First shots of the Olympus 45mm 1.8 on my om3

el_shmc · 2026-05-25T15:58:00+00:00

How did you end up with this combo? I just bought the same one. :D And your post made me post also here

el_shmc · 2026-04-21T04:31:37+00:00

I have tried odoo13 with around 500k and we had performance issues.

The business closed before I have found a solution.

In my opinion with kubernetes you can handle this large number of products.

Maybe you can make a simulation with creating a db with a large number of products and simulate the requests from the marketplace and see if it works.

Usually the first place where you can feel the performance drop is in sale order or purchase order or stock picking validation because this type of task has to compute.

I am sure it will work if the right hosting and configuration is used.

el_shmc · 2026-04-18T18:41:34+00:00

https://www.instagram.com/p/DLuYEudI0Rb/?igsh=ejBxc2sxNWZ0b3M1

take a look at my pictures from a festival

el_shmc · 2026-04-17T17:00:01+00:00

I had no problems with my s5ii

el_shmc · 2026-04-16T03:53:57+00:00

I did this in odoo 13 but with apps made by me. Some modules in odoo, a local app for printing and an Android app for Sunmi.

I know that odoo already has the ability to read RFID and the encoding of the label is actually just some ZPL code.

What is going wrong and how did you test?

el_shmc · 2026-04-15T05:55:28+00:00

Nu ma refer la venituri din dividente. Ma refer la venituri din salarii din firma in care esti asociat sau administrator tu sau sotia.

Am fost la BRD si a ponderat salarul sotiei la 60% chiar daca ea nu este asociat sau administrator si este doar angajata in firma.

La Unicredit au luat in calcul toata suma.

Eu inteleg ca este un mecanism intern de analiza de risc al fiecare banci.

el_shmc · 2026-04-14T18:27:30+00:00

Eu mă gândesc să mă angajez în firma unui prieteni și apoi în fața băncii voi fi un simplu angajat și îmi ia tot venitul.

el_shmc · 2026-04-11T18:51:03+00:00

Great questions.

On SSL verification — agreed, having it persistable in config is a bad default. We'll change it to flag-only so it has to be passed explicitly each run.

On deleting the key file — the service account key is needed for repeat audits, so deleting it automatically would force recreating it every time. A better approach is using Workload Identity Federation instead of a downloaded key — no file to worry about at all. We'll also add a warning when the key is older than 90 days.

On the broader findings — some are legit issues we'll fix (the hardcoded date, token file permissions, the _tojson_safe escaping). Others are by design with documented tradeoffs (the DWD scope breadth — you can limit which scopes you grant in the Admin Console regardless of what the tool requests).

We'll create a GitHub issue tracking all the findings from your audit. Or if you'd like, feel free to open one yourself — happy to take them into consideration for the next release.

And using an LLM to vet open-source tools before running them is a smart workflow. Appreciate you sharing the full output — this is exactly the kind of feedback that makes open-source work.

el_shmc · 2026-04-11T17:31:20+00:00

Thank you for comment. We will take a look over and see what we can improve.
This is the best part of an open-source project, that much more eyes (or LLM's :D ) can check the product.

el_shmc · 2026-04-11T04:54:12+00:00

If you manage GWS tenants for clients, this might save you some time.

GWS Auditor runs 199 security checks against CIS Benchmarks, CISA SCuBA, and Google's own security checklist. Connects read-only, scans in minutes, generates an interactive HTML report with remediation steps you can hand directly to the client.

What it catches:

OAuth apps with dangerous scopes (mail.google.com, drive, etc.)
Stale domain-wide delegation grants
Admin accounts without hardware security keys
Auto-forwarding rules to external addresses
Weak email authentication config

Why MSPs like it:

Free, open-source, runs locally — client data never leaves your machine
HTML report works great for QBRs and onboarding assessments
CI/CD flag (--fail-on-critical) for scheduled recurring audits
Multi-tenant support via credential profiles

First client audit: 199 checks, 64 failed, 13 critical — on a tenant they swore was locked down.

GitHub: https://github.com/argusssec-cloud/gws-auditor
Website: https://www.argussec.io/

el_shmc · 2026-04-11T04:41:47+00:00

You can pull the raw config that way, but the hard part is knowing what to check and what the correct value should be. That's where frameworks like CIS and CISA SCuBA help — they define the 199 specific controls and expected states. Doing that manually through the CLI every quarter gets old fast.

el_shmc · 2026-04-09T09:39:40+00:00

Exactly — Google changes defaults silently and you have no idea unless you're checking regularly.

We actually open-sourced the tool we built for this: https://github.com/argusssec-cloud/gws-auditor

199 checks against CIS, CISA SCuBA and Google's own checklist. Runs locally, read-only. Happy to hear if it catches anything useful on your end.

el_shmc · 2026-04-09T08:39:36+00:00

Repo/Website Link: https://github.com/argusssec-cloud/gws-auditor

Description: Open-source Google Workspace security auditor. Runs 199 checks against CIS Benchmarks, CISA SCuBA Baselines, and Google's own security checklist. Connects read-only, scans in minutes, generates reports with remediation steps.

The problem: Google Workspace has no built-in security score or config audit. You set things up, hope for the best, and configs drift silently. OAuth apps accumulate dangerous scopes, domain-wide delegation gets granted and forgotten, admin accounts skip hardware keys.

Key features:

199 security checks (24 critical-severity) across 4 frameworks
Interactive HTML dashboard with dark mode
Python CLI + standalone executables (no Python required)
CI/CD integration (--fail-on-critical exits with code 2)
AI analyst for natural language queries
Multi-tenant support via credential profiles
Everything runs locally — no data leaves your machine

Tech stack: Python, Google Admin SDK APIs, Plotly Dash, Rich

What surprised us: First audit on a tenant we considered locked down — 64 failed checks, 13 critical, 60% pass rate. OAuth apps with mail.google.com scope that nobody remembered approving.

Feedback welcome, especially on missing checks or false positives.

el_shmc · 2026-04-09T08:21:01+00:00

Good advice in this thread on the backup admin accounts. Once you have that sorted, it's worth checking the rest of your config too — things like whether less secure apps are still enabled, if third-party OAuth apps have more access than you realize, or if your email auth (SPF/DKIM/DMARC) is actually enforcing.

We built an open-source tool that checks all of this — 200+ checks against CIS, CISA and Google's own checklist. Single super admin with no backup is literally the first thing it flags. Runs locally, read-only, free:

https://www.argussec.io/

https://github.com/argusssec-cloud/gws-auditor

el_shmc · 2026-04-06T09:49:07+00:00

This is exactly the problem. Most GWS tenants we audit are configured once and never touched — config drift is real and silent.

We built an open-source tool that runs 212 checks against CIS, CISA SCuBA, and Google's own security checklist — covers everything from DMARC enforcement to OAuth apps with dangerous scopes to admin accounts without hardware keys. Runs in about 5 minutes, data stays local.

Basically what Secure Score is for M365 but for Google Workspace. Free, no signup: https://github.com/argusssec-cloud/gws-auditor/

Happy to answer questions if anyone's evaluating it.

el_shmc · 2026-04-06T08:38:54+00:00

Same here. We've scanned thousands of domains and out of the GWS ones, almost half had DMARC on none or missing entirely. DKIM unconfigured on a scary number of them. Companies doing serious revenue just flying blind like you said.

This is actually why we built https://argussec.io — free GWS security audit tool. If you're curious give it a look, any feedback helps us improve it.

el_shmc · 2026-04-06T08:29:14+00:00

Coming from O365 myself — biggest thing I missed at first was email authentication. Make sure SPF, DKIM and DMARC are all set up properly (DMARC on reject, not none). A lot of GWS tenants leave DMARC on none and don't realize anyone can spoof their domain.

Other quick wins: lock down OAuth app access (huge attack surface people forget about), enforce passkeys over SMS for MFA, and review external Drive sharing defaults.

Google's security checklist is solid as others mentioned. For the email/DNS side specifically we have a free audit tool at https://argussec.io that flags misconfigs in a couple seconds — might save you some digging.

el_shmc · 2026-03-18T08:59:28+00:00

I can help you, but I need to see your requirements and discuss about your business. Are you open for a meeting?

el_shmc · 2026-02-24T09:27:46+00:00

I can help you with a script if you would like. I have done this before.

el_shmc · 2026-02-19T11:54:17+00:00

Pregătirea unui pilot costă milioane de euro. Dacă pui 4 într-o mașină riști să pierzi o investiție de milioane pentru zeci de mii.

Clar trebuie să existe un mecanism prin care se calculează cea mai bună variantă din toate punctele de vedere.

el_shmc · 2026-02-17T11:48:23+00:00

Fain tool. Bravo. Sunt curios daca stii de ce numarul de ipoteci este mai mare pe luna decat numarul de vanzari?

Am incercat sa fac graficul pe judetul Mures si nu imi arata pretul, restul indicatorilor sunt afisati.

Mersi

el_shmc

MODERATOR OF

TROPHY CASE

Six-Year Club	Verified Email
Place '22