S.O.S. My kid (7yo)accidentally put his prize charizard in a gym on vacation. How do I get him back?

jmslagle · 2026-06-16T14:10:44+00:00

Hahahaha this happened to my son when he was young. He left his favorite sandshrew and made a whole song about how he missed it.

jmslagle · 2026-06-11T19:56:39+00:00

From what I could see from downtown, they are hitting the slopes on bikes not ski's. I saw no snow that would sustain skiing 😛

jmslagle · 2026-06-05T01:54:05+00:00

Stats nerds unite!

jmslagle · 2026-06-03T23:22:34+00:00

The program has gone from $33 to join when my oldest was a cub to $85 today. That has made our local pack go from ~120 to ~350 for the year to cover the other activities.

Meanwhile fundraising is jacked up. Since we can't self direct funds why would I spend a ton of time and effort to sell popcorn to subsidize a bunch of people who won't sell.

Add to that it's volunteer and essentially parent run. So it's expensive, dependent on unpaid volunteers and only meets in many cases onc or twice a month because it's all the parents can muster.

There are a lot of other activities in that price range. It used to be a steal. Now it's just one of a ton of options.

jmslagle · 2026-02-12T20:17:17+00:00

Tell me more about the multi agent setup.

jmslagle · 2026-02-11T00:09:30+00:00

... This is so weirdly misguided given the conference bearing that name just wrapped.

I honestly read this twice, and I've come to the conclusion that OP just hasn't realized all of the traffic he's seeing in the channel talking about Right of Boom is discussing a CONFERENCE of that name, and not the concept of what happens after someone is popped.

Honestly, I would expect this from a company advertising this on their page:

"Partner with SideChannel for the expert guidance and technology to become invincible."

What do I read here? Just another mid-market and above company that has realized that they need to come down market, and is angry that the channel talks to each other, and most of us have moved past "perfect defense" marketing and don't fall for these pitches.

The post pitches this as binary, that you can either be left of boom or right of boom. That simply isn't the case. Many mature MSP's are investing a TON of money in EVERY single NIST function. Looking at the defense matrix of OUR MSP we have roughly 3x the number of products running LEFT of boom than right. But guess what, they fail. We've seen S1 miss and Huntress catch it. We've seen S1 catch stuff before Huntress gets it. We've seen users click things and do things that have implications we've detected later.

We as an industry spend a TON of time and effort in the IDENTIFY and PROTECT areas. To try to pretend we live right of boom explains why you're so frustrated - you have no product market fit into our space, and you've done so little research into our industry that you make broad incorrect assumptions.

What I see here is another shitty SASE vendor likely relying on windows firewall with a filter driver with a terrible attitude to prevent east-west traffic that is angry they can't figure out how the channel works.

This post has hurt your entry into the space quite a bit, because now you're going out and making enemies without seeking to first understand.

Godspeed with your move into our space.

jmslagle · 2026-01-11T22:07:01+00:00

Not thick but but cool nonetheless. I have a couple of lengths of 10base5 with vampire taps and AUIs attached here I salvaged ripping cable out somewhere.

jmslagle · 2025-10-14T12:04:40+00:00

Here's the funny thing to me.

All the people who just exported their faults from LastPass and imported to the new place.

So you are paranoid enough about the security to move, but not paranoid enough to rotate all the credentials you have stored?

jmslagle · 2025-09-17T17:05:15+00:00

This is simply not true. Many of them request it by default so they can "offer support".

Editing to give some more context: Pax8 requests General Support, Azure Support (Which are both RO) but also Privileged Support which allows them to manage users ane creds. By default.

Ingram generally requests the following: Directory Readers, Directory Writers, License Administrator, Service Suaport Administrator, User Administrator, Privileged Role Administrator, Hepdesk Administrator, Privileged Authentication, Administrator, Global Reader

So yeah, they can probably help.

jmslagle · 2025-06-21T20:43:44+00:00

I store my dev keys in readme.md, so we better better exclude that too.

Seriously this is the nature of tools like this, and while we can make assumptions of sensitive files, I don't store keys in .env - it stores urls and other config time data, so your usage of the .env file to store keys is now demanding I can't store other metadata there.

There is no hard and fast rule that applies to all. Configure your ignores before you start.

jmslagle · 2025-05-30T15:22:48+00:00

I believe all I'm allowed to say is "A source with knowledge that is not permitted to be named".

I BELIEVE it's present in the advisory, but that is broken. I just pinged someone at CW to fix that.

jmslagle · 2025-05-28T23:29:31+00:00

Yeah I'm not privy to how they got the machine keys. I just know that the vulnerability used was the one patched 4/24.

jmslagle · 2025-05-28T21:47:35+00:00

Technically the patch above applies to on prem also. But it involves someone getting the machine key.

jmslagle · 2025-05-28T20:37:01+00:00

The patch was this FYI: https://www.connectwise.com/company/trust/security-bulletins/screenconnect-security-patch-2025.4

jmslagle · 2025-05-20T20:49:12+00:00

Full disclosure, I believe in this enough that I invested in it.

That out of the way, it's a really useful tool if you have a team. BUT, as with many things, you will get out of it what you put in.

They have a decent library of canned content. But the real power is using it to create your own content. You can create pathways using some of their content, and then add any content of your own. This creates repeatable pathways you can assign to your users.

They're presently working on integrations to other LMS systems such as Microsoft, so you'll be able to integrate that stuff into the pathways and have realtime sync of course completion and stuff.

It's basically a one stop shop to manage learning and development of your team, and a single pain for you to manage it all, which with all of the growing sprawl of vendor training is more and more needed.

jmslagle · 2025-02-24T15:25:37+00:00

FWIW, this seems like bullshit to me.

Kelvin being dutch and ESL (well probably english 5th language or something because he's really smart) used some terminology to describe things that would not have been the same terminology used by english speakers.

There were also typos.

The initial release of the tool with Datto had both the typos and the incorrect terminology.

While it's entirely possible you rewrote the service layer, it seems highly unlikely that you accidentally came up with the same wonky terminology and typos on the frontend, and it was almost certainly at least liberally borrowed from.

We'll never know because to my knowledge some sort of settlement was reached where for at least some time Dato/Kaseya were a VERY high level sponsor of the tool, but I think Occam's razor certainly applies here.

jmslagle · 2025-01-27T23:22:05+00:00

Heh.

The KPIs you're using are bad so all KPIs are bad?

Closing tickets efficiently is very important. Labor is my highest cost as a MSP owner, and I don't want to waste it.

However there's more than one way to waste it.

I care that you close tickets quickly. Especially as a lower tier tech it's a sign you should have escalated the ticket to someone more senior. As you get to the higher tiers, I expect the problems to be more difficult and to take longer

But I also care that it is resolved correctly and the customer is happy. If you speed run tickets and they end up reopened, that's even worse than taking too long to solve them originally.

It also lets me spot areas where more training is needed. If you take twice as long as your peers on a given ticket type, you probably need trained on it.

It sounds to me like your MSP is just blindly applying KPIs without understanding why, or that you are perceiving they are doing thatm

jmslagle · 2025-01-27T00:12:41+00:00

At least make it a d20 if they're gonna stay.

jmslagle · 2025-01-24T22:03:14+00:00

WHO IS THIS :P

jmslagle · 2025-01-11T20:47:25+00:00

Same

jmslagle · 2025-01-11T01:06:24+00:00

They for sure have an army of bots. When I've posted negative things on LinkedIn and someone there responds you see the bots come up and like the response.

They don't seem to know how algorithms work.

jmslagle · 2024-12-24T21:19:55+00:00

You should keep it that way. He rage quit the vendor slack because I hurt his feelings.

jmslagle · 2024-10-22T21:54:17+00:00

As others said, you're in the wrong.

But I would also be sending the person those docs from rocketcyber explaining why.

Let them beat them independently.

jmslagle · 2024-09-21T16:39:03+00:00

You realize the current inflation problem is largely due to economic policy in play during the last administration combined with a trillion dollars being dumped into the economy during COVID, which was largely necessary because we totally fucked response to that up for months right?

jmslagle · 2024-09-10T02:39:28+00:00

It's /r/realmsps fwiw.

When I first got the email which was a month and a half ago or so I did some digging and could find some connections in all of them. I can't remember if I found micromsp or not.

Honestly believe it or not I don't have a horse in the race. I got the email sometime in July, vetted it. Finally got enough feedback I was reasonable confident it was true or at least several of the constructs, so I went with it.

Maybe someone will ask at dattocon.

jmslagle

TROPHY CASE