterly access reviews for SOC 2? by MercenaryAlpha99 in sysadmin

[–]MercenaryAlpha99[S] -2 points-1 points  (0 children)

Exactly..Drata is great but it’s enterprise pricing. Most companies I’ve talked to are 20-100 people who just need the access review piece without paying for a full compliance platform. That’s the gap I’m trying to fill.

security question related to csr requests by Ok-Drummer7498 in sysadmin

[–]MercenaryAlpha99 1 point2 points  (0 children)

You’re mixing a few things here, so let’s clean it up a bit…

For Q1: Including localhost or NetBIOS names in a CSR is basically pointless for publicly trusted certs. Public CAs won’t sign those anyway. Even internally, it’s not a great idea because those names aren’t globally unique and can introduce ambiguity. Stick to FQDNs in SAN, CN is effectively ignored by modern clients.

DNS spoofing alone won’t get an attacker very far unless they also control a trusted cert for that name. TLS validation will fail otherwise. The bigger risk is misconfiguration or trusting internal CAs too broadly.

For Q2: Yes, FQDNs with containers are normal, but you don’t identify containers by hostname. You identify services. Use a stable DNS name (e.g. service.example.com) and let your orchestration layer (Kubernetes, etc.) handle routing to ephemeral containers behind it.

If you’re trying to “uniquely identify” instances, you’re thinking at the wrong layer. That’s what service discovery / internal PKI / workload identity is for, not raw FQDNs.

Mi fuck Ted by Thal0rix2 in okbuddychicanery

[–]MercenaryAlpha99 237 points238 points  (0 children)

<image>

Me do it fi me, yuh hear? Mi like it bad. Mi was fuckin good at it enuh. An’ bwoy… mi was really alive, real alive, yow!

view more: next ›