▪█─────█▪

  • 0 Posts
  • 8 Comments
Joined 1 year ago
cake
Cake day: June 19th, 2023

help-circle
  • And despite security recommendations, too many IT depts still force password resets every 90 days…

    It could be for contractual or for insurance reasons. We have some contracts with government agencies that require it, and our cyberinsurance also does. Even though NIST has been recommending for years to do long passphrase + MFA and no reset unless you suspect compromise.

    So yeah, the reason behind this might not be just plain incompetence.


  • This is why I got all of our devs to start building with the target of a Docker container in mind.

    And for the ones who still won’t or can’t wrap their brains around Docker, I run their shit through a Github Actions workflow that spits out their ugly baby as a Docker container. In the end, I don’t give a shit what it is, your Rube-Goldberg piece of shit is getting stuffed into a Docker container.

    “It works on my machine!” Yeah, well, your machine is now everyone’s machine thanks to the magic of containers. Now fix your broken shit so PagerDuty doesn’t call me at 3am again. Fuck.



  • All the while they uphold objectively-racist comments despite several reports. Fucking weird.

    I mentally checked out of reddit when I got a comment deleted and a 3-day sitewide ban for saying:

    “It is always OK to punch a Nazi.”

    It was a literal comment, not figurative, nothing was being compared, etc. Just a straight statement about actual past and present-day Nazis. Ban.

    The 3rd-party app fiasco happened a couple of weeks later, and that was the second sign that I needed to GTFO.




  • Places like that never learn their lesson until The Event™ happens. At my last place, The Event™ was a derecho that knocked out power for a few days, and then when it came back on, the SAN was all kinds of fucked. On top of that, we didn’t have backups for everything because they didn’t want to pay for more storage. They were losing like $100K+ every hour they were down.

    The speed at which they approved all-new hardware inside a colocation facility after The Event™ was absolutely hilarious, I’d never seen anything approved that quickly.

    Trust me, they’re going to keep putting it off until you have your own version of The Event™, and they’ll deny that they ever disregarded the risk of it happening in the first place, even though you have years’ worth of emails saying “If we don’t do X, Y will occur.” And when when Y occurs, they’ll scream “Oh my God, Y has occurred, no one could have ever foreseen this!”

    It’ll happen. Wait and watch.