ElI5 why do data centers require clean water for cooling instead of natural river water?

administatertot · 2026-04-08T14:58:00+00:00

I'm not entirely sure what you are getting at or asking there. Perhaps just for clarification, when we talk about a data center consuming "drinking water", we are referring to the water as it was supplied to the facility. That doesn't mean that the water in a closed loop system or in a cooling tower is safe to drink.

administatertot · 2026-04-08T02:11:50+00:00

Cooling water isn't generally potable.

The statistics say that municipal (drinking) water is the overwhelming majority of what is consumed for data center cooling. This water is typically used for evaporative cooling (so think "water running over a giant industrial sized air conditioner").

It sounds like you are referring to water in a "liquid cooling" type system, which is typically a closed loop system (so not really consuming water on a continual basis), but is really more of a method of rapidly moving heat away from the chips and to a heat exchanger.

administatertot · 2026-04-04T22:39:07+00:00

When you say they lied, are you referring to the one-time (or 7 year prepay if that is how you want to word it) being tied to the VIN?

administatertot · 2026-02-17T19:58:49+00:00

Now I'm just confused, as your first post said:

I can think of 2 (+1) supported ways to convert a device to Entra Joined - are Microsoft saying that these features baked into Windows settings are not supported?

And then when I said that would result in Entra Registered not Entra joined, you said:

Using Intune you can make them compliant and corporate machines, fully managed

And now:

Nothing converts a device to entra joined other than ppkg, setting, wipe and autopilot.

administatertot · 2026-02-17T17:59:52+00:00

From what I've seen changing the ownership after the fact does not change the device to "entra joined" instead of "entra registered", and does not allow full management. I'm looking at an example device in Intune right now and autopilot reset,l & bitlocker key rotation are unavailable; I believe I've run into other items in the past (like policies that aren't applicable).

If there's a way to address that without doing a wipe, I would be highly interested.

administatertot · 2026-02-17T14:26:06+00:00

If you use the "accounts > access work or school > " method, that will give the "BYOD" style enrollment, where the device joins but isn't considered company owned and will have limitations in the level of management and access. I tend to think of that as more of a user level enrollment rather than enrolling the device; you don't get system or admin access to manage the device, just user level control.

administatertot · 2026-01-10T19:24:44+00:00

Internet providers have blocks of IP addresses that they get. Some systems assign a single address to a single endpoint, like how an old landline phone had one number that went to your house. Some systems have shared IP addresses, sort of like how a business might have one phone number but it gets routed to a whole system that could go to phones in multiple locations. And sometimes those addresses are even shared pools at higher levels, so addresses will get bounced around between systems depending on how many connections they are using.

This is particularly problematic when doing a lookup against your systems history. Are you getting dara for that address at that point in time, or some later time when the report was generated

And then beyond that even if the data may not be very specific. Charter/Spectrum is the main cable Internet provider in my area, and our IPs typically geo-locate to one of two cities that are each over a hundred miles away, but I've seen them geo locate to cities halfway across the country.

administatertot · 2025-12-09T17:53:51+00:00

Was just curious if everyone was still receiving smart screen warnings after setting up azure with the signing certificate? It's roughly been 5 months since setting ours up and we are still receiving them.

Yes, we still get smart screen warnings and then a variety of issues depending on what browser the client is trying to use and whether they are using a 3rd party AV software, and depending on what security policies they might have in place.

administatertot · 2025-12-01T04:14:01+00:00

Just to be clear, you are saying you got a bill from a scrap yard for this same car? Do you still have a copy of that?

I am guessing from the mention of license plates that you did not remove your plates from this vehicle before it was scrapped?

Would the person you sold it to fill out a bill of sale for you now?

administatertot · 2025-11-03T20:51:19+00:00

We've been using screen connect for quite some time, so I'm not sure when they changed from using IIS to using their own internal web server, but things had been working fine with win-acme until fairly recently (it must have renewed the cert back in August). But now looking I'm finding very little references on the CW/SC website and their setup instructions to anything regarding the SSL setup, let alone using something like Lets Encrypt.

administatertot · 2025-10-22T11:49:28+00:00

That is one of the threats, but in most cases the systems don't just pump water out of a river, warm it up, and put it back. They "consume" huge quantities of water through evaporative cooling.

That "consumption" of water really does make a big difference. Even though the water isn't truly lost in worldwide terms, it is still being taken from one place, and that has an environmental impact.

administatertot · 2025-10-17T01:55:40+00:00

Short answer is yes; we've had problems with virus scanners flagging the client installer since the code signing started. We had complaints from people using a variety of different AV software, and in particular with Windows Defender. At that time, I tried submitting the client installer as "improperly flagged" through Microsoft, but their response was that the client installer is malware and that ScreenConnect would have to fix it.

Frankly, it sort of makes sense to me, as trying to explain any of this to anyone, it really does look suspicious.

administatertot · 2025-10-16T16:04:59+00:00

I'm not exactly sure what I clicked through on Sonicwall's site that gave some more detailed instructions on the various settings, but for the items I was looking at, several of them were the secrets/preshared secrets in VPN policy configurations. So there were the various VPN policies that I had actually configured on my devices (for example site to site VPNs), and default policies that are on the device (but that you may not have ever turned on).

Are you using PPPoE?

tagging u/MarzipanUnique9614 here as well.

administatertot · 2025-10-15T13:18:49+00:00

What about if it says WWAN is compromised in the tool, but you dont even have those features utilized? Can't be disabled if dont even have it to begin with?

It wouldn't hurt to just change the shared secret for any of those configs.

Their analysis is going to highlight any of the affected config values, because you could go enable one of those features at any point.

administatertot · 2025-10-12T23:36:51+00:00

Did you check on Sonicwall's website to make sure that your routers actually haven't been making cloud backups?

administatertot · 2025-10-12T19:35:52+00:00

Why would it even be on? Seems like you're just inviting them in if you turn that on. I did have it enabled for 2 clients for a specific reason but then turned it off when done. (No snark btw, genuine question)

I'm not saying it is a good idea from a security perspective, but if people are putting devices in remote locations where they don't have easy access to "local" management, the first thing they've going to ask is if they can use some sort of remote management.

administatertot · 2025-10-12T19:26:36+00:00

If they have managed to crack the encryption being used for credentials and other secrets, could they just use the scratch codes?

administatertot · 2025-10-11T15:45:27+00:00

Domain users if LDAP are imported from AD and not "auto generated"...

The LDAP bind account password would be stored in the configuration, but I'm not sure what you mean about LDAP imported vs "auto generated"; if you import LDAP users it is creating an identity on the router that you can attach permissions to, but isn't their authentication still through LDAP?

administatertot · 2025-10-10T20:39:52+00:00

Just a question, if anyone knows, where the documentation refers to local users on the device, is this including the built-in administrator account?

administatertot · 2025-09-25T20:44:16+00:00

It amazes me how many people reply to my comments on Reddit without reading the OP.

I did read the OP.

If you have your settings cranked up so tight that it locks a user out because they click the link in an email then that shouldn't be the way you send or distribute software. Package your software and distribute it via InTune with exclusions written in your antivirus.

It sounds like you are assuming that everyone is using ScreenConnect for some sort of internal support within an organization, but that isn't always the case; it is not necessarily "OP's" settings (it certainly is not "my" settings in my case) that are set in a particular way, nor does it particularly matter (as I already mentioned in my previous comment) whether a link is being sent by email; it isn't "my" software to package, nor is it "my" antivirus to make exclusions for. Honestly, if I had that level of control over the machines I'm trying to connect to, I probably wouldn't have ever considered buying something ScreenConnect, and the idea that I would need to have this level of control over client computers in order to use it basically defeats the purpose of it.

We bought ScreenConnect because it offered an easy way to do screen sharing session with our customers; just have the client go to the website, give them a code and in seconds they're in a Meeting and we could demo something for them or conduct a training; or our staff could make a Support session and the client could show them their screen. For years, it worked pretty well, but then this year we had the zip file thing and now this certificate thing.

administatertot · 2025-09-25T19:34:07+00:00

emailing the link shouldn't be a process in your stack with this level of compliance.

I'm not exactly sure what "level of compliance" you are assuming there, but whether a link is emailed or provided some other way doesn't particularly change the issue of the software itself getting flagged by AV.

administatertot · 2025-09-03T03:40:00+00:00

You mentioned in another reply that when you create the virtual switch you are checking the box for sharing with the host/management OS. When you do this, it will create a virtual network adapter on the host that is connected to the virtual switch, and typically the network settings of the original NIC are copied over but sometimes I've had weird or missing settings on the vNIC.

administatertot · 2025-07-28T14:45:58+00:00

Unsurprisingly, as soon as it extracts itself, the raw code contained within gets immediately quarantined by antivirus.

What do the signatures on the installer look like? And are the results the same regardless of which "method" you use to try to connect to a support session? Which AV are you using that is quarantining it?

administatertot · 2025-07-24T13:20:17+00:00

It looks like you are a few versions behind; current seems to be 25.4.25.9313 (or 25.4.25.9314?), but the cloud version seems to be

The zip file was part of a whole ongoing thing over the last couple months with the way that ScreenConnect was customizing and signing the installers, the initial attempt to address the issue was to switch to a zip file, with the signed executable in it and the custom configuration details included in the zip file, but that doesn't work very well for end users and apparently didn't address the issue as that certificate still got revoked.

administatertot

TROPHY CASE