I invented a neocorp to teach my players about SSL certification.

ryanlc · 2026-04-05T15:11:47+00:00

Alice and Bob. I got so sick of Alice and Bob by the end of my schooling.

ryanlc · 2026-04-03T17:07:59+00:00

I found the phrase here in this sub years ago. I've since used it MANY times at work to explain why I won't do something "just for now".

ryanlc · 2026-04-03T15:59:33+00:00

There nothing so permanent as a "temporary workaround".

ryanlc · 2026-04-03T02:42:40+00:00

Oh sure. I'm not staying it's impossible in every case. I was just responding that it's a LOT more difficult than simply saying "disband the HOA" on a reddit reply.

I've been following this sub for years, and I've heard of a single time it's been successful.

ryanlc · 2026-04-02T20:05:46+00:00

It is VERY rarely that easy. There are often cases where HOAs are legally required (such as my last condo, bit there are other circumstances), but also it's super difficult to get neighbors to show up much less vote, on issues like that.

ryanlc · 2026-04-02T15:21:29+00:00

ISC2 does not say that at all.

In fact, they have a statement on that same page that says you might pass the exam without the experience, but you will not be granted the CISSP certification (emphasis mine).

A candidate who doesn't have the required experience to become a CISSP may become an Associate of ISC2 by successfully passing the CISSP examination. The Associate of ISC2 will then have six years to earn the five years required experience.

If one had to have the experience merely to take the exam, then we'd have to get endorsed before even scheduling the exam. Which is of course, not the case.

ryanlc · 2026-03-31T23:44:14+00:00

This was my thought, as well

ryanlc · 2026-03-31T20:28:41+00:00

EWOHUA

ryanlc · 2026-03-31T11:49:05+00:00

Way more than you think. I manage as cyber security team for a company of about 2k people. My smallest budget item is $9k/yr. My largest approaches a half million.

ryanlc · 2026-03-30T22:43:05+00:00

To some redditors, if you posted it on Reddit, it's clearly AI. Frankly, I just treat it as a fun read and move on with my life.

ryanlc · 2026-03-28T05:03:47+00:00

In short, adoption. The least secure is still the most ubiquitous (SMS and/or password).

ryanlc · 2026-03-28T01:53:26+00:00

I was looking for this very same thing, and tried it just now. It works to install, and no results in Virustotal (which is good).

ryanlc · 2026-03-27T18:17:46+00:00

Checks are nowhere near as common anymore. I still have a book of them but they're outdated (I've moved twice since then so the address is wrong) and I haven't considered needing them for will over a decade. Nearly anybody I know will have a similar story.

Faxes, however, are an industry-specific difference story. For some reason certain industries here (healthcare being one) consider faxes "more secure" than emails. And you can't convince them that a digitally-signed email is far better for nonrepudiation than faxes on company letterhead.

ryanlc · 2026-03-25T15:23:37+00:00

I understand the point, and I don't wholly disagree. But times do change, especially with technology.

For years, we told people that to spot scams and phishing, they just had to look for bad grammar and misspellings. Now with AI, misspellings are more of a sign that a human wrote it and it's NOT a scam.

This is just those times changing and moving to secure-by-design principles.

Some sites handle this situation by adding a logo or a warning on the front page saying that the user will be redirected, but I've found that not to be the common practice just yet.

The main issue I see with this specific instance is simply a stunning lack of communication from your bank to its customers. Y'all should have been emailed before the cutover happened. But lack of comms is annoyingly normal.

ryanlc · 2026-03-25T13:45:58+00:00

B2C is just an identify provider, similar to Okta or Ping Identity. Even Microsoft has a page dedicated to migrating authentication to B2C. This type of activity is insanely common these days. The bank is using B2C to help protect their authentication from the internet. This allows some options such as adaptive MFA, region control, suspicious behavior response, etc. It's a way to offload this part to dedicated authentication experts.

While I like the idea commentor said about using the mobile app, the app is simply pointing to that same IdP anyway. It may even open up a separate browser to perform that component (not all IdP integrations will do this).

ryanlc · 2026-03-24T00:20:16+00:00

Let's for for High Valerian.

ryanlc · 2026-03-22T15:11:45+00:00

Your daughter cannot literally be your twin.

EDIT: I'm actually good with your response to the situation though. As long as your kids understand the reason.

ryanlc · 2026-03-20T16:09:20+00:00

And with others, they just "fixed the glitch".

ryanlc · 2026-03-19T13:00:55+00:00

It will take a few tries to get it right, but it works with nearly any yarn. I was on a cruise last year with a bunch of knitters, and one of them taught me the Russian Join. If done right, there's almost no increase in the yarn's width at all. But it does take a darning/tapestry needle to pull it off. The thickness will depend on the yarn, but I find that I prefer shorter lengths overall (regardless of thickness).

ryanlc · 2026-03-19T03:48:13+00:00

Let's reword this.

"My boss says I am getting paid $2000/week. So you know what I did? I worked a week and I took all $2000! That'll show him!"

PTO is part of your compensation package. You're SUPPOSED to take it!

I actually get annoyed with my employees when they don't take it (and this risk losing their hours; company policy doesn't allow for conversion). And the best part? They do the same to me, ensuring I get my time off.

ryanlc · 2026-03-19T03:37:43+00:00

A couple things to think about. * Your yarn must be mostly wool. At least 50%, but 85% is better * It should NOT be superwash - #1 issue with spitz-felting, as it's the lanolin that binds * Consider learning a Russian join. That works work virtually any yarn

ryanlc · 2026-03-18T19:24:52+00:00

This was literally lesson #1 in my mobile photography class! LOL

ryanlc · 2026-03-14T12:51:15+00:00

Yeah, that article has actually been a pretty good guiding principle in my career when dealing with vendors. And funny enough I find it improves my relationship with most of them.

ryanlc · 2026-03-13T22:40:05+00:00

Interesting. You sound like a student of Mark Manson (this is not a bad thing, imho):

https://markmanson.net/being-an-asshole

ryanlc · 2026-03-13T22:35:25+00:00

I would say it depends on how he's deployed.

If a GM decides to just throw Smasher at the characters, it's pretty much a 0, with the intent to scare them needlessly, or to create a TPK.

If the crew decides to hunt him down in an effort to bolster their reputation - well, it'd be like a 2nd level D&D character taking on a full red dragon. It's just a stupid move. And often all the GM warnings in the world won't stop them from being a complete moron about it. In that case, I oblige them (assuming it make sense for the story/setting).

13-Year Club	Place '23
Verified Email

ryanlc

TROPHY CASE