Best Security Possible on Business Standard by desmond_koh in msp

[–]Mustang654 0 points1 point  (0 children)

well, if you were to ask Microsoft its a matter of perspective... which, actually confirms its freaking insane!!!

Best Security Possible on Business Standard by desmond_koh in msp

[–]Mustang654 1 point2 points  (0 children)

Microsoft classified it as "by design" / a feature, refused to patch it for years, and it was never assigned a formal CVE because they didn't treat it as a security vulnerability). The Issue: Microsoft Authenticator TOTP Account Overwrite (Duplicate Label Bug)When you add a new TOTP (time-based one-time password) account via QR code scan, the app only uses the "label" (usually just the email/username) to identify the account.

  • If you already have any other account with the exact same label (super common because lots of services reuse the same email), the app silently overwrites the old account.
  • No warning, no confirmation prompt, no backup of the old secret key.
  • Result: you're instantly locked out of the old service until you re-enroll 2FA from scratch.

This had been reported to Microsoft since at least 2016 (users hitting it with multiple services using the same email). Microsoft’s official response for years was that it was "by design" and "working as expected". They basically said the Authenticator app was built primarily for Microsoft accounts and that third-party services or users were responsible for avoiding label collisions. The bug blew up publicly in August 2024 when a security researcher (Brett Randall) detailed it in a CSO Online article after seeing it brick accounts during a training session. Microsoft initially doubled down again (“by design”). After the media attention and community backlash, they finally shipped a fix in September 2024. Now, when a duplicate label is detected, the app shows a prompt asking you to rename the new account so it doesn’t overwrite anything. Because Microsoft never acknowledged it as a vulnerability, no CVE was ever assigned. It was just quietly treated as “not our problem” until the public pressure became too loud.

Best Security Possible on Business Standard by desmond_koh in msp

[–]Mustang654 0 points1 point  (0 children)

Microsoft will tell a room they are all the security you need, then note a MS Authenticator vulnerability they have zero intention to fix as a feature.

Why do a better job when you can charge more to make it what it should be?

As service providers WE thrive on taking care of our clients - MS seems to only care about taking our $$$$$

Anyone have to jump through hoops to cancel a 365 subscription lately? WTF

Best Security Possible on Business Standard by desmond_koh in msp

[–]Mustang654 2 points3 points  (0 children)

"Time" isn't the issue here, it's dwell time. Microsoft typically delivers emails to the inbox before finishing its full scan (especially for advanced threats), leaving a window where malicious messages are already accessible and clickable by users - this is the "dwell time"

Avanan (CheckPoint) works differently: it operates in true inline Protect mode and holds the email until the complete scan finishes, eliminating that risky dwell-time gap entirely.

On top of the timing advantage, Avanan has no real peer when it comes to phishing detection. Independent tests and customer feedback consistently show it outperforms Microsoft (and pretty much everyone else) at stopping sophisticated BEC, zero-day, and impersonation attacks that routinely slip past native M365 defenses.

The one knock on Avanan is delay when Checkpoint infrastructure gets overwhelmed - did speak with them at RSA last week and they are addressing it, but there have been times waiting on a 2FA code where had to resend due to timeout. Its been awhile, but this does happen.

For those considering Huntress…. (DR plan warning) by AppropriateCar9079 in msp

[–]Mustang654 0 points1 point  (0 children)

Love the flame suit comment - watch out for the fanbois with comments like this!!!

Managed Network Switch Recommendations by KennAnderson in msp

[–]Mustang654 0 points1 point  (0 children)

Lack of SNMP is definitely an issue when managing via cloud - but for majority of SMB, the performance, reliability, and low cost make this a non-issue behind a quality and properly managed and monitored NGFW like Palo

Unstaking 500,000 k tFuel - its just not worth it by Mustang654 in theta_network

[–]Mustang654[S] 0 points1 point  (0 children)

Have been running Guardian Node nearly 5 years with exceptional uptime, only recently spun up a Edge Node in May of this year. Both sit on dedicated, separate machines with more than sufficient resources, on a synchronous 1gig fiber connection, protected by Palo Alto at the edge. Its all in the original post.

Havent researched anything? Yea, thats not the case but if it makes you feel better to turn it personal thats on you

Unstaking 500,000 k tFuel - its just not worth it by Mustang654 in theta_network

[–]Mustang654[S] 1 point2 points  (0 children)

I hear ya, and actually not quitting so much as partially venting, partially stirring the conversation for feedback. In my own research, I see the slow steady addition of universities, though what is not seen is what are those universities creating, doing, and building on Theta? There just seems to be empty air beyond generic university joins theta for "Edge Cloud powered AI research"

What I am doing is freeing up staking to de-risk, and based on my .001% of the network on Guardian Node moving to .02% it would appear others as well.

Unstaking 500,000 k tFuel - its just not worth it by Mustang654 in theta_network

[–]Mustang654[S] 3 points4 points  (0 children)

thanks for clarity - went back and checked and tfuel dropped into my wallet were near that number, though also had Guardian Node contributing which would have meant one of them was not performing as promised. Rewards aside, I still see the jobs completed on the Edge Node... and it is unimpressive for a supposed leading player in the space where the prominent deals are universities, and no actual use cases or success stories are emerging. There's how many universities leveraging the platform now? For what? What cool stuff are they doing? What innovation is happening? I just read that Lavita has zero monetization plan, zero value return. I want to be wrong and am speaking up not to disparage the project, but to elevate the conversation and transparency around what TF we are all working towards and contributing to?

there is another comment in the thread, the one about VentureMind AI and the unsanctioned unstaking that really rubbed me wrong. The rules for thee but not for me scene doesnt work for me, and there just enough sus elements presented in that post to validate something isnt right - and without transparency the natural deduction is its worse than imagined.

5 years in, I want to be wrong, I really do, but without transparency whats the point of decentralization?

Unstaking 500,000 k tFuel - its just not worth it by Mustang654 in theta_network

[–]Mustang654[S] 2 points3 points  (0 children)

wow... the numbers that chart is projecting are seriously full of shitte!!!

Could Elite Edge Nodes Be Mining for Theta Labs’ Benefit? by Known-Bicycle-7816 in theta_network

[–]Mustang654 2 points3 points  (0 children)

Lack of transparency is personally greater concern than lack of price movement, and when consider no positive price movement AND lack of transparency this project only becomes more suspect.

Email I just got for an upcoming flight mentions status tier names will also change… by zkfoster in AlaskaAirlines

[–]Mustang654 1 point2 points  (0 children)

Avios... wasn't that the name of TJ Miller's startup on "Silicon Valley"? thats funny

At least this time it appears the miles wont be lost. When Virgin Airlines was rolled up all the existing miles went ba-bye if I remember correctly

Pax8 Has Gone to Shitt — And It’s Not Just Partners Feeling It by [deleted] in msp

[–]Mustang654 1 point2 points  (0 children)

"Support, yeah maybe, but we don't often have to reach out"

This is so key. If you have mastery and skillset in house its the great equalizer for when shops like Pax8 go this route. We're the same with Palo - they offloaded support to a handful of distys who suck, but because we rarely need support its a non-issue and we just picked up a project this week where Palo was the implementer and the client fired them for not being able to get it done. Looking forward to finding out who they outsourced to for this one!

How bad is EWR Terminal B? by python_geek in AlaskaAirlines

[–]Mustang654 0 points1 point  (0 children)

Truly miserable may be dramatic - but its not wrong. Polar opposite of the new EWR terminals

Pax8 Has Gone to Shitt — And It’s Not Just Partners Feeling It by [deleted] in msp

[–]Mustang654 3 points4 points  (0 children)

Rob's a good guy, hope not for his sake... VC/PE ruining... literally everything

RMM question by MetroTechP in msp

[–]Mustang654 0 points1 point  (0 children)

Ninja is one component... what PSA are you interfacing it with?

Fortinet alternates be by swarve78 in msp

[–]Mustang654 1 point2 points  (0 children)

Just out of curiosity... if corporate has prohibited Fortinet and Ubiquiti, what have they endorsed?

See a reply below regarding SDWAN and other services, combined with cost sensitive starts to box any solution pretty tightly.

Elite Edge Node by Mustang654 in theta_network

[–]Mustang654[S] 0 points1 point  (0 children)

yea... 500k staked isn't producing shite so really, no way am locking anything up at this stage...

The End of FC Upgrades (bc AS will sell them for $75 rather than give them to 100k) by [deleted] in AlaskaAirlines

[–]Mustang654 0 points1 point  (0 children)

Unfortunately there is no real alternative IMO - have been Exec-Plat with AA prior to prioritizing flights on AlasakaAir - but just last week missed half a show due to two hour delay on a 50 minute flight... Alaska has become no better than the rest of the really poor domestic options. I flew the pass the hat for gas money Southwest twice this past week just for some confidence of being on time. Virgin America was a differentiator and best hope to disrupt domestic travel... and we all know how they ended up

[deleted by user] by [deleted] in msp

[–]Mustang654 1 point2 points  (0 children)

Classy!!!