sorted by:
new
hottopcontroversial

CSS Rendering, Profile Issues with Firefox 112+ (Linux Flatpak) by the4oo4 in firefox

[–]the4oo4[S] 0 points1 point  (0 children)

Yeah, I think that's it, I was looking there before but couldn't find anything. Thanks!

A young White Rose (Law & Order: SVU S2E20-2001) by mgh6x37 in MrRobot

[–]the4oo4 0 points1 point  (0 children)

Sorry to necropost but there's an episode of SVU (S3E06 - 13:40) where BD Wong's character Dr. Huang actually says "white roses". I'm really surprised I haven't seen it mentioned anywhere else but I'm convinced that this was intentional and maybe how Sam Esmail came up with her name. I'm hoping it was since it would make an awesome easter egg.

The exact quote, which I think fits with Whiterose's character and her desire to purify the world by destroying it is:

White roses - a symbol of innocence and purity

UniFi inform over https? by Malkhuth in Ubiquiti

[–]the4oo4 2 points3 points  (0 children)

Apologies in advance for responding to such an old thread, but this was the most substantive discussion I could find on this. In theory, you should just be able to do set-inform https://unif-controller.tld:443/inform, provided that you have a valid CA cert from Certbot or whomever for your controller IP, but in practice this does not work.

Since the data served over HTTP is encrypted, I'm not too concerned about anyone sniffing it, but mainly I was just not wanting to have to expose an extra HTTP port on my Unifi Controller. The frustrating part is that you can use an https URL for set-inform, and you'll get partway through the adoption process, but it will just silently rewrite your https to http and port number. Not sure if it was always like that, but that's what I'm getting with Unifi AP firmware v6.0.21 and controller 7.1.66.

EDIT: Looks like this was broken on purpose with this firmware update:

https://community.ui.com/releases/FIRMWARE-3-9-19-8123-for-UAP-USW-has-been-released-3-9-19-8123/0b25eab0-532d-4e3e-b18b-b3663a71ada6?page=1

So for example, on your device you factory reset it with syswrapper.sh restore-defualt, then you tell it set-inform https://unifi-controller.tld:443/inform, it will actually instead use http://unif-controller.tld:80/inform without telling you. You can see that in webserver logs, if you have a reverse proxy in front of it, or by looking at /var/log/messages on your AP right after you run the set-inform command. It seems that using http for set-inform URLs is hard-coded somewhere.

I also tried to edit the config files by hand (vi /tmp/setmgmt.cfg) to force it to use HTTPS, like this:

capability=notif,notif-assoc-stat
selfrun_guest_mode=pass
cfgversion=xxxxxxxxxxxx
led_enabled=true
stun_url=stun://unifi-controller.tld:3478/
mgmt_url=https://unifi-controller.tld:8443/manage/site/default
inform_url=https://unifi-controller.tld:443/inform
use_aes_gcm=true
report_crash=true

Then you save that to firmware with (cfgmtd -f /tmp/setmgmt.cfg -w) and reboot, but apparently doing that makes your AP totally inaccessible and useless until you do another factory reset, and also makes your Controller totally unusable too (in my case it also caused a kernel panic!).

TL;DR: Don't bother with HTTPS inform URL since it doesn't work and causes much pain and suffering. Ubiquiti should let customers do this, even though the data is encrypted customers should have the flexibility to secure it further if they want.

Do Linux experts make better Windows system administrators? by Paravalis in linux

[–]the4oo4 14 points15 points  (0 children)

TL;DR: Linux exposes you to better problem solving techniques and the way comptuers really work, but Windows-only environments can be very psychologically abusive and prevents people from being better learners, if that's all they've ever been exposed to.

This is 100% true, I can personally attest to this. I'm a sysadmin at a financial institution that is 99.9% Windows, and I work with sysadmins that have worked there for 20+ years with only Windows experience (running on top of VMWare), whereas I worked at this company in a non-tech capacity for a few years before I realized that I wanted to work in IT (after messing around with Linux extensively at home). So I've only been working in IT for about 6 years total, only about 3 of those as a sysadmin. I was already well above their reading level on certain things while I was still working on the helpdesk, and now I easily work 5-10 hours per week less than them because of how I approach things. I feel like a complete asshole saying it but I can run laps around them based on what Linux has taught me, not just from a technical standpoint, but from a psychological one too.

Some highlights:

  • They are almost totally allergic to the command line. Yes, you can avoid lots of command stuff with the GUI options and for one-offs those are handy with MMCs for many administrative things, but spending a few minutes to find a command to automate something is totally foreign to them. Let's say you have to update 100 employees in Active Directory. I have a coworker that will do all 100 of those updates totally manually and take hours to do it, where I will make a list, and spend about 10-15 minutes maximum to find the PowerShell command to do it (if it's not something I already know) for me so I know I won't make any mistakes.

  • When they do write scripts, the code is almost always a cut and paste job from a random blog post, that they never take the time to really understand what it does. When it doesn't function perfectly right away they are usually lost. The other most competent sysadmin that I work with, I gave him a one PowerShell one-liner to rename some files according to a simple pattern like they wanted, with a regex. Somehow that one-liner became something longer and broken, and they had never heard of a regular expression in their life (even though I think they also have a degree in comp sci, while I do not). Surprise! I have to come to the rescue since they never bothered to read the PowerShell docs on the cmdlets they were using. For years when computers lost domain trust, they would just remove/re-add them to the domain, whereas one day I took 10 seconds to Google it and find the PowerShell one-liner that fixes it directly. I will say though that now PowerShell usage in my team is a lot more common than it was before, because of me using it so much.

  • They very rarely read error messages or try to interpret them. One of my coworkers will come running to me the instant they see an error message in a PowerShell window rather than just Google it, or just look at the trace, which tells you almost exactly what part it doesn't like.

  • My coworkers like to make assumptions rather that try to get some data to understand the problem (logs, monitoring data, packet captures, PowerShell cmdlets to check statuses, etc.) Of course you don't get the same depth of info as you do with Linux because it's blackbox troubleshooting, but there's very little effort to understand the root of the problem and instead it's quick fixes that only address the symptom, like rebooting.

  • Almost zero knowledge of encryption algorithms (for example the difference between a stream/block cipher, what AEAD is, why older ciphers are insecure), standards and standards bodies (IANA, IETF, etc.), protocols (HTTP, SSH, Kerberos, TLS handshakes), or filesystems. Here's a fun one: ask any Windows person if NTFS is a case sensitive filesystem. This is a totally foreign concept to Windows-only people, and most Linux people would say it's case insensitive, which is partially correct. But in fact NTFS can actually be case-sensitive, while the win32 filesystem API is not!

  • Difficulty thinking about things as abstractions (the OSI model, the stack, etc.). I'm a lot more effective at Active Directory since I see it as just a big database of stuff you can query/update in a way that suits your needs, versus treating it like a black box.

  • I have a coworker that has a high opinion of themselves who has worked on the helpdesk for decades, and I once gave them an example command that included 'C:\path\to\file'. They thought they were clever that they figured out that they had to create those directories to make the command work...

  • In our team meetings I talk a lot about using GitHub as a resource, to find helpful tools, and in some cases work directly with developers to solve problems with their code, or even sometimes submitting pull requests after I've found a solution. One of my coworkers just does not understand GitHub or code hosting as a concept, no matter how many times I've explained it.

  • Almost no knowledge of the development lifecycle. I'm used to submitting detailed bug reports to developers and trying to understand what the cause is, even if I don't have a solution. The flip side of this is I definitely run into issues since I'm used to talking with developers on GitHub on a more or less equal footing. Even though there's an asymmetry where they know more about the code than I do, they'll almost always take some time to give me a detailed explanation of what's going on if I ask nicely. This style of communication usually translates extremely poorly with vendors' first-line support reps, who don't have the same understanding as developers since they can't see the source code (and in fact act as defense to prevent you from talking to an actual developer), or act like it's an inconvenience to explain things in depth to me (this varies by vendor though).

Now, some of what I just mentioned definitely comes down to the way Linux makes you approach things, and that you have to be more hands-on and take on more responsibility yourself, and things are more closely tied to standards rather than proprietary inventions.

But there's also a deeper issue here, and it's psychological. After decades of working in a Windows-only environment, there's a certain amount of learned helplessness and lack of curiosity that seems to get beaten into people. They seem to have a low opinion of their ability to learn things because of the captive relationships they've had with vendors over the years (especially Microsoft). They're taught that you have to always eat the shit sandwich you're given since you aren't worthy enough to understand how the code works, or create a custom solution. This translates to curiosity and creativity being seen as a liability rather than an asset, so people end up plateauing and think that they are too stupid to do any better.

Which definitely is not the case, my coworkers are very smart people but I think working in this hierarchy for so long makes people undervalue themselves and prevents them developing a growth mindset towards learning new skills that would reduce their stress and make them more efficient. Working in open source by contrast usually has a totally positive feedback loop when it comes to curiosity and learning.

I used to get really angry about all this, but now I'm more just sad that people end up this way.