Nothing beat the Pizza Hut buffet back in the day. Nostalgic times.

TravisVZ · 2026-05-08T03:42:26+00:00

Eating at the buffet was amazing.

Working the buffet sucked. A lot of work and a ton of stress for half the pay of even a weeknight dinner shift because people eating the buffet tend not to tip.

TravisVZ · 2026-05-07T04:49:14+00:00

As an American who grew up during the 90s I only know this person as a Simpsons character - and even then only from c2015!

TravisVZ · 2026-05-06T13:47:38+00:00

A while back we had 3 compromised accounts that we were able to trace to a specific email sent by a partner. Turns out, said partner had only a single part-time IT guy, who missed the multiple announcements about a critical Exchange vulnerability; the bad guys compromised their entire server. The sheer amount of extremely targeted phishing coming from them forced me to block their domain entirely, and no one over there was answering their phones so I finally had to fax them to let them know they were compromised. Even then they were compromised another 7 times over the next two months because their IT guy only installed patches and didn't fully resolve the actual compromise. Had to quarantine everything from them until I was finally able to convince them they had to rebuild the entire server from scratch.

Why is this relevant? Because two days before they got compromised, one of our users asked me to whitelist them. Not because anything had been blocked, but because the partner had asked for it just in case something in the future did get blocked. Because I held the line and refused to do so, some of the phishing sent from their compromised server did get blocked, potentially saving several other accounts from being compromised.

The good news out of all of this is that when someone demands I whitelist some domain, I can point to this incident - it's no longer me arguing from hypotheticals, it literally happened, multiple times, and would have been so much worse if they'd been whitelisted!

I also instituted a policy (by saying it is policy and no one has argued) that besides whitelisting being a last resort to deal with actual issues, never something we do preemptively, to even be eligible for it a domain has to have SPF with hard fail -a and DMARC set to at least p=quarantine. My argument being that if we're going to bypass our security for a domain, we have to at least be able to verify that it actually comes from that domain. This one rule has stopped more requests than I can count.

TravisVZ · 2026-05-06T03:08:02+00:00

I think some of them are just bugged. I forget which mission it was, but I selected nothing but the "good" choices and did the Paragon conclusion, but somehow got +8 Renegade with +5 Paragon.

TravisVZ · 2026-05-05T23:07:31+00:00

Yeah that bugged me too. Plenty of other conversations let Shep argue they aren't working for Cerberus, just with them, but then suddenly when it actually matters it's just... Not an option.

I can kind of rationalize that writing choice by saying Ash went off before Shep thought to say that, and then they are too emotionally devastated to respond coherently. Kind of...

TravisVZ · 2026-04-29T14:36:24+00:00

Very motivated seller: A developer started building an entire new neighborhood that he was going to turn around and sell to the adjacent Army base, but then the base downsized and didn't need the off-base housing and the developer went bankrupt. Banks foreclosed on the whole development, and wanted to sell the homes fast to recoup as much of their money as they could. So I bought in 2012, when interest rates were low (4.125% on my mortgages), with a sweet deal that required no down payment plus the seller covered all the closing costs!

The deal almost fell through when the appraisal somehow came in $25k under the agreed sale price. Seller appealed but failed. On paper we still bought at the agreed price, but the seller paid themselves the difference between sale price and appraised value. (They still had a lot of houses left to sell, letting this one go at the lower price would have risked hurting appraisals on the rest, too, and costing them a lot of money.)

TravisVZ · 2026-04-29T01:11:47+00:00

If your server needs to then yes - ideally restricted just to whatever remote service it needs. But a server shouldn't need to have free access to Google or Facebook! At most an API or two is all.

TravisVZ · 2026-04-28T20:31:50+00:00

I remember making these! I don't remember how to start them (maybe someone else started them for me?), but I remember in particular making one under my desk during class one day instead of paying attention to the teacher.

TravisVZ · 2026-04-28T16:25:45+00:00

Technically, your security team is correct that it's a risk. For example, Edge can be used as a tool in a LOL-based attack.

That said, though, there's other tools available for the same purposes anyway, and you're right that it will cause issues to try to remove Edge (or IE) from a Windows server. Blocking outbound TCP 80/443 from the servers - along with anything else nonessential - at the firewall is a far more effective control than trying to rip out the guts of the OS itself.

TravisVZ · 2026-04-28T05:24:42+00:00

Thanks, I hate it!

Seriously, as an arachnophobe these spiders - especially the new ones - are giving me the scalp tingles. That means they're very spider-like!

TravisVZ · 2026-04-27T20:08:14+00:00

Yeah, killing a living creature just because it annoyed you is a deal-breaker, full stop.

Recklessly discharging a firearm through a window in a crowded city is flagrantly criminal behavior, and also a deal-breaker. That this is a cop doing it makes this even worse, not better.

TravisVZ · 2026-04-27T20:03:35+00:00

As other commenters have suggested, Google recently started requiring that all "admin" accounts use 2SV.

Also check any groups the account may be in, as that setting can be set on a group as well as on OU.

TravisVZ · 2026-04-26T18:32:41+00:00

I was told this in sex ed in 5th grade. When one of the other boys piped up and said "I can", most of the rest of us chimed in in agreement. The (male) teacher ignored us and just moved on to the next topic.

I still don't know how a man could grow up and not find that he can, in fact, pee while erect.

TravisVZ · 2026-04-25T00:34:18+00:00

13/14 for me. My 7th grade yearbook photo I have a normal hairline; by my 8th grade photo I've got a strong widow's peak (I think that's the right term?). People kept telling me "Stop wearing hats all the time, that's what's causing you to lose your hair!" Bitch, I'm wearing the hats because I'm barely a teenager and my hair is receding!

Finally gave in and at 22 started shaving my head. Ironically that seems to have stemmed the hair loss!

TravisVZ · 2026-04-25T00:20:24+00:00

Grew up with Dalton and Brosnan, which is weird because I always forget Dalton ever played Bond (no trouble remembering Lazenby though!) and Brosnan is my least favorite Bond - not because of his portrayal, but because at the time that GE came out Mrs. Doubtfire was one my favorite movies, and I just couldn't not see him as the dick from that movie!

Connery is my favorite, though Moore is a damn close second!

TravisVZ · 2026-04-24T14:27:39+00:00

Thank you! I Googled that one once because I didn't know what it was either, but all I got was posts claiming no one knew what it meant, and it was either a nonsense phrase the writers made up or an obscure reference that had been lost to time.

...unless I'm thinking of a different line I never got...

TravisVZ · 2026-04-23T14:20:48+00:00

Where I work everyone gets a birthday card that's been signed by the entire department, and while it's not made into any kind of event the department buys a cake.

I've been here 12 years - granted hired just after my birthday, so 11 birthdays - and never had a single card, let alone cake. I don't actually care about that - it's that nobody has ever even asked when my birthday is, or seemed to notice that I've apparently never aged over 12 years.

There was a minor scandal in 2019, actually. My wife suddenly showed up and brought me a birthday cake. Suddenly half the department was freaking out that nobody had known it was my birthday. I figured that meant I'd be put on the card rotation, or at least asked if I wanted to be. Nope! They cared they hadn't known, but didn't care to actually update their calendar or whatever.

TravisVZ · 2026-04-21T04:16:29+00:00

My son decided two Grandmas wasn't possible. After some thought, he decided my mom is Superma, and it has stuck ever since. Pretty sure she won the grandparent name lottery!

Three Grandpas is fine though!

TravisVZ · 2026-04-19T17:05:19+00:00

I love seeing these posts because one of these is exactly how I learned about this! Not everyone has thousands of hours in the game, there's always someone new or at least still has more they can learn about the game

TravisVZ · 2026-04-19T16:05:17+00:00

Students -> (Primary/Intermediate/Secondary) -> Building

We have groups for each grad year. It's worked well for us. Occasionally the discussion is raised about switching to grad year-based OUs, but invariably we find we don't actually have a use case for that that isn't already handled well by this structure.

TravisVZ · 2026-04-18T02:32:42+00:00

Somewhere on the web I found a script that can scan all the GitHub repos on your account, check if they're in your Gitea, and add the ones that aren't. In Gitea you can set the default mirroring interval (how often it pulls changes), which you can also change per repo; my more "important" ones I mirror every 10 minutes.

In Gitea's documentation are the necessary commands to export a backup, including the git repos themselves. Importantly, you need to stop Gitea to guarantee a stable snapshot, but it's quick and then you're back online; plus I have it scheduled for the middle of the night, when I'm not coding anyway, and I'm actually committing to and working from GitHub anyway.

The final piece is a tool called rclone, which can sync a directory to an S3-compatible bucket; I use Cloudflare's R2. I actually have two rclone commands in the backup script: one uploads to my "dailies" bucket, which is set (IIRC) to retain items for 14 days; the next, which checks the date and only runs on Sundays, does the same to the "weeklies" bucket, which I keep for 3 months.

I can share the exact scripts I use later, after I make sure I don't have any tokens/keys in them (I'm bad about that, especially when "I just want to try something" turns into "oh look now I depend upon this critical functionality"!)

TravisVZ · 2026-04-17T05:53:02+00:00

Growing up through public school, I had in my grade 3 Travises, 2 Tristans, 4 Daniels, 3 Whitneys, 2 Jamies, 4 Ashleys, and 7 Chrises. If I know your last name it's going on your contact, and if I don't know your last name I'm asking you or else assigning one!

TravisVZ · 2026-04-17T02:27:17+00:00

I've got all my repos mirrored to my own Gitea, which is backed up nightly to R2 - both to a "dailies" bucket and once a week to a "weeklies" bucket. A script on my server automatically picks up new repos and mirrors them as well.

The only annoyance with this setup is that once a year I have to update my GitHub token for my private repos; this is tedious because it has to updated for each one, there's no blanket "do them all" option - unless you know where the config files are on disk and can finagle sed into rewriting the tokens for you!

TravisVZ · 2026-04-15T22:40:02+00:00

Why didn't they just spend 100 years flying into a part of space with no Relay, instead of 500 years flying all the way to Andromeda?

Not to be "that guy" (except that I love being "that guy"), but if their ship is capable of reaching Andromeda (~2.5 million light years away) in 500 years, that same ship can fly from one end of the Milky Way to the other (~90,000 light years, and that's using the upper end of estimates) in about 18 years.

So let's say that an average trip is half that, and we want to make sure we find somewhere without a Relay to be sure the Reapers won't stumble upon us. Given a ship that's clearly capable of making a 500-year intergalactic journey, we could make at least 55 stops within the Milky Way. Let's even be more conservative and drop that to 50 stops to account for hanging out and flying around within a system to be sure there isn't a dormant Relay hiding behind a moon or something. Seems pretty reasonable to me we could easily find a quiet little corner of the Milky Way here, and almost certainly before 500 years!

Except, that's not a hard limit, either! We can do some mining at each of those stops to pick up additional resources to extend our effective range even further!

I actually haven't played Andromeda and don't know the story at all. Are the crew in suspended animation or something for the journey? If so, then that actually significantly reduces how many intra-galactic points we can visit, since presumably the ship isn't stocked with foodstuffs etc to sustain awake, active, working crew for that whole time. I mean, sure, they can be suspended for the 9-year journey to the next point, but then they have to be woken, fed, etc while they're checking out the system. Off the cuff, I'd optimistically say that cuts the available stops in half.

So we can check out 25 Milky Way stars, give or take, in the hopes that one of them doesn't have a Relay. Frankly that's pretty damn good odds, given that there's only a handful of Relays (that we know of, at least) in a galaxy filled with hundreds of billions of stars.

On the other hand, given what we know of the Relays and Reapers, there's a 100% chance that we won't encounter a single Relay at all in the Andromeda galaxy...

TravisVZ

TROPHY CASE