- Welcome to Networking-Forums.com.
We're Here to Help!
Recent posts
#91
Security / Re: EXCELLENT Paper on IT Secu...
Last post by deanwebb - July 21, 2024, 10:27:22 AMAnd, as a coda, I just had to put in a ban on the MSFT OpenAI IP range because of odd inputs we were getting from it. Zero trust in action! 
#92
Security / EXCELLENT Paper on IT Security...
Last post by deanwebb - July 21, 2024, 10:19:33 AMhttps://apps.dtic.mil/sti/pdfs/AD0758206.pdf
Save it locally and refer to it every now and then. I first read this about 10-11 years ago. It is incredible how the author describes the world of IT that we have today. While technologies for connecting, storing, and processing information have improved over time, security has not. It has *always* been "somebody else's problem." Software guys aren't the only ones - there's some pretty bad security on every piece of hardware we use. Not "almost every". EVERY piece of hardware.
While I don't want to disconnect the PCs, power them off, melt them down, and then bury them under a mountain and then push the mountain to the base of the Marianas Trench, I *do* think that having everything interconnected is, on the whole, a bad idea. When I think about the technology I'd miss if I was living back in 1979, smart anything and Bluetooth are not on my list. All I need my fridge to do is to refrigerate things and have a frost-free freezer. My dishwasher should wash dishes. My lightbulbs should make light. I'm good with all that plain Jane stuff. By interconnecting all that stuff needlessly, we've increased our vulnerability to being trapped by our own technology when it fails us at scale.
The CrowdStrike-Windows mess is just the largest mess *thus far*. Bigger ones await us because no matter what happens here, security will always be someone else's problem.
Save it locally and refer to it every now and then. I first read this about 10-11 years ago. It is incredible how the author describes the world of IT that we have today. While technologies for connecting, storing, and processing information have improved over time, security has not. It has *always* been "somebody else's problem." Software guys aren't the only ones - there's some pretty bad security on every piece of hardware we use. Not "almost every". EVERY piece of hardware.
While I don't want to disconnect the PCs, power them off, melt them down, and then bury them under a mountain and then push the mountain to the base of the Marianas Trench, I *do* think that having everything interconnected is, on the whole, a bad idea. When I think about the technology I'd miss if I was living back in 1979, smart anything and Bluetooth are not on my list. All I need my fridge to do is to refrigerate things and have a frost-free freezer. My dishwasher should wash dishes. My lightbulbs should make light. I'm good with all that plain Jane stuff. By interconnecting all that stuff needlessly, we've increased our vulnerability to being trapped by our own technology when it fails us at scale.
The CrowdStrike-Windows mess is just the largest mess *thus far*. Bigger ones await us because no matter what happens here, security will always be someone else's problem.
#93
Forum Lobby / Re: CrowdStrike Outage 19 July...
Last post by deanwebb - July 20, 2024, 08:00:37 AMAll investment advice presented here is for entertainment purposes only. Do not consider seriously any investment advice from a source that has a smilie like this -->
I'm all for rapid updates and everything, but maybe just maybe somebody slows the roll by 30 mins and checks to see if the PC we have running in the dev lab survives a reboot after the new code is pushed. And this really is a lesson for *every* firm doing super-agile CI/CD pipeline.
Back in the 90s, we called super-agile CI/CD pipeline "updating production directly". It was a great way to get fired if one did stuff like that.
I'm all for rapid updates and everything, but maybe just maybe somebody slows the roll by 30 mins and checks to see if the PC we have running in the dev lab survives a reboot after the new code is pushed. And this really is a lesson for *every* firm doing super-agile CI/CD pipeline.
Back in the 90s, we called super-agile CI/CD pipeline "updating production directly". It was a great way to get fired if one did stuff like that.
#94
Forum Lobby / Re: Quiet Vacationing
Last post by deanwebb - July 20, 2024, 07:51:36 AMWhen billable, I feel better when I bill in 30-min chunks, just sayin'.
#95
Forum Lobby / Re: Quiet Vacationing
Last post by icecream-guy - July 19, 2024, 04:26:09 PMQuote from: deanwebb on July 17, 2024, 02:27:37 PMhttps://www.independent.co.uk/life-style/quiet-vacation-work-remote-jobs-b2580849.html
Like "quiet quitting", but you still like your job. You just don't disclose where you are when remote...
I am remote every day. Have to account for every minute in my Weekly Activity Report.
Well every 6 Minutes as we bill in the thenths of an hour
#96
Forum Lobby / Re: CrowdStrike Outage 19 July...
Last post by icecream-guy - July 19, 2024, 04:22:15 PMI always say cloud=bad, giving up security controls to a third party is bad bad bad, especially without an iron clad out. I BET there are going to be alot of law suits. even today
Crowdstrike Holdings Inc - Class A
As of July 19, 2024 • 4:00 PM EDT
NASDAQ: CRWD
304.96 USD
-38.09(11.10%)
Time to buy some PUT options?
Crowdstrike Holdings Inc - Class A
As of July 19, 2024 • 4:00 PM EDT
NASDAQ: CRWD
304.96 USD
-38.09(11.10%)
Time to buy some PUT options?
#97
Forum Lobby / Re: CrowdStrike Outage 19 July...
Last post by Otanx - July 19, 2024, 09:32:32 AMYep, woke up to this. Glad we didn't get hit ourselves. Several of my wife's coworkers are supposed to be traveling today, but can't. The airline told them probably tomorrow... maybe. The only good thing was that for one of her coworkers they still had their hotel room because the hotel couldn't check them out when they left.
-Otanx
-Otanx
#98
Forum Lobby / CrowdStrike Outage 19 July 202...
Last post by deanwebb - July 19, 2024, 07:58:48 AMA gut-punch of a story. CrowdStrike pushes an update to its agent globally, wrecks tons of systems because it's broken.
Yes, I want security updates fast and furious to keep ahead of the baddies.
BUT
I also want my mission-critical servers in banks, airlines, and health care to not crash because of a security update.
Yes, I want security updates fast and furious to keep ahead of the baddies.
BUT
I also want my mission-critical servers in banks, airlines, and health care to not crash because of a security update.
#99
Forum Lobby / Quiet Vacationing
Last post by deanwebb - July 17, 2024, 02:27:37 PMhttps://www.independent.co.uk/life-style/quiet-vacation-work-remote-jobs-b2580849.html
Like "quiet quitting", but you still like your job. You just don't disclose where you are when remote...
Like "quiet quitting", but you still like your job. You just don't disclose where you are when remote...
#100
Everything Else in the Data Center / Re: AWS Fun Times
Last post by deanwebb - July 12, 2024, 02:40:23 PMIndeed. We need documentation about what works, but if updating docs isn't a sprint activity for the devs, then it's good-bye docs, casualties of the sprint cycle.