* Posts by Jadith

24 publicly visible posts • joined 7 Nov 2018

Researchers find Meta's withdrawal of misinformation tool hard to swallow

Jadith

Re: What's disinformation?

While Biden's track record with minorities is not "openly" hostile, it was never really that great. Honestly, at this point, any good or bad done by either party feels entirely accidental. They would have to actually spare the American people a single thought in order for intentionality to be proven.

Before the next round of internet flame war starts, I should say I am voting for the candidate most likely to bring the whole current political situation down. Honestly, I don't think there is any saving what is there.

Essentially, voting for the lesser of two evils doesn't seem to do anything helpful, so might as well try the other option.

Techie installed 'user attitude readjustment tool' after getting hammered in a Police station

Jadith

Re: User attitude readjustment tool

Sorry about that, must be one of us Americans. Most of us don't even know that cricket is a sport, and it's not like we have teams or competations for it.

I will say, though, it is definitely a better percussive maintenance tool than a baseball bat.

Study finds a quarter of bosses hoped RTO would make employees quit

Jadith

Re: And the interesting thing is...

In my experience the people that stay the longest are usually the ones so bad at their jobs they have to stay put.

If you want to move up, in pay or position, the answer is usually to find something elswhere for one of two reasons. One, year over year pay rises barely cover inflation, if they do at all, but moving companies can get you 10-30%. Two, moving up usually means you have to wait your turn, which can mean the person currently in that position has to retire, leave, or get let go, which can take years if not decades.

The ones that stay put usually have no ambition, motivation, or ability to develop professionally, prefering to coast as long as they can. This tends to lead to folks with decaying skill sets as the industry changes and they don't keep up, which leads to greater difficulty if they ever did try to find a job elsewhere, meaning they stay put for longer.

Senate passes law forcing ByteDance to sell off TikTok – or face a US ban

Jadith

Re: OK, let's follow this through then..

I don't think the spying is really the big issue here. If it were, then I doubt it would have such support.

The big fear is the Chinese government having direct access to so many American viewers. Not much effort would be required to weaponize some propaganda and push it right in front of those eyeballs.

FBI and friends get two more years of warrantless FISA Section 702 snooping

Jadith

I see an oportunity here..

Step One: Contract with a call farm in Dubai, Pune, the Phillipines

Step Two: Have the scammers contact your targets with the usual (You have been hacked, the IRS is afer you, Rich uncle, doesn't matter really)

Step Three: Collect all the data you want on whoever you want wherever you want in the name of tracking these international criminals down.

Yanno, it didn't seem as simple in my head as it does now, written down.

Hey, do ya'll think this would be more or less morally corrupt than protecting cocaine traffickers in order to supply guns to folks in Nicaragua? Asking for a friend.

IBM accused of cheating its own executive assistants out of overtime pay

Jadith

Re: All By Design

The sad thing is how many people have been brainwashed into thinking that it's a choice between being treated with some basic dignity and respect, and having a job.

Thing is, in the US anyway, the brainwashing is a function of overwhelming evidence. Walmart is one example of a company notorious for using the 'slash and burn' strategy of closing stores to avoid unions.

Manufacturures here can always find someone cheaper, in cash and dignity, just a bit to the south. Go across the western pond and they can go even cheaper and find people even more willing to sacrifice dignity just to get the basics.

H-1B visa fraud alive and well amid efforts to crack down on abuse

Jadith

Re: When did the change happen?

BTW -- Coming to the US for work isn't what it used to be.

Work in the US isn't what it used to be at all, regardless of how you came about it.

Jadith

Re: When did the change happen?

It started in the early nineties with Indian outsourcing firms, at least according to the article. It's not suprising becasue this has been going on so long, at this point.

Honestly, i have learned to not apply to any job if the recruiter has an Indian looking name. Not that I have a problem with people from India, it's just that every time the first question in those situations are always about visa status. When you tell such a recruiter you are actually a citzen, the job is suddenly too advanced for you, if you hear anything back at all. Every. Single. Time. Same question, Same answer, same result.

The same happens if I go to interview and find out the staff is all H1-B (Management in these cases are often citizens, must be too hard to find someone with those elusive skills). About the only way you are getting that job is if they cannot find anyone with H1-B to do it (there is an H1-B skills gap out there, yanno). If you do get the job, there are some sotries out there to make you think twice about showing up. Those H1-B's are really valuable to folks and they don't want to see a citizen in the spot that could go to family or friends.

I don't blame the folks on the bottome. Heck, if I was in their spot, I would do the same. However, the companies running the fraud are terrible for doing it, all around, they wind up causing damage to just about everyone but themselves.

Bon Jovi, Billy Eilish, other musicians implore AI devs to think of humanity

Jadith

I definitely hear a song with some familiar beats

I feel for the artiss, truly. The same could be said for the masses of folks also put out by automation. Unfortunately, that's just the way it goes these days.

Automation may cause some people to lose their jobs, but it will mean better, higher quality jobs are created. On top of that, this should mean lower costs for consumers, which is a win win, right? At least, that is the line you hear every time automation transforms an industry. At this point in the game, however, so many people have had to go through this, the artists really don't have any sympathetic ears to cry to, as most people will just shrug and say "Guess it's just your turn."

Warning on SolarWinds-like supply-chain attacks: 'They're just getting bigger'

Jadith

Not much improved and not much likely to

The approach to shoring up secutiy is quite often to throw money at some consultants/security software/hardware etc.

While often these can improve and aid in securing systems, the problem is, has been, and will be cultural. As long as you have devs/executives/managers/etc that see even basic secure practices as bothersome or annoying (or even an affront to their ego) the attacks will continue to succeed. As long as you have sysadmins/IT managers/engineers unwilling to put their foot down and say no because that would be bad customer service, bad 'teamwork', or just not good soft skills, the attacks will continue to succeed.

No amount of money can protect you from being attacked if you store the ftp password in plain text on a public github repo. Sure, people like to make these attacks out to be super sophistcated spy v. spy level activitie. Writing the sophisticated tools, or listening in on the sophisticated communications, or injecting the sophisticated code is really just normal dev work in many cases. Gaining the access is often simple and about as unsophisticated as you can get while being the single most important part of the attack.

Honestly, until we start doling out consequences for leaving the door open instead of giving companies a pass beacuse "the attack was so expertly sophistacted" is how it is reported, people will continue to "prop the back door open with a rock" if you will.

Ford seeks patent for cars that ditch you if payments missed

Jadith

Re: Ah.

Possibly Tesla....so far.

Microsoft begs you not to ditch Edge on Google's own Chrome download page

Jadith

Re: This isn't that new

This has indeed been going on for some time.

My favorite is how they hide the notices that the chrome installer is/has downloaded and blocking the usual browser popups people usually use to open a newly downloaded file.

Microsoft is changing how it handles device diagnostic data to keep EU sweet

Jadith

Re: good grief

Your code isn't perfect or perfectrly resilient. It needs to keeps logs so issues can be identified and sorted in a timely manner.

OFC, if you lack confidence in your code, not logging is obviously the way to go. It lets you maintain this idea your code is perfect and any issues will come down to hardware,network, or OS, because there is no proof the problem is in the code. QED.

Latest Windows 11 build shares desktop real estate with, er, Spotify

Jadith

They have that actually. The Windows store.

However, either you only use a Wndows PC at work, which means the stoer is likely already removed, or you do actually have a Windows PC at home, which likely means you know at least enough about computing to not use/need the Windows store.

Microsoft warns some Azure usage notifications – including abnormalities – are broken

Jadith

Re: Look, it's simple.

It seems the autmated notification system is the only part that is broken. Which means Microsoft will claim it made the information available and it is the partner's fault they did not go through every client, one at a time, in that awful Azure interface, with no telling how easy it is to find, create, and print.

And ofc, Microsoft will gladly scoop up the extra revenue every time someone misses a day of work and their customer did not get notified in time. They would not want the customer to have to worry about where else they spend it, as MS executive team finds this is far too onerous a task to lay at the feet of the client.

Microsoft injects AI into Teams so no one will ever forget what the meeting decided

Jadith

Another Day...

another feature nobody wanted, needed, or find helpful.

On the bright side, I'm sure it will introduce new bugs and is almost garunteed, based on past experiences, to be just outside of working in a way anyone will find useful. Then whatever team is behind it will move on, noone else will pick it up, and it will sit in the background witing to break everything at some update in the future.

Yanno, it's nice to know that some things never change, adds a sort of stability to life. Unfortunately it addss none to Teams.

Bill shock? The red ink of web services doesn’t come out of the blue

Jadith

Like just about everything else in IT...

YMMV

Honestly, I suspect most businesses will end up in hybrid models, having a bit of both. The diificulty is really not figuring out which one is best for the business, rather what works best where.

Best example is test envitonments. These often do not need to be up 24/7 and are quite ephimeral in nature, meaning keeping unused on prem kit makes less sense than doing testing in the cloud.

Alternatively, maybe you want your website hosted in the cloud for flexibility/scalability/availability, but you still host your database on prem 'cause the price of cloud hosted databases can be outrageous and difficult to plan for.

Truly any IT professional professing all or nothing on either option has something else in mind other than the cost/efficiency/effectiveness that comes with using all available tools for the best result.

If your DNS queries LoOk liKE tHIs, it's not a ransom note, it's a security improvement

Jadith

Would this mean, then, if you spoof a bunch of DNS Server IP addresses, even simpler in UDP, you could send a series of fake poisoning attacks to get those DNS servers blocked?

Well then....

Microsoft to offer ChatGPT-as-a-service from Azure real soon now

Jadith

I wonder what the first implementation will be...

Dollars to donuts the first implementation will be the service chat feature. They finally found something cheaper than oursourcing...

Microsoft and community release scripts to help mitigate Defender mess

Jadith
Flame

Microsoft--What a Mess

After perusing that mess of a script (Oh boy, was that fun) it appears to do two things

1. Scan the Volume Shadow Copy (vss) on the actual computer for *.lnk and restore it

2. Scan the registry for installed applications and create new new shortcuts in the Start Menu directory.

While 2 is ok enough, the damn vss is turned off by default after Windows 7 in favor of OneDrive being used to backup user data on workstations. So, if you have roaming profiles or rediredted user folders, etc, this script only restores the start menu shortcuts. (Though you can, through the script, get an idea how to do this sort of restore on a Windows file server).

Essentially, anyone following Microsoft guidance on the preffered ways to handle user data on workstations are borked when it comes to shortcuts and have to homebrew something to sort it out.

Microsoft is such a mess in a way that echoes the story of the Tower of Babel. They are too big and it is just making a huge mess for people. Microsoft wants a singular, all encompassing ecosystem, but the various organs of that great beast seem unable or incapable of communicating with each other. (From interviews and hearing from folks that have worked there, I am pretty sure I know which one is more prevalent). All we seem to get out of it with regularity is a crumbling structure, much indegestion, and a big mess.

I think therefore IAM: It's not cool, it's not sexy, but it's one of the most important and difficult areas in modern IT

Jadith

The tech side is the easy part...

Scripts and queries and bundles of nice software and an understanding of least privlidge, etc certainly take care of one side.

However, dealing with managers, HR, or even other IT staff is where the headache lies.

Noone wants to take ownership of what they believe is something IT should handle.

Then processes are ignored to 'jist get it done' because no matter how many audits, reports, or discussions are had, nobody knows how to request access until that new or even veteran employee cannot work on the super important thing that is one hundred percent the only point to their job.

Then management wants to just give everyone access to everything their department uses cause they are all a family over there in sales and nobody every deletes the wrong file or rips off the company before giving notice or would even think of checking out that link sent by some poor Russian fellow just looking for some help.

Honestly, it is bad enough when it is just part of a job because at least you can comfort yourself with other work, but as a sole position...it should come with a complimentary onsite therapist.

Power to the users? Admins be warned: Microsoft set to introduce 'self-service purchase' in Office 365

Jadith

Here we go again...

Windows 10 started the battle with allowing users to login to their Microsoft accounts on otherwise domain joined computers and bring all their One Drive and anything on their desktop along with them. As if we did not have enough trouble with people downloading nonsense on their work emails. Nope, dealt with that in a hurry.

Then, we had to deal with the store, which was letting users install whatever they want without being vetted. Want to play State of Decay 2 on the machine bought on the cheap with just enough resources to run Office? That was dealt a deathblow pretty quickly too.

Now Microsoft wants to add unmanaged licencing and tickets o' plenty for software nobody agreed to support? Oh how Microsoft thinks so little of us lowly IT staff. Any sysadmin, desktop engineer, or front line support worth their keyboard will nip this in the bud as well.

If they think we cannot keep them away, maybe they should look at those immutable laws of security they published and think about who checks every single one of those boxes.

Personality quiz for all you IT bods: Are you a chameleon or an outlaw? A diplomat or a high flier? Vote right here

Jadith

There is no BOFH category. I believe this invalidates this list and anything it was meant to do.

SMBs: We don't want to spoil all of this article, but have you patched, taken away admin rights, made backups yet?

Jadith

All about saving money until...

Most smaller businesses simply don't want to put up the money for an IT professional. I have seen many go with MSP's that take no ownership of IT health and security. As long as they get that check and put the right wording in the contract, it doesn't matter to them one bit.

Another plan I have seen in place is offloading IT infrastructure to the one web developer hired to make the online presence. Usually somebody fresh out of college or boot camp that barely has time for the web development projects piling up.

What I do not see much of is business schools and colleges teaching just how crucial IT is to the foundation of a business these days. Sure, they make sure students know the importance of online commerce. However, I do not hear the lesson on what happens when your internal systems are hacked or just go down, be it the network, billing software, ordering system, etc., , causing loss of client confidence or costly contract violations. How many businesses end up closing shop when all they needed was one competent IT person.