Avatar_of_Self @ Avatar_of_Self @lemmy.world

Posts

0

Comments

148

Joined

1 yr. ago

Don't forget Skype for Business doing the weird half-sign on thing and then starting Teams which nags you to switch to Teams (New).

They were probably thinking that they'd use the cheapest Windows license (no gp manager) and make more money by putting bloatware on there via deals with other companies.

I know you know but why are they so short sighted? I just don't think actual consumer experience is at the forefront of priorities. Deadlines and budgets are.

I did too! I know my dad remembered them because he was really excited about it when I opened the presents.

I remember this blue curtain with giraffes and lions (and I'm sure other animals but those are the two I remember) that I liked and got to see during snack time. I used to imagine I'd be playing with them and how cool they were. I also remember watching GoBots in the morning. I was also fascinated by rollypollys and caterpillars one day in the outside play area for some reason. Just a few examples from preschool when I was between 3 and 4. I started kindergarten when I was 4 during that school year when I was close to turning 5. I remember my teacher from then and her really visible varicose veins and her pointed toe shoes that seemed way too small because the skin from her feet pushed up out of them a bit.

None of that is stuff my family would have been like "Hey, remember blah blah?"

Well it isn't actually a confirmed case. Ruiu, the original person reporting the issue wasn't sure exactly what the surface area of attack was at the start. Ruiu Dragos, who is a security researcher believed it infected via speakers.

Eventually Errata CEO, Robert Graham, said that if he spent a year, he could build malware that did the same and that it was 'really, really easy'

Eventually, Ruiu noticed that the initial stage of infection was from one of his USB sticks.

The speakers part comes in that he found that the packets transmitted between badBIOS infected machines stopped if he disconnected the internal speaker and microphone.

Meaning, that sure, badBIOS may communicate data with each other via speakers but that it has never been proven that it could actually infect another machine via speakers. However, that hasn't stopped articles from conflating things.

You'd change the system prompt, just like now. If you mean in the session, I'm sure it'll ignore your session's prompt's instructions as normal but if not, I guess you'd just start a new session prompt.

Yes, but has it taken both OS' out at the same time? It hasn't but it could happen, however, the chances are even less. There's obvious risk mitigation in mixing vendors in infrastructure for both hardware and software in the enterprise.

If some critical services were lost in your enterprise last time until RH updated their kernel then you could have benefitted from running that service from Windows as well. Now the reverse is true. You could have another DC via Samba on Linux in your forest if you wanted to, in order to have an AD still for example. Same goes for file share servers, intermediary certificate servers (hopefully your Root CA is not always on the network) and pretty much most critical services.

Most enterprises run a lot of services off of a hypervisor and have overhead to scale (or they are already in a sinking ship), so you can just spin up VMs to do that. It isn't as if it is unreasonably labor intensive compared to other similar risk mitigation implementations. Any sane CCB (obviously there are edge cases but we are talking in general here) will even let you get away without a vendor support contract for those, since they are just for emergency redundancy and not anywhere near critical unless the critical services have already shit the bed.

I get the sentiment but defense in depth is a methodology to live by in IT and auto updating via the Internet is not a good risk to take in general. For example, should Crowdstrike just disappear one day, your entire infrastructure shouldn't be at enormous risk nor should critical services. Even if it's your anti-virus, a virus or ransomware shouldn't be able to easily propagate through the enterprise. If it did, then it is doubtful something like Crowdstrike is going to be able to update and suddenly reverse course. If it can then you're just lucky that the ransomware that made it through didn't do anything in defense of itself (disconnecting from the network, blocking CIDRs like Crowdsource's update servers, blocking processes, whatever) and frankly you can still update those clients anyway from your own AV update server which is a product you'd be using if you aren't allowing updates from the Internet in order to roll them out in dev first, phasing and/or schedules from your own infrastructure.

Crowdstrike is just another lesson in that.

What I usually do is set next boot to BIOS so I have time to get into the console and do whatever.

Also instead of using a browser, I prefer to connect vmware Workstation to vCenter so all the consoles insta open in their own tabs in the workspace.

Similar thing happened to the idiot CEO of Lifelock that used to advertise his actual social security number everywhere.

I'm not against using Google, stack exhange, man pages, apropos, tldr, etc. but if you're trying to advertise competence with a skillset but you can't do the basics and frankly it is still essentially a mystery to you then youre just being dishonest. Sure use all tools available to you though because that's a good thing to do.

Just because someone breathed air in the same space occasionally over the years where a tool exists does not mean that they can honestly say that those are years of experience with it on a resume or whatever.

I've worked as an IT architect at various companies in my career and you can definitely get support contracts for engineering support of RHEL, Ubuntu, SUSE, etc. That isn't the issue. The issue is that there are a lot of system administrators with "15 years experience in Linux" that have no real experience in Linux. They have experience googling for guides and tutorials while having cobbled together documents of doing various things without understanding what they are really doing.

I can't tell you how many times I've seen an enterprise patch their Linux solutions (if they patched them at all with some ridiculous rubberstamped PO&AM) manually without deploying a repo and updating the repo treating it as you would a WSUS. Hell, I'm pleasantly surprised if I see them joined to a Windows domain (a few times) or an LDAP (once but they didn't have a trust with the Domain Forest or use sudoer rules...sigh).

Here in California, my annual bill is a little over $6500/year, so $540ish/month. I can only use one company and the PUC is about to approve yet another rate increase again (they've never been rejected).

Nah not for the big providers. The biggest problem is not having RUA for DMARC set up at all, set to None for the action or having an email in the RUA that will give a bounce message back to a sender (or not having DMARC at all in your DNS). The safe thing to do is set up SPF, DKIM and DMARC (correctly).

You cant always control getting into a spam box from time to time if someone in your IPs /24 makes it onto popular spam databases but that's very temporary but it is also very possible someone in your /24 is always on the lists. You can check yourself and there are both scripts and sites that will check most of the popular ones for you.

/24 is a very popular CIDR to use for stuff like spam filtering or internet facing IPS.

Can you use that site to see which of your games fall into each category?

Yeah just go to https://www.protondb.com/profile and either enter your Steam Profile ID or connect your Steam account, then go to https://www.protondb.com/dashboard

Needing to use command line for some things that should be a right click, not supporting right click, ambiguities galore when looking at a package repository, odd defaults in packages that one really wouldn’t expect to have to check (e.g. Selecting RDP connection in a Remote app, but it defaults the security to something other than RDP?)

Sounds like you're using a GNOME Desktop. You should give KDE Plasma a try instead. KDE Plasma basically gives you a Windows-esq experience without trying to install something like GNOME extensions.

For a regular user there's not much point into going into the command-line anymore.

there’s problems like Libre Office devs ...

Sure but there's also alternatives. LibreOffice doesn't try to emulate Microsoft Office and they never really have. They won't even try to be compatible with MS Office but rather they do with OOXML which Microsoft created for other Office suites to be compatible with it but then just never supported it very well. Some alternatives do however. WPS Office is perhaps the most popular alternative for this that does try to be compatible with MS Office and emulate its feel and features but ONLYOFFICE is also a contender.

Just a heads up, if you use an AMD GPU, the drivers are built into the Linux kernel itself by AMD engineers (and others helping/supporting/contributing to the kernel like themselves). So you don't even have drivers to install, unless you're one of the 10 people that want to use AMD GPUs for Machine Learning. Then you'd do a quick install of AMD PRO (those are proprietary so that's why they aren't built into the kernel).

To be fair, I find that people with a Computer Science degree are pretty much just like most other users except that they need more privileged access somewhere because they are usually software developers or somewhere in that orbit. A Computer Science degree does not prepare someone to be a sysadmin. That doesn't mean they can't be an excellent one but it certainly isn't because of their degree path.

The rings from top to bottom:

ProtonDB Medals (ProtonDB's appraisal: How does it play. You may need to tinker.)

ProtonDB Click Play (ProtonDB's new appraisal: How does it play without any tinkering)

Deck Verified

Chromebook Ready

I regularly meet Linux elitists not understanding that I want a UI for my debuggers, not an automated script.

I don't know. It doesn't make any sense that someone would be against a UI for something. It is just mostly a bunch of volunteers working on their own projects. I could see a volunteer saying something like "nah, I'm OK with it the way it is" because they are working on something for free, usually for themselves and sharing it for others to use and/or contribute to.

It seems odd that you'd complaining to some project maintainers and calling them elitists for not working on your suggestion and even odder still because I'd imagine many would be thrilled for someone to contribute to building a UI, even if it's just mock-ups. Unless you're talking about some random people in the Linux community but I don't really see any point in doing that since they probably have nothing to do with whatever projects you're talking about.

What would adding a GUI to a command line app even change about it as far as the command line? It isn't as if you either get one or the other; you can have both. It just doesn't make sense.