The OFFICIAL tech stuff thread
-
@Pakoon said in The OFFICIAL tech stuff thread:
@Hog said in The OFFICIAL tech stuff thread:
Cybersecurity strategist and former FBI counterintelligence official Eric O’Neill:
“If the U.S. government needs to bail out CrowdStrike, which I believe is too big to fail, then taxpayers will bear the burden”
I really hope this guy is a paid CrowdStrike lobbyist because then he’d just be an asshole. Otherwise, if some incompetent maker of a Norton Antivirus equivalent is considered “too big to fail”, the corporate kleptocracy has cemented itself in your countries DNA and you’re fucked.
As a CRWD shareholder, I’m glad that this was just a technical glitch and didn’t happen because of a cyberattack lol
Well that’s kind of funny too. I was reading numbers that Microsoft put out of how many machines were knocked out and it was it was
ordersan order of magnitude greater than the worst malware caused outage so far. -
Musk is an idiot
-
@Hog said in The OFFICIAL tech stuff thread:
@Pakoon said in The OFFICIAL tech stuff thread:
@Hog said in The OFFICIAL tech stuff thread:
Cybersecurity strategist and former FBI counterintelligence official Eric O’Neill:
“If the U.S. government needs to bail out CrowdStrike, which I believe is too big to fail, then taxpayers will bear the burden”
I really hope this guy is a paid CrowdStrike lobbyist because then he’d just be an asshole. Otherwise, if some incompetent maker of a Norton Antivirus equivalent is considered “too big to fail”, the corporate kleptocracy has cemented itself in your countries DNA and you’re fucked.
As a CRWD shareholder, I’m glad that this was just a technical glitch and didn’t happen because of a cyberattack lol
Well that’s kind of funny too. I was reading numbers that Microsoft put out of how many machines were knocked out and it was it was
ordersan order of magnitude greater than the worst malware caused outage so far.I say at work that the security department is our greatest threat. No joke, one initiative is going to absolutely kill us from now on, it’s going to be a bunch of mother may I requests to gain access and bad policy deployment shutting us down.
https://i.imgur.com/hX2CMMZ.jpg
Never go full Lithu-
TwainNo editing is gonna save you now-
Wingmannhttp://s3.amazonaws.com/rrpa_photos/72217/DSC_2528.JPG
http://s3.amazonaws.com/rrpa_photos/20416/PTOB 101_resize.jpg
-
@Kilemall said in The OFFICIAL tech stuff thread:
@Hog said in The OFFICIAL tech stuff thread:
@Pakoon said in The OFFICIAL tech stuff thread:
@Hog said in The OFFICIAL tech stuff thread:
Cybersecurity strategist and former FBI counterintelligence official Eric O’Neill:
“If the U.S. government needs to bail out CrowdStrike, which I believe is too big to fail, then taxpayers will bear the burden”
I really hope this guy is a paid CrowdStrike lobbyist because then he’d just be an asshole. Otherwise, if some incompetent maker of a Norton Antivirus equivalent is considered “too big to fail”, the corporate kleptocracy has cemented itself in your countries DNA and you’re fucked.
As a CRWD shareholder, I’m glad that this was just a technical glitch and didn’t happen because of a cyberattack lol
Well that’s kind of funny too. I was reading numbers that Microsoft put out of how many machines were knocked out and it was it was
ordersan order of magnitude greater than the worst malware caused outage so far.I say at work that the security department is our greatest threat. No joke, one initiative is going to absolutely kill us from now on, it’s going to be a bunch of mother may I requests to gain access and bad policy deployment shutting us down.
We are in a threat environment though where security teams absolutely need to be more proactive. It seems like there are weekly breaches anymore and probably far more than we ever know about. They have to not only worry about mistakes by employees but also security holes in the software they purchase. They annoy the shit out of me too, but I have also seen details of some of the attack attempts on our company and it’s pretty scary.
-
@Gators1 said in The OFFICIAL tech stuff thread:
@Kilemall said in The OFFICIAL tech stuff thread:
@Hog said in The OFFICIAL tech stuff thread:
@Pakoon said in The OFFICIAL tech stuff thread:
@Hog said in The OFFICIAL tech stuff thread:
Cybersecurity strategist and former FBI counterintelligence official Eric O’Neill:
“If the U.S. government needs to bail out CrowdStrike, which I believe is too big to fail, then taxpayers will bear the burden”
I really hope this guy is a paid CrowdStrike lobbyist because then he’d just be an asshole. Otherwise, if some incompetent maker of a Norton Antivirus equivalent is considered “too big to fail”, the corporate kleptocracy has cemented itself in your countries DNA and you’re fucked.
As a CRWD shareholder, I’m glad that this was just a technical glitch and didn’t happen because of a cyberattack lol
Well that’s kind of funny too. I was reading numbers that Microsoft put out of how many machines were knocked out and it was it was
ordersan order of magnitude greater than the worst malware caused outage so far.I say at work that the security department is our greatest threat. No joke, one initiative is going to absolutely kill us from now on, it’s going to be a bunch of mother may I requests to gain access and bad policy deployment shutting us down.
We are in a threat environment though where security teams absolutely need to be more proactive. It seems like there are weekly breaches anymore and probably far more than we ever know about. They have to not only worry about mistakes by employees but also security holes in the software they purchase. They annoy the shit out of me too, but I have also seen details of some of the attack attempts on our company and it’s pretty scary.
Ya I put up with it, and due to one event we did get literally the hacking world come at us years ago, it would have been far worse today. And the stupid Change Healthcare thing is still affecting us, I’m literally implementing something next week cause vendor morons.
But the internal guard threat is going to get us too and I’m on pins and needles every time they put up a change for review.
https://i.imgur.com/hX2CMMZ.jpg
Never go full Lithu-
TwainNo editing is gonna save you now-
Wingmannhttp://s3.amazonaws.com/rrpa_photos/72217/DSC_2528.JPG
http://s3.amazonaws.com/rrpa_photos/20416/PTOB 101_resize.jpg
-
@Kilemall yeah, there is definitely a balance to be had there. Unfortunately a lot depends on how rational the security head is because the rest of management will tend to defer toward their judgement unless they go completely overboard and it affects the business. We have a pretty good relationship with security where I work as it’s not overbearing or requiring a lot of extra work, but they also limit what we are able to do and we have to work around quite a bit.
-
Every time my contract renews (ie every three months) I lose access to systems I need to do my job. It takes up to a week to sort it out. Every time they refresh the non-production systems from the production system - same loss of access and time to restore. We add a ridiculous number of objects to the same security profiles to avoid the 6 to 8 week lead time it takes to get the security to create a new one. My Zscaler PRA session locks every ten minutes regardless of whether I’m still working on my desktop and won’t let me copy / paste my 128 bit password in from KeepassXC so it incentivizes the shortest and crappiest passwords you can get by with. Some policy change they made for Teams on Android recently would have required me to install some extra Microsoft security thing that ceded control of my personal phone to the company and I thought, well that’s easy, I’ll just uninstall Teams. No more pinging me out of hours when the SHTF, you’ll have to wait until Monday when I log in to the desktop client.
I could go on and on but IT where I work is a dumpster fire in general. In fact I’d have to estimate that since I started I’ve either been locked out of the tools I need or they are broken for > 5% of the time I’ve worked there. One recent issue meant I couldn’t work for nearly two weeks and I had AMS, BT and Cognizant bounce me around between the three companies while IT middle management were begging someone to fix it so I could support the business.
It was shocking to me when I started at that place but everyone is like that’s the way it is.
-
That sounds bad Hog. If security makes it that difficult to do your job, then they are failing at theirs. In theory there should be pushback from your department leadership, not to reduce security but to find more efficient tools or whatever to accomplish their objectives without disrupting productivity.
-
-
Nice…so next question, what made Bo so fast in Tecmo Bowl?
-
DEI?
It also took me a year.or two before I found out you could use the controller to move the ducks
-
@Hog said in The OFFICIAL tech stuff thread:
so it incentivizes the shortest and crappiest passwords you can get by with
this is so dumb and the fact companies still do this is … frustrating.
This was from when again? 2012?
-
@madrebel said in The OFFICIAL tech stuff thread:
@Hog said in The OFFICIAL tech stuff thread:
so it incentivizes the shortest and crappiest passwords you can get by with
this is so dumb and the fact companies still do this is … frustrating.
This was from when again? 2012?
-
@madrebel said in The OFFICIAL tech stuff thread:
@Hog said in The OFFICIAL tech stuff thread:
so it incentivizes the shortest and crappiest passwords you can get by with
this is so dumb and the fact companies still do this is … frustrating.
This was from when again? 2012?
That’s assuming it’s accidental. May be government types tipped the hands in the scales to keep accounts hack able when they want to.
OTOH with AI amuck guessing people’s pet plain word phrases may be simpler.
-
Conversing with people who are responsible for these security policy issues, when you can find them, is worse than trying to talk to a wall.
In order to log into my banking site, I have to use a user ID and Passcode and then a code generated by an RSA token associated with my account.
Why must I change the passcode every 3 months. I remember about 20 more than passcodes as it is without changing any of them!
My investment house used to use a User ID and Passcode and then on the next page you had to pick one of about 50 images and then type the caption. So I chose a bunch of red grapes and the caption was Pinot Noir. Then one day, they went back to User ID and passcode on the same page and eliminated the images. I bitched like a mad-man to no avail.
Banking (company)
Banking (private)
ATM (company)
ATM (private)
Investment house (Me)
Investment house (wife)
SSN Gov ID
Northwell Health
NYU Langone Health
Quest Diagnostic
Bioreference Labs
Sunset Labs
Honeywell thermostats
Honeywell alarm system(s)
Digital door locks
various old-school combination keyless padlocks
Various and sundry customer VPN logins including VMWare Horizon accounts (also RSA token-protected)
Verizon business accounts
Verizon private accounts
The list goes on.I’m a fucking boomer! I do not reuse passcodes.
How the fuck wilI I remember all of this shit when I actually get old!!!"laissez les bons temps rouler!"
-
@Kilemall said in The OFFICIAL tech stuff thread:
@madrebel said in The OFFICIAL tech stuff thread:
@Hog said in The OFFICIAL tech stuff thread:
so it incentivizes the shortest and crappiest passwords you can get by with
this is so dumb and the fact companies still do this is … frustrating.
This was from when again? 2012?
That’s assuming it’s accidental. May be government types tipped the hands in the scales to keep accounts hack able when they want to.
OTOH with AI amuck guessing people’s pet plain word phrases may be simpler.
fair point.
-
@Jam said in The OFFICIAL tech stuff thread:
Conversing with people who are responsible for these security policy issues, when you can find them, is worse than trying to talk to a wall.
In order to log into my banking site, I have to use a user ID and Passcode and then a code generated by an RSA token associated with my account.
Why must I change the passcode every 3 months. I remember about 20 more than passcodes as it is without changing any of them!
My investment house used to use a User ID and Passcode and then on the next page you had to pick one of about 50 images and then type the caption. So I chose a bunch of red grapes and the caption was Pinot Noir. Then one day, they went back to User ID and passcode on the same page and eliminated the images. I bitched like a mad-man to no avail.
Banking (company)
Banking (private)
ATM (company)
ATM (private)
Investment house (Me)
Investment house (wife)
SSN Gov ID
Northwell Health
NYU Langone Health
Quest Diagnostic
Bioreference Labs
Sunset Labs
Honeywell thermostats
Honeywell alarm system(s)
Digital door locks
various old-school combination keyless padlocks
Various and sundry customer VPN logins including VMWare Horizon accounts (also RSA token-protected)
Verizon business accounts
Verizon private accounts
The list goes on.I’m a fucking boomer! I do not reuse passcodes.
How the fuck wilI I remember all of this shit when I actually get old!!!That’s actually a good point. In my efforts to manage my dad’s shit, I have been dealing with companies very reluctant to allow me access to his accounts even though I have a POA. How does the government verify lost passwords or prevent hacking and shit? “Hi government, my name is Jam and I am a huge Kamala supporter and need my password to vote for her! What’s my passphrase? Some shit about wine or something. No? Shitty British car? I am in! Thanks!”
Not to mention the Democrats will flip out if the access is difficult and it prevents morons from voting.
-
@Jam said in The OFFICIAL tech stuff thread:
Conversing with people who are responsible for these security policy issues, when you can find them, is worse than trying to talk to a wall.
In order to log into my banking site, I have to use a user ID and Passcode and then a code generated by an RSA token associated with my account.
Why must I change the passcode every 3 months. I remember about 20 more than passcodes as it is without changing any of them!
My investment house used to use a User ID and Passcode and then on the next page you had to pick one of about 50 images and then type the caption. So I chose a bunch of red grapes and the caption was Pinot Noir. Then one day, they went back to User ID and passcode on the same page and eliminated the images. I bitched like a mad-man to no avail.
Banking (company)
Banking (private)
ATM (company)
ATM (private)
Investment house (Me)
Investment house (wife)
SSN Gov ID
Northwell Health
NYU Langone Health
Quest Diagnostic
Bioreference Labs
Sunset Labs
Honeywell thermostats
Honeywell alarm system(s)
Digital door locks
various old-school combination keyless padlocks
Various and sundry customer VPN logins including VMWare Horizon accounts (also RSA token-protected)
Verizon business accounts
Verizon private accounts
The list goes on.I’m a fucking boomer! I do not reuse passcodes.
How the fuck wilI I remember all of this shit when I actually get old!!!Often you can just talk them into bypassing all security and doing what you want, so it’s really twice stupid.
-
@tigger said in The OFFICIAL tech stuff thread:
@Jam said in The OFFICIAL tech stuff thread:
Conversing with people who are responsible for these security policy issues, when you can find them, is worse than trying to talk to a wall.
In order to log into my banking site, I have to use a user ID and Passcode and then a code generated by an RSA token associated with my account.
Why must I change the passcode every 3 months. I remember about 20 more than passcodes as it is without changing any of them!
My investment house used to use a User ID and Passcode and then on the next page you had to pick one of about 50 images and then type the caption. So I chose a bunch of red grapes and the caption was Pinot Noir. Then one day, they went back to User ID and passcode on the same page and eliminated the images. I bitched like a mad-man to no avail.
Banking (company)
Banking (private)
ATM (company)
ATM (private)
Investment house (Me)
Investment house (wife)
SSN Gov ID
Northwell Health
NYU Langone Health
Quest Diagnostic
Bioreference Labs
Sunset Labs
Honeywell thermostats
Honeywell alarm system(s)
Digital door locks
various old-school combination keyless padlocks
Various and sundry customer VPN logins including VMWare Horizon accounts (also RSA token-protected)
Verizon business accounts
Verizon private accounts
The list goes on.I’m a fucking boomer! I do not reuse passcodes.
How the fuck wilI I remember all of this shit when I actually get old!!!Often you can just talk them into bypassing all security and doing what you want, so it’s really twice stupid.
Mostly you have to convince them you’re the right person so they don’t eat a loss from fraud.
https://i.imgur.com/hX2CMMZ.jpg
Never go full Lithu-
TwainNo editing is gonna save you now-
Wingmannhttp://s3.amazonaws.com/rrpa_photos/72217/DSC_2528.JPG
http://s3.amazonaws.com/rrpa_photos/20416/PTOB 101_resize.jpg
-
@Kilemall said in The OFFICIAL tech stuff thread:
@tigger said in The OFFICIAL tech stuff thread:
@Jam said in The OFFICIAL tech stuff thread:
Conversing with people who are responsible for these security policy issues, when you can find them, is worse than trying to talk to a wall.
In order to log into my banking site, I have to use a user ID and Passcode and then a code generated by an RSA token associated with my account.
Why must I change the passcode every 3 months. I remember about 20 more than passcodes as it is without changing any of them!
My investment house used to use a User ID and Passcode and then on the next page you had to pick one of about 50 images and then type the caption. So I chose a bunch of red grapes and the caption was Pinot Noir. Then one day, they went back to User ID and passcode on the same page and eliminated the images. I bitched like a mad-man to no avail.
Banking (company)
Banking (private)
ATM (company)
ATM (private)
Investment house (Me)
Investment house (wife)
SSN Gov ID
Northwell Health
NYU Langone Health
Quest Diagnostic
Bioreference Labs
Sunset Labs
Honeywell thermostats
Honeywell alarm system(s)
Digital door locks
various old-school combination keyless padlocks
Various and sundry customer VPN logins including VMWare Horizon accounts (also RSA token-protected)
Verizon business accounts
Verizon private accounts
The list goes on.I’m a fucking boomer! I do not reuse passcodes.
How the fuck wilI I remember all of this shit when I actually get old!!!Often you can just talk them into bypassing all security and doing what you want, so it’s really twice stupid.
Mostly you have to convince them you’re the right person so they don’t eat a loss from fraud.
Thankfully, I have never been able to convince anyone to bypass security and I can be very persuasive.
I did have am amusing experience once during a verification process.
Here goes . . .
And I guaranty that you will be entertained . . .
I went through a rather laborious oral/verbal authentication process with a financial institution and my patience was running very thin after about ten minutes.
I was asked my date of birth, which I provided . . .
Then I was immediately asked how old was i?“You fucking moron, I yelled! You just asked me my fucking birthday and now you want to know how old I am? What kind of a jerk are you, you idiot!!!”
“Sir, please calm down.”
“I’m not calming the fuck down you jackass! I’ve had about as much of you as I can stomach, asshole!”
"Sir, please . . . "
“The reason we ask how old a person is, just after asking their date of birth is that most scammers can’t answer the question without having to pause and try and compute the age of the person they are impersonating . . . and this has actually been a good way to know whether one is speaking to the right person.”
Pause . . .
More pause . . .
“Actually make sense,” says I.
“I guess I failed the test then?”
- YouTube
