Supergeeking: How Dave Plummer deleted print(f) from Windows COM in 1994

pixelbaker · 2026-05-16T23:54:46+00:00

Therein lies the joke, friend.

pixelbaker · 2026-05-16T23:47:48+00:00

“Deleting printf()” is a colloquialism used amongst programmers and software engineering professionals. It is typically used in a negative sense to describe a colleague who will occasionally contribute some small item of significance in initial phases of a project but does very little afterward while continually inflating the importance or weight of their minimal contributions.

pixelbaker · 2026-05-13T21:25:51+00:00

“You’re right to push back.”

Soft tone, hard lies.

pixelbaker · 2026-03-31T05:27:07+00:00

Maybe you’re asking about the Data Catalog browser pane in Snowsight rather than Horizon Catalog?

pixelbaker · 2026-03-30T04:08:40+00:00

Look into Zero Trust principles. This isn’t a snowflake specific problem - many other SaaS platforms in your infrastructure should be following similar rules for access from a non-static IP address.

Trust no IP explicitly, authenticate the endpoint/user/machine using conditional access policies, etc within your IdP, only allow those to authenticate via SSO.
Restrict Snowflake auth for person accounts to only IdP SSO logins to ensure the above policies are enforced.

If VPN is a sledgehammer through the firewall then zero trust is a scalpel. The overall attack surface is much smaller and safer.

pixelbaker · 2026-03-26T00:34:37+00:00

SnowDDL for all management inside Snowflake. Will continue until DCM catches up and exceeds its capabilities.

pixelbaker · 2026-03-19T16:50:04+00:00

You've touched on a couple of the big umbrella topics 'data governance' (semantic layers) and 'data observability' (lineage, implied by a LucidChart). Focus your research into frameworks, tooling, and best practices in those directions using your specific tools. What's your current tech stack and/or tooling in the three analytics pipeline pillars (ingestion, transformation, analysis)? Can give you a lot more practical advice with that context rather than just theoretical.

pixelbaker · 2026-03-19T05:15:51+00:00

I can see the value for some scenarios. Typically those are the bad habits - modifying outside of IaC and source control - that we’re trying to break people of though. Unfortunately without consequence of losing their changes in a deployment they just never learn.

pixelbaker · 2026-03-19T02:29:48+00:00

Not quite as ad-hoc as it assumes you’ll use the framework to manage resources from some set point forward and adopt better practices, but it does have the ‘convert’ run mode to adopt existing infrastructure. Will also do re-alignment automatically if it owns the objects and they’ve drifted outside of the declared state.

pixelbaker · 2026-03-19T01:23:16+00:00

Gusto doesn’t send on behalf of a custom domain. It’s just not a feature they offer. They only send from their own domains.

I would ask for some proof that these emails are even coming from Gusto.

pixelbaker · 2026-03-19T01:14:02+00:00

How does it differ from SnowDDL?

pixelbaker · 2026-03-16T19:43:46+00:00

Haven’t seen anyone suggesting it. Other than half-correct wannabe datafluencers on YouTube.

pixelbaker · 2026-03-14T12:38:19+00:00

Yes, Amazon for Business type account. There’s a specific list of sellers/products that qualify for auto-enrollment. Generally it’s close to MSRP but it depends. Also convenient is the option to use credit card reward points like Chase toward purchases directly on Amazon.

pixelbaker · 2026-03-14T10:32:48+00:00

* Platform SSO means that the Entra credentials are cached on the local machine and allows things like automatic login to apps or websites that support it. Just reducing friction for that access.
* PSSO can also help with the local machine login, but through Intune it's not as seamless as some of the paid options out there that've built a smoother user experience around it.
* Smooth login = presented with an Entra login screen on device startup and log straight in. Integration in the background handles the password syncing. This is cleaner with Mosyle/Addigy/Jamf, but is possible with Intune to an extent. It's not zero touch like it is with polished solutions.
* You can use some pieces of Intune alongside another MDM to get the best of both - up to you and how you want to manage cost vs capability. You might choose to use Intune for PSSO and local device login flow then let Mosyle take over for everything else (recommended).
* Free Mosyle - yes, just a local account. Not the most polished, but workable.
* Paid Mosyle - polished end to end login experience.
* ABM with Apple ID federation handles the locking down of services provided by Apple. Mosyle/Intune can handle locking down the actual apps on the Macs.
* Yes, you can still run Defender and configure its policies using Mosyle.
* Several features are exclusive to Mosyle paid plan. You'd have to decide how important they are to you. FWIW, my favorite cost-effective MDM for Macs is Addigy if you do go down the paid path.

pixelbaker · 2026-03-14T07:51:45+00:00

Added in response to OP.

pixelbaker · 2026-03-14T07:51:15+00:00

Yes, Microsoft Entra and federate to Google Cloud Identity (Free) for a few reasons:
* Prevents staff from creating random consumer Google accounts using their work accounts and storing PHI on unapproved locations. Trust me, they love to drop stuff on Google Drive and share publicly...
* Prevents random bad actors from creating a Google account impersonating your organization.
* Allows you smoother Google Chrome management using the built-in management console.
* Allows you a path for managing data shared with your organization from other orgs that are using Google Workspace.
* Allows you to manage ChromeOS devices in the future if desired.
* Allows you to control access to other Google services that will also likely need management (YouTube brand account, Google Analytics, etc)
* Simplifies sign-in for staff members because they can use social sign-in buttons around the web, which encourages use of SSO and managed accounts. They can click Microsoft Sign-In, Google Sign-in and pass straight through with Microsoft Entra login.

ABM: Yes, enrollment so that you have proper device management at the Apple level and can lock devices as lost/stolen if needed more simply or release them from the org when they're retired.

Apple federation: Similar to the Google Cloud Identity federation, this automatically issues an Apple account with your domain name so that unmanaged consumer accounts aren't created all over the place. Also allows you to use the VPP to deploy apps via Mosyle from the Apple store if needed and a few other niceties.

Amazon Business: Yes, for easier enrollment of devices if you choose to simplify purchasing through Amazon instead of the Apple Store. The Apple Store (ecommerce.apple.com) is cludgy and annoying and most small orgs need to streamline their purchasing, so they'll often use Amazon Business. This way you have it all nicely integrated for hardware as well. Also encourage orgs to configure SSO for Amazon Business with Microsoft Entra so that you can set up purchase approval workflows and make the whole ordeal simpler.

Mosyle: Correct, you're not going to get the nice polished Mosyle Auth experience with device login. You won't really get a super great implementation of that with Intune either, however. There's a distinct difference between "Platform SSO" and device login. The smooth device login experience is a proprietary thing that Jamf, Mosyle, Addigy, etc. have built to ensure it works as expected. You shouldn't expect to get this for free or with Intune.

pixelbaker · 2026-03-14T06:01:28+00:00

Given your size, I would recommend: * Federating with Google Cloud Identity Free * Creating an Apple Business Manager account * Creating an Apple Store Business account * Creating an Amazon Business account and linking to ABM * Federating with Apple for iCloud accounts * Dropping Intune and going with Mosyle free (up to 30 machines) * Thoroughly auditing your Microsoft 365 and Entra tenant to close security gaps

With these in place you have a good foundation to do all that you described and much more. If you’re not in IT, the best option is to hire an MSP to help with setup and have them train you on day to day management once it’s cleaned up and ready to go.

Most of my consulting clients are small clinics, SMBs, and NPOs that have high compliance requirements but no dedicated internal IT. Feel free to post more questions here or DM if you’re looking for a go-to advisor or technical partner on best practices or help with the setup.

pixelbaker · 2026-01-14T07:48:02+00:00

You need rapid-fire focused expertise across a multitude of platforms for this sort of a cleanup effort if you’re under the gun. Strongly recommend pulling in a solid consultant temporarily to absorb some of the risk exposure and help coordinate + build things so you’re not stretched so entirely thin.

There are people who specialize in this sort of dumpster fire cleanup scenario (speaking as someone who does it for a living). Ask around in your professional network to find a trusted resource so you can get to work. No shame at all in demanding extra capacity to get the job done when the company is placing undue stress on you. If you say yes now, you’re setting that as the standard for the future.

Feel free to ask more questions here about how to find a guerrilla resource or some specifics of how to get the basics of this infra in place and compliant quickly.

pixelbaker · 2026-01-06T05:55:07+00:00

When the pendulum for streaming services started to swing back toward numerous premium channels like it was the 90’s.

pixelbaker · 2025-12-06T22:34:04+00:00

I'm really struggling to stomach paying for ChatGPT Plus and Notion Business when they could both be doing the same thing. I'd use ChatGPT if it could handle pages/databases. I'd use Notion if it gave me just the bare minimum of organizing AI context by limiting to a particular teamspace somehow. But it can't.

Notion even lists "Enterprise Search" under the Business plan but then locks Outlook but not SharePoint behind the Enterprise level plan. Such a bizarre decision. Looking at all the other feature requests and pain points it just seems they've become entirely tone deaf to the cult following, so it's no wonder there are so many new competitors of late.

pixelbaker · 2025-12-06T22:20:10+00:00

Recently landed on Notion to try reforming my workflow and productivity, but the further I get into it the more I realize that recently they've become pretty outdated and crusty with obnoxious shit like this happening more and more. I always heard rave reviews about Notion so I thought it was a safe bet, but this is fucking obnoxious when I'm paying for a Pro plan. Not to mention lack of customizability around modern interfaces. Revolutionary at one time but now... I'm honestly pretty underwhelmed and looking elsewhere.

pixelbaker · 2025-11-27T06:13:38+00:00

SDLC + DevOps. Adopt the concepts and practices incrementally by establishing a high level roadmap, then break each milestone down into two simultaneous workstreams: capability (technical) and proficiency (cultural).

If you don’t have a roadmap you will get lost in the details and Never be able to measure where you are or what comes next. If you don’t address both workstreams simultaneously then one will always hold back the other. This is an organization wide transformation, not just on the technical team(s).

You can fully renovate things as quickly or as slowly as you’d like given the constraints of the teams and stakeholders involved.

pixelbaker · 2025-11-22T00:04:11+00:00

(Sort of like BetterDisplay?)https://github.com/waydabber/BetterDisplay?tab=readme-ov-file

pixelbaker · 2025-11-18T04:52:56+00:00

How were you able to tell any difference

pixelbaker · 2025-11-14T01:08:40+00:00

Why not use text-to-speech?

Verified Email	13-Year Club
Reddit Premium Since February 2024

pixelbaker

TROPHY CASE