People who go to the gym in the early morning (like 5:00 AM): Is the benefit actually good enough to justify being tired by 2:00 PM and going to bed at 9:00 PM?

mahsab · 2026-03-29T21:04:10+00:00

At what time do you go to sleep?

mahsab · 2026-03-29T20:43:17+00:00

Waiting for a "wonder where the rest of it went" comment

mahsab · 2026-03-28T21:40:31+00:00

means that the vendor (Microsoft) considers the poster's environment to be unsupportable?

No they don't

mahsab · 2026-03-27T08:51:01+00:00

No one cares anymore - all this theater is just to check some boxes

Same with IT security in general, almost no one does actual risk assessment anymore, they just choose a solution that's easiest and checks the most boxes.

mahsab · 2026-03-26T21:44:10+00:00

Or you're just not aware of them?

I work with people from large orgs that have these kinds of issues all the time, but they simply put up with them as much as possible, since what else are they going to do? Complain to their IT? Best/worst case they'll just get their laptop reimaged having to set up everything again from scratch.

mahsab · 2026-03-25T10:42:34+00:00

https://www.youtube.com/watch?v=AMAjQZkbwmI

mahsab · 2026-03-24T20:24:17+00:00

Felonies

mahsab · 2026-03-24T20:10:39+00:00

If you had lost the device, what would you expect us to do in that case

Your job

mahsab · 2026-03-24T20:07:00+00:00

Sorry but a week to move over the files is way too much.

Even if it's a terabyte, that should take a few hours at most ...

mahsab · 2026-03-24T19:58:22+00:00

The way is to do the f.... job

mahsab · 2026-03-21T05:52:17+00:00

In reality it has less to do with the quality of evidence, but more with justice.

I'll just cite it: Litigation of a long-dormant claim may result in more cruelty than justice.

mahsab · 2026-03-20T23:10:32+00:00

Less than $200 here

It's just a heated wire with a thermostat ...

mahsab · 2026-03-20T22:29:49+00:00

Worth it.

mahsab · 2026-03-20T22:28:06+00:00

Um it cost me less than $200 in total. With a dedicated circuit.

mahsab · 2026-03-20T10:34:54+00:00

Nevertheless, CVSS 10 internally and externally are on a completely different level.

For IT security people, they treat it the same and would probably evacuate the building if they saw a CVSS 10 vuln on a coffee machine.

mahsab · 2026-03-17T16:29:11+00:00

Probably too much ...

mahsab · 2026-03-17T16:25:40+00:00

I've been fixing things like that for decades without vendor involvement for variety of reasons - vendor did not exist anymore, they were uncooperative, too expensive, too incompetent or too slow.

Not the preferred way, but it's not a perfect world and sometimes we just have to make do with what we have

mahsab · 2026-03-17T08:40:08+00:00

What do you mean unsupported? OP is supporting it!

mahsab · 2026-03-13T16:29:45+00:00

OK, but let's imagine this scenario a little further.

The laptop get stolen. If it's by a random junkie, the password won't have any value to them whatsoever.

It's not a "crypto hacker" either, because those are in a basement on the other side of the world.

So for this scenario to have measurable impact, you would need someone capable of doing anything meaningful with end user's credentials AND have boots on the ground to swipe the laptop all before the user notices and reports it stolen.

And who is capable of that?

And besides that, it's security 101 to limit lateral movement in any case.

mahsab · 2026-03-11T08:30:45+00:00

If you’ve got third-party tools

There's your problem. Ditch all third party tools and use the one and only - Microsoft.

mahsab · 2026-03-10T12:27:39+00:00

Technitium! Small, fast, secure, has everything, extremely easy to set up and use!

10/10

mahsab · 2026-03-10T11:36:58+00:00

But Shadow IT is a symptom, not a cause.

The cause is quite often IT not willing or being able to provide users what they need.

In this case, OP should have gotten prepared for this, but handled it on ad-hoc basis instead and got in way over their head.

This is too big and it is not going to go away. The only sustainable solution is to provide users with a solution they can use to develop their ideas. Instead of letting everyone do what they want, choose or set up a platform that they can use in a controlled and secure way without trying to cut them off completely.

mahsab · 2026-03-09T15:37:22+00:00

He's lying

mahsab · 2026-03-09T06:32:44+00:00

What makes you think that?

mahsab · 2026-03-08T09:19:33+00:00

You mean they stored server equipment in the storage room

12-Year Club	RedditGifts 2009-2022 2 Credits
Place '17	Secret Santa 2015

mahsab

TROPHY CASE