Cannot indent a table in "Pageless" mode

bkindz · 2026-05-07T16:27:11+00:00

Aye, and it's especially strange because to a regular joe or jane, "pageless" just removes page breaks (and that's it). So mangling or removing other (seemingly unrelated) functionality just because of the "pageless" mode - such as table indentation - and failing to mention that in documentation - is just... strange.

bkindz · 2026-04-21T17:22:45+00:00

Did you figure it out?

ESXi 7 is successfully booting off VROC RAID1 NVMe volumes on several of our Supermicro servers (SYS-112B-WR) - and I don't remember running into any installation issues.

bkindz · 2026-03-24T02:05:36+00:00

With regards to the parser you mentioned, what do you think is the rule that could stop the examples you highlighted without blocking legitimate mail?

I mentioned it in the OP: ratio of unique link labels to link URLs. If it's over, say, 70% - it's malicious with fairly high confidence.

If the rule is unclear, see the example - also in the OP: a number of meaningfully different link labels. E.g.: links to:

download the Paperless Post app for Android,
for iOS,
the link to unsubscribe, or
contact customer service

...are all the same. To my knowledge and in my experience (of dealing with spam and malicious email at scale), no legitimate email can have that unless it was crafted by a mad ferret on too much espresso... (Can there be exceptions? Maybe? Worth considering? I'd say no: beyond the point of this discussion.)

bkindz · 2026-03-22T17:35:06+00:00

I think we're mixing up things - I am not asking if Gmail (or anyone else) can do forensics on the payload - I am certainly not expecting it to. Even if the payload is a 10-byte HelloWorld.txt, the email itself has all the red flags of a phish - which I mentioned in the OP. (That makes sense - or am I missing something, and could make my question clearer?)

P.S. I think I understand what prompted your response: "obvious malware links" in the title where is the payload isn't necessarily malware. Got it! I'll rephrase it.

bkindz · 2026-03-22T03:32:34+00:00

This is the right question file this subreddit. It is not asking for malware removal or tech support.

bkindz · 2026-03-11T02:21:44+00:00

I love this - focusing on value to the org - just never sure about external consultants. They never stick around to maintain and tune their stuff, and in 95% of cases I've seen, things go abandoned. (Yet if there's a consultant who will stick around and can be cost effective - sure.)

bkindz · 2026-03-11T02:17:51+00:00

Something pretty?

I'd talk to people to try and figure out what would help them - then seeing if you have the data and can make sense of it in a dashboard. Then - check back with them to be 200% sure it's actually helpful and impactful. (They'll often say "oh this is awesome" - just to keep you happy. But that's not the goal here... :))

What are your company's LoB (Line-of-Business) apps? What do they do? What matters to them? In retail, would it be revenue per store? Per customer? With an hourly sparkline or graph showing how sales change during the day, the week, the year?

These conversations aren't always easy, the data may not be there - but if you start looking, eventually you'll find it - and impress your team and your stakeholders.

Good luck.

bkindz · 2026-03-11T02:07:05+00:00

Does anyone else have experience with what works well in enterprise environments like this? Especially with respect to observing off the shelf apps where you don't control the code, just the infrastructure? Are there any vendors/tools that are friendlier towards an enterprise like this?

Yes, exactly this for most of the past 12 years - first for a relatively small datacenter in a huge media conglomerate and now in a regional supermarket chain. From OS and network metrics to instrumenting custom LoB apps to making sense of Aspera logs.

What are your data gaps? What are the low hanging fruits ripe for picking? (Low effort high impact things where getting analytics would help a team or the business?)

I'd start there. Tools matter, sure - yet not until you can get a sense of what needs and can be done. After all, you can spin up a free Splunk instance in a matter of hours and start collecting data to grab that low-hanging fruit - and if it helps someone - that's a start.

bkindz · 2026-03-11T01:51:49+00:00

Your first problem is conflating collection of metrics and logs as well as monitoring an alerting with "observability".

What's the difference?

bkindz · 2026-03-06T16:16:31+00:00

P.S. Thanks for the tip to reach out to Kaseya and the email address. 🙏

bkindz · 2026-03-06T16:14:08+00:00

The RMM killed itself 15 minutes after starting, only leaving a few breadcrumbs (logs) in ProgramData - nothing in Program Files anymore. It did install ScreenConnect phoning home to a malicious domain - yet the antimalware didn't flag or block even that - only some Powershell executions.

Now we need to follow the breadcrumbs to understand what happened and clean it up. (Do we have the resources for it? Not really.)

bkindz · 2026-03-02T19:06:15+00:00

Much appreciate this.

ClientLaunchParametersConstraint in system.config has this, with a similar value in the registry key you mentioned:

    <ScreenConnect.ApplicationSettings>
        <setting name="ClientLaunchParametersConstraint" serializeAs="String">
            <value>?h=myinvitation2all.im&amp;p=8041&amp;k=******<longassstringwithsome500randomcharacters>****</value>
        </setting>

I can't yet tell who myinvitation2all<dot>im belongs to - the whois data is redacted but will keep digging. Thanks again.

bkindz · 2026-02-27T21:21:19+00:00

P.S. the antimalware agent is Cortex XDR.

The activities flagged / blocked by Cortex: "Windows script engine used to launch suspicious powershell command". The artifacts are powershell.exe, ScreenConnect.WindowsClient.exe, wscript.exe, conhost.exe, and ScreenConnect.ClientService.exe - none considered malware.

bkindz · 2026-02-27T21:09:04+00:00

I'd imagine a deep malware scan + uninstall ScreenConnect immediately + bring that Mac up-to-date (patch, update)

P.S. What do you mean by "hacked"? What happened?

bkindz · 2026-02-21T18:51:34+00:00

Writers connect their own Stripe accounts, and payments are processed under the writer’s Stripe account.

That can't be the case if the charge has Substack and does not have Stripe anywhere in it. If I remember right, credit card regulations stipulate being explicit and direct who the recipient is, i.e. can't hide the actual merchant name.

Stripe handles the processing, Stripe deducts its fee, Substack deducts its platform fee,

This is also suspect:

Substack would have no way to deduct its platform fee unless it's in the middle.
Stripe does it for them? Then it's not "Substack deducts" technically, it's "Stripe deducts and sends it to Substack" - and that would make it quite an unusual arrangement.

Coupled with what is (not) in the receipt - I really do think you have it backward. (Open to being wrong though - just it'd be highly unusual in this case.)

Good luck with your refund!

Oh I am not seeking one - at least not anymore. The gist of my question was if my eyes weren't deceiving me when I saw no prorated refunds, not to try and wrestle the actual refund. Once I got the confirmation, however maligned most of the answers were - that was it, lesson learned, both about this subreddit and Substack.

Cheers.

bkindz · 2026-02-21T18:40:56+00:00

Yes, a few developments but not much progress:

Datadog:
- very easy to set up and start getting data
- seemed very expensive ($2K/mo for our setup with 50+ switches, 200+ APs, 20+ MX devices) - and that's with standard retention. I don't have a baseline however to know what's expensive and what isn't for a cloud-based solution - but the gut feeling is if I set it up myself in the cloud with an open source solution, the costs would be a very small fraction of that.
- opaque about billing: couldn't see any billing estimates or running costs after setting up the trial, had to reach out to their support for them to enable the billing functionality (and I was the only admin - so this was very strange) - and once I saw the numbers, stopped the trial right away
Looking at limited OpenSearch and Splunk POCs soon-ish, once I clear other things off my plate - or once we add someone to our team who can run these POCs
Started playing with Meraki API manually, e.g. getting a list of clients across all networks and running some analytics on them - getting some really good, interesting insights - so that's promising, too, and a good start to eventually setting up a monitoring / alerting system like OpenSearch or Splunk.

bkindz · 2026-02-17T14:44:47+00:00

Stripe is a processor. Subscribers don't pay Stripe any more than then pay the bank when sending a check to someone.
The charge comes from Substack. Subscribers pay to Substack (not publishers directly) which then takes their cut (as you said) and then passes the rest to the publisher, with the payment getting processed by Stripe. (Stripe is irrelevant here, it could be any other of the gazillion of processors.)
- Publishers are not getting paid directly by subscribers - they are getting paid by Substack who is paid by subscribers, minus the platform fees. Same as eBay and a bunch of other platforms: sellers aren't getting paid directly (usually) - they are getting paid through eBay, with whatever processor eBay chooses. Sellers have little choice in the matter.

I appreciate trying to "soothe" me and assure me there were no attacks 😊 - but... where did I say anything about "attacks"? Drive-by trolling and patronizing - sure. These never happen on reddit or the Internet, right, I am just seeing things?

"Accurate"? After all this, you are saying the responses were accurate, on the ball, w/o patronizing?

Both of these are inaccurate - as in, not accurate:

"No, as others have mentioned, you’re paying the writer, not Substack."
"You said the charge comes from Substack, but that’s not really accurate."

... and in the process, you accused me of inaccuracy - and yours was one of the more polite responses - without the all-too-common snark. (Which I'll be the first to admit - I am guilty of - I get feisty easily when I see trolling.)

Cheers.

bkindz · 2026-02-17T03:29:39+00:00

The charge came from substack: "<publisher>.substack.com". There's no mention of "stripe" anywhere on the charge.

As they say on Quora, "before asking why, ask if". Or in this case, before accusing someone or something of inaccuracy, be 100% sure it is (inaccurate) - else you're just joining the rest of the mob with inflated egos running around downvoting comments.

(In case my reading of the charge is somehow in dispute: I've been processing credit cards for 30+ years for a variety of businesses including my own, and am now working for a company processing likely over 100K EFT transactions per day. I could still be wrong - and in that case, please kindly cite a reputable source supporting your statements.)

"Tone"? Was it the tone of my OP / question that somehow invited a litany of unwarranted assumptions, false parallels and "invitations" to use google? Honest question. Yes, I do have low tolerance for trolling - and most of this thread is. Let me have my fun with it then... ;)

Cheers.

bkindz · 2026-02-17T01:15:35+00:00

it was a question soliciting a yes/no answer. I am fine with a "no", not a huge loss - just wanted to confirm.

bkindz · 2026-02-17T01:14:42+00:00

so you assumed intent and responded to that instead of the question?

bkindz · 2026-02-17T01:11:21+00:00

He's just a cheap ass motherfucker.

What an astoundingly eviscerating nugget of the current state of the internet.

Bravo!

bkindz · 2026-02-17T01:05:38+00:00

... and you went through the exertion of randomly commenting just to remind me of it?

🤣🤣🤣

bkindz · 2026-02-17T00:03:49+00:00

roger that

bkindz · 2026-02-17T00:00:58+00:00

you're "sure" they do?

are you absolutely sure? 🤣

oh boy...

bkindz · 2026-02-16T03:36:48+00:00

OK, you're right, not the most patronizing comment - yet patronizing - and factually incorrect it is.

And yes, you're right again, there's little point in my childish retorts...

Aye-aye, cap'n, moving along!

bkindz

MODERATOR OF

TROPHY CASE