Symfony Profiler

null

Proxies\__CG__\App\Entity\Entry {#1583
  +user: Proxies\__CG__\App\Entity\User {#1618 …}
  +magazine: Proxies\__CG__\App\Entity\Magazine {#1587 …}
  +image: null
  +domain: Proxies\__CG__\App\Entity\Domain {#1874 …}
  +slug: "Tech-workers-what-did-your-IT-Security-team-do-that"
  +title: "Tech workers - what did your IT Security team do that made your life hell and had no practical benefit?"
  +url: null
  +body: """
    One chestnut from my history in lottery game development:\n
    \n
    While our security staff was incredibly tight and did a generally good job, oftentimes levels of paranoia were off the charts.\n
    \n
    Once they went around hot gluing shut all of the “unnecessary” USB ports in our PCs under the premise of mitigating data theft via thumb drive, while ignoring that we were all Internet-connected and VPNs are a thing, also that every machine had a RW optical drive.
    """
  +type: "article"
  +lang: "en"
  +isOc: false
  +hasEmbed: false
  +commentCount: 261
  +favouriteCount: 423
  +score: 0
  +isAdult: false
  +sticky: false
  +lastActive: DateTime @1698669717 {#1726
    date: 2023-10-30 13:41:57.0 +01:00
  }
  +ip: null
  +adaAmount: 0
  +tags: null
  +mentions: null
  +comments: Doctrine\ORM\PersistentCollection {#1410 …}
  +votes: Doctrine\ORM\PersistentCollection {#1708 …}
  +reports: Doctrine\ORM\PersistentCollection {#1910 …}
  +favourites: Doctrine\ORM\PersistentCollection {#2030 …}
  +notifications: Doctrine\ORM\PersistentCollection {#1362 …}
  +badges: Doctrine\ORM\PersistentCollection {#2020 …}
  +children: [
    App\Entity\EntryComment {#1610
      +user: App\Entity\User {#260 …}
      +entry: Proxies\__CG__\App\Entity\Entry {#1583 …2}
      +magazine: Proxies\__CG__\App\Entity\Magazine {#1587 …}
      +image: null
      +parent: Proxies\__CG__\App\Entity\EntryComment {#1655 …}
      +root: Proxies\__CG__\App\Entity\EntryComment {#1655 …}
      +body: """
        I’m in IT security and I’m fighting this battle. I want to lessen the burden of passwords and arbitrary rotation is terrible.\n
        \n
        I’ve ran into a number of issues at my company that would give me the approval to reduce the frequency of expired passwords\n
        \n
        - the company gets asked this question by other customers “do you have a password policy for your staff?” (that somehow includes an expiration frequency).\n
        - on-prem AD password complexity has some nice parts built in vs some terrible parts with no granularity. It’s a single check box in gpo that does *way* too much stuff. I’m also not going to write a custom password policy because I don’t have the skill set to do it correctly when we’re talking about AD, that’s nightmare inducing. (Looking at specops to help and already using Azure AD password protection in passive mode)\n
        - I think management is worried that a phishing event happens on a person with a static password and then unfairly conflating that to my argument of “can we just do two things: increase password length by 2 and decrease expiration frequency by 30 days”\n
        \n
        At the end of the day, some of us in IT security want to do the right things based in common sense but we get stymied by management decisions and precedence. Hell, I’ve brought NIST 800-63B documentation with me to check every reason why they wouldn’t budge. It’s just ingrained in them - meanwhile you look at the number of tickets for password help and password sharing violations that get reported … /Sigh
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 24
      +score: 0
      +lastActive: DateTime @1698149493 {#1434
        date: 2023-10-24 14:11:33.0 +02:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@Krudler@lemmy.world"
        "@Cqrd@lemmy.dbzer0.com"
      ]
      +children: Doctrine\ORM\PersistentCollection {#1652 …}
      +nested: Doctrine\ORM\PersistentCollection {#1679 …}
      +votes: Doctrine\ORM\PersistentCollection {#1668 …}
      +reports: Doctrine\ORM\PersistentCollection {#1666 …}
      +favourites: Doctrine\ORM\PersistentCollection {#1551 …}
      +notifications: Doctrine\ORM\PersistentCollection {#1576 …}
      -id: 69109
      -bodyTs: "'-63':235 '/sigh':273 '2':190 '30':196 '800':234 'ad':76,134,148 'alreadi':145 'also':108 'approv':41 'arbitrari':21 'argument':178 'ask':52 'azur':147 'b':236 'base':216 'battl':11 'box':97 'brought':232 'budg':248 'built':83 'burden':17 'check':96,241 'common':218 'compani':35,50 'complex':78 'conflat':174 'correct':128 'custom':57,114 'day':197,203 'decis':226 'decreas':192 'document':237 'end':200 'event':162 'everi':242 'expir':47,71,193 'fight':9 'frequenc':45,72,194 'get':51,222,271 'give':38 'go':110 'gpo':99 'granular':91 'happen':163 'hell':229 'help':143,265 'includ':69 'increas':186 'induc':138 'ingrain':252 'issu':32 'length':188 'lessen':15 'look':139,257 'm':2,8,107 'manag':156,225 'meanwhil':255 'mode':153 'much':104 'nice':81 'nightmar':137 'nist':233 'number':30,260 'on-prem':73 'part':82,88 'passiv':152 'password':19,48,62,77,115,149,170,187,264,267 'person':166 'phish':161 'polici':63,116 'preced':228 'prem':75 'protect':150 'question':54 'ran':27 're':131 'reason':243 'reduc':43 'report':272 'right':214 'rotat':22 'secur':5,209 'sens':219 'set':124 'share':268 'singl':95 'skill':123 'somehow':68 'specop':141 'staff':66 'static':169 'stuff':105 'stymi':223 'talk':132 'terribl':24,87 'thing':185,215 'think':155 'ticket':262 'two':184 'unfair':173 'us':206 'use':146 've':26,231 'violat':269 'vs':85 'want':13,210 'way':102 'worri':158 'would':37 'wouldn':246 'write':112"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://infosec.pub/comment/3663074"
      +editedAt: null
      +createdAt: DateTimeImmutable @1698149493 {#1699
        date: 2023-10-24 14:11:33.0 +02:00
      }
      +"title": 69109
    }
  ]
  -id: 7315
  -titleTs: "'benefit':19 'hell':14 'life':13 'made':11 'practic':18 'secur':7 'team':8 'tech':1 'worker':2"
  -bodyTs: "'also':71 'around':34 'chart':30 'chestnut':2 'connect':65 'data':52 'develop':9 'drive':56,79 'everi':73 'game':8 'general':20 'glu':36 'good':21 'histori':5 'hot':35 'ignor':58 'incred':15 'internet':64 'internet-connect':63 'job':22 'level':24 'lotteri':7 'machin':74 'mitig':51 'oftentim':23 'one':1 'optic':78 'paranoia':26 'pcs':46 'port':43 'premis':49 'rw':77 'secur':12 'shut':37 'staff':13 'theft':53 'thing':70 'thumb':55 'tight':16 'unnecessari':41 'usb':42 'via':54 'vpns':67 'went':33"
  +cross: false
  +upVotes: 0
  +downVotes: 0
  +ranking: 1698180461
  +visibility: "visible             "
  +apId: "https://lemmy.world/post/7232834"
  +editedAt: null
  +createdAt: DateTimeImmutable @1698094061 {#1595
    date: 2023-10-23 22:47:41.0 +02:00
  }
  +__isInitialized__: true
   …2
}

Proxies\__CG__\App\Entity\Entry {#1583
  +user: Proxies\__CG__\App\Entity\User {#1618 …}
  +magazine: Proxies\__CG__\App\Entity\Magazine {#1587 …}
  +image: null
  +domain: Proxies\__CG__\App\Entity\Domain {#1874 …}
  +slug: "Tech-workers-what-did-your-IT-Security-team-do-that"
  +title: "Tech workers - what did your IT Security team do that made your life hell and had no practical benefit?"
  +url: null
  +body: """
    One chestnut from my history in lottery game development:\n
    \n
    While our security staff was incredibly tight and did a generally good job, oftentimes levels of paranoia were off the charts.\n
    \n
    Once they went around hot gluing shut all of the “unnecessary” USB ports in our PCs under the premise of mitigating data theft via thumb drive, while ignoring that we were all Internet-connected and VPNs are a thing, also that every machine had a RW optical drive.
    """
  +type: "article"
  +lang: "en"
  +isOc: false
  +hasEmbed: false
  +commentCount: 261
  +favouriteCount: 423
  +score: 0
  +isAdult: false
  +sticky: false
  +lastActive: DateTime @1698669717 {#1726
    date: 2023-10-30 13:41:57.0 +01:00
  }
  +ip: null
  +adaAmount: 0
  +tags: null
  +mentions: null
  +comments: Doctrine\ORM\PersistentCollection {#1410 …}
  +votes: Doctrine\ORM\PersistentCollection {#1708 …}
  +reports: Doctrine\ORM\PersistentCollection {#1910 …}
  +favourites: Doctrine\ORM\PersistentCollection {#2030 …}
  +notifications: Doctrine\ORM\PersistentCollection {#1362 …}
  +badges: Doctrine\ORM\PersistentCollection {#2020 …}
  +children: [
    App\Entity\EntryComment {#1610
      +user: App\Entity\User {#260 …}
      +entry: Proxies\__CG__\App\Entity\Entry {#1583 …2}
      +magazine: Proxies\__CG__\App\Entity\Magazine {#1587 …}
      +image: null
      +parent: Proxies\__CG__\App\Entity\EntryComment {#1655 …}
      +root: Proxies\__CG__\App\Entity\EntryComment {#1655 …}
      +body: """
        I’m in IT security and I’m fighting this battle. I want to lessen the burden of passwords and arbitrary rotation is terrible.\n
        \n
        I’ve ran into a number of issues at my company that would give me the approval to reduce the frequency of expired passwords\n
        \n
        - the company gets asked this question by other customers “do you have a password policy for your staff?” (that somehow includes an expiration frequency).\n
        - on-prem AD password complexity has some nice parts built in vs some terrible parts with no granularity. It’s a single check box in gpo that does *way* too much stuff. I’m also not going to write a custom password policy because I don’t have the skill set to do it correctly when we’re talking about AD, that’s nightmare inducing. (Looking at specops to help and already using Azure AD password protection in passive mode)\n
        - I think management is worried that a phishing event happens on a person with a static password and then unfairly conflating that to my argument of “can we just do two things: increase password length by 2 and decrease expiration frequency by 30 days”\n
        \n
        At the end of the day, some of us in IT security want to do the right things based in common sense but we get stymied by management decisions and precedence. Hell, I’ve brought NIST 800-63B documentation with me to check every reason why they wouldn’t budge. It’s just ingrained in them - meanwhile you look at the number of tickets for password help and password sharing violations that get reported … /Sigh
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 24
      +score: 0
      +lastActive: DateTime @1698149493 {#1434
        date: 2023-10-24 14:11:33.0 +02:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@Krudler@lemmy.world"
        "@Cqrd@lemmy.dbzer0.com"
      ]
      +children: Doctrine\ORM\PersistentCollection {#1652 …}
      +nested: Doctrine\ORM\PersistentCollection {#1679 …}
      +votes: Doctrine\ORM\PersistentCollection {#1668 …}
      +reports: Doctrine\ORM\PersistentCollection {#1666 …}
      +favourites: Doctrine\ORM\PersistentCollection {#1551 …}
      +notifications: Doctrine\ORM\PersistentCollection {#1576 …}
      -id: 69109
      -bodyTs: "'-63':235 '/sigh':273 '2':190 '30':196 '800':234 'ad':76,134,148 'alreadi':145 'also':108 'approv':41 'arbitrari':21 'argument':178 'ask':52 'azur':147 'b':236 'base':216 'battl':11 'box':97 'brought':232 'budg':248 'built':83 'burden':17 'check':96,241 'common':218 'compani':35,50 'complex':78 'conflat':174 'correct':128 'custom':57,114 'day':197,203 'decis':226 'decreas':192 'document':237 'end':200 'event':162 'everi':242 'expir':47,71,193 'fight':9 'frequenc':45,72,194 'get':51,222,271 'give':38 'go':110 'gpo':99 'granular':91 'happen':163 'hell':229 'help':143,265 'includ':69 'increas':186 'induc':138 'ingrain':252 'issu':32 'length':188 'lessen':15 'look':139,257 'm':2,8,107 'manag':156,225 'meanwhil':255 'mode':153 'much':104 'nice':81 'nightmar':137 'nist':233 'number':30,260 'on-prem':73 'part':82,88 'passiv':152 'password':19,48,62,77,115,149,170,187,264,267 'person':166 'phish':161 'polici':63,116 'preced':228 'prem':75 'protect':150 'question':54 'ran':27 're':131 'reason':243 'reduc':43 'report':272 'right':214 'rotat':22 'secur':5,209 'sens':219 'set':124 'share':268 'singl':95 'skill':123 'somehow':68 'specop':141 'staff':66 'static':169 'stuff':105 'stymi':223 'talk':132 'terribl':24,87 'thing':185,215 'think':155 'ticket':262 'two':184 'unfair':173 'us':206 'use':146 've':26,231 'violat':269 'vs':85 'want':13,210 'way':102 'worri':158 'would':37 'wouldn':246 'write':112"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://infosec.pub/comment/3663074"
      +editedAt: null
      +createdAt: DateTimeImmutable @1698149493 {#1699
        date: 2023-10-24 14:11:33.0 +02:00
      }
      +"title": 69109
    }
  ]
  -id: 7315
  -titleTs: "'benefit':19 'hell':14 'life':13 'made':11 'practic':18 'secur':7 'team':8 'tech':1 'worker':2"
  -bodyTs: "'also':71 'around':34 'chart':30 'chestnut':2 'connect':65 'data':52 'develop':9 'drive':56,79 'everi':73 'game':8 'general':20 'glu':36 'good':21 'histori':5 'hot':35 'ignor':58 'incred':15 'internet':64 'internet-connect':63 'job':22 'level':24 'lotteri':7 'machin':74 'mitig':51 'oftentim':23 'one':1 'optic':78 'paranoia':26 'pcs':46 'port':43 'premis':49 'rw':77 'secur':12 'shut':37 'staff':13 'theft':53 'thing':70 'thumb':55 'tight':16 'unnecessari':41 'usb':42 'via':54 'vpns':67 'went':33"
  +cross: false
  +upVotes: 0
  +downVotes: 0
  +ranking: 1698180461
  +visibility: "visible             "
  +apId: "https://lemmy.world/post/7232834"
  +editedAt: null
  +createdAt: DateTimeImmutable @1698094061 {#1595
    date: 2023-10-23 22:47:41.0 +02:00
  }
  +__isInitialized__: true
   …2
}

Proxies\__CG__\App\Entity\Entry {#1583
  +user: Proxies\__CG__\App\Entity\User {#1618 …}
  +magazine: Proxies\__CG__\App\Entity\Magazine {#1587 …}
  +image: null
  +domain: Proxies\__CG__\App\Entity\Domain {#1874 …}
  +slug: "Tech-workers-what-did-your-IT-Security-team-do-that"
  +title: "Tech workers - what did your IT Security team do that made your life hell and had no practical benefit?"
  +url: null
  +body: """
    One chestnut from my history in lottery game development:\n
    \n
    While our security staff was incredibly tight and did a generally good job, oftentimes levels of paranoia were off the charts.\n
    \n
    Once they went around hot gluing shut all of the “unnecessary” USB ports in our PCs under the premise of mitigating data theft via thumb drive, while ignoring that we were all Internet-connected and VPNs are a thing, also that every machine had a RW optical drive.
    """
  +type: "article"
  +lang: "en"
  +isOc: false
  +hasEmbed: false
  +commentCount: 261
  +favouriteCount: 423
  +score: 0
  +isAdult: false
  +sticky: false
  +lastActive: DateTime @1698669717 {#1726
    date: 2023-10-30 13:41:57.0 +01:00
  }
  +ip: null
  +adaAmount: 0
  +tags: null
  +mentions: null
  +comments: Doctrine\ORM\PersistentCollection {#1410 …}
  +votes: Doctrine\ORM\PersistentCollection {#1708 …}
  +reports: Doctrine\ORM\PersistentCollection {#1910 …}
  +favourites: Doctrine\ORM\PersistentCollection {#2030 …}
  +notifications: Doctrine\ORM\PersistentCollection {#1362 …}
  +badges: Doctrine\ORM\PersistentCollection {#2020 …}
  +children: [
    App\Entity\EntryComment {#1610
      +user: App\Entity\User {#260 …}
      +entry: Proxies\__CG__\App\Entity\Entry {#1583 …2}
      +magazine: Proxies\__CG__\App\Entity\Magazine {#1587 …}
      +image: null
      +parent: Proxies\__CG__\App\Entity\EntryComment {#1655 …}
      +root: Proxies\__CG__\App\Entity\EntryComment {#1655 …}
      +body: """
        I’m in IT security and I’m fighting this battle. I want to lessen the burden of passwords and arbitrary rotation is terrible.\n
        \n
        I’ve ran into a number of issues at my company that would give me the approval to reduce the frequency of expired passwords\n
        \n
        - the company gets asked this question by other customers “do you have a password policy for your staff?” (that somehow includes an expiration frequency).\n
        - on-prem AD password complexity has some nice parts built in vs some terrible parts with no granularity. It’s a single check box in gpo that does *way* too much stuff. I’m also not going to write a custom password policy because I don’t have the skill set to do it correctly when we’re talking about AD, that’s nightmare inducing. (Looking at specops to help and already using Azure AD password protection in passive mode)\n
        - I think management is worried that a phishing event happens on a person with a static password and then unfairly conflating that to my argument of “can we just do two things: increase password length by 2 and decrease expiration frequency by 30 days”\n
        \n
        At the end of the day, some of us in IT security want to do the right things based in common sense but we get stymied by management decisions and precedence. Hell, I’ve brought NIST 800-63B documentation with me to check every reason why they wouldn’t budge. It’s just ingrained in them - meanwhile you look at the number of tickets for password help and password sharing violations that get reported … /Sigh
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 24
      +score: 0
      +lastActive: DateTime @1698149493 {#1434
        date: 2023-10-24 14:11:33.0 +02:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@Krudler@lemmy.world"
        "@Cqrd@lemmy.dbzer0.com"
      ]
      +children: Doctrine\ORM\PersistentCollection {#1652 …}
      +nested: Doctrine\ORM\PersistentCollection {#1679 …}
      +votes: Doctrine\ORM\PersistentCollection {#1668 …}
      +reports: Doctrine\ORM\PersistentCollection {#1666 …}
      +favourites: Doctrine\ORM\PersistentCollection {#1551 …}
      +notifications: Doctrine\ORM\PersistentCollection {#1576 …}
      -id: 69109
      -bodyTs: "'-63':235 '/sigh':273 '2':190 '30':196 '800':234 'ad':76,134,148 'alreadi':145 'also':108 'approv':41 'arbitrari':21 'argument':178 'ask':52 'azur':147 'b':236 'base':216 'battl':11 'box':97 'brought':232 'budg':248 'built':83 'burden':17 'check':96,241 'common':218 'compani':35,50 'complex':78 'conflat':174 'correct':128 'custom':57,114 'day':197,203 'decis':226 'decreas':192 'document':237 'end':200 'event':162 'everi':242 'expir':47,71,193 'fight':9 'frequenc':45,72,194 'get':51,222,271 'give':38 'go':110 'gpo':99 'granular':91 'happen':163 'hell':229 'help':143,265 'includ':69 'increas':186 'induc':138 'ingrain':252 'issu':32 'length':188 'lessen':15 'look':139,257 'm':2,8,107 'manag':156,225 'meanwhil':255 'mode':153 'much':104 'nice':81 'nightmar':137 'nist':233 'number':30,260 'on-prem':73 'part':82,88 'passiv':152 'password':19,48,62,77,115,149,170,187,264,267 'person':166 'phish':161 'polici':63,116 'preced':228 'prem':75 'protect':150 'question':54 'ran':27 're':131 'reason':243 'reduc':43 'report':272 'right':214 'rotat':22 'secur':5,209 'sens':219 'set':124 'share':268 'singl':95 'skill':123 'somehow':68 'specop':141 'staff':66 'static':169 'stuff':105 'stymi':223 'talk':132 'terribl':24,87 'thing':185,215 'think':155 'ticket':262 'two':184 'unfair':173 'us':206 'use':146 've':26,231 'violat':269 'vs':85 'want':13,210 'way':102 'worri':158 'would':37 'wouldn':246 'write':112"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://infosec.pub/comment/3663074"
      +editedAt: null
      +createdAt: DateTimeImmutable @1698149493 {#1699
        date: 2023-10-24 14:11:33.0 +02:00
      }
      +"title": 69109
    }
  ]
  -id: 7315
  -titleTs: "'benefit':19 'hell':14 'life':13 'made':11 'practic':18 'secur':7 'team':8 'tech':1 'worker':2"
  -bodyTs: "'also':71 'around':34 'chart':30 'chestnut':2 'connect':65 'data':52 'develop':9 'drive':56,79 'everi':73 'game':8 'general':20 'glu':36 'good':21 'histori':5 'hot':35 'ignor':58 'incred':15 'internet':64 'internet-connect':63 'job':22 'level':24 'lotteri':7 'machin':74 'mitig':51 'oftentim':23 'one':1 'optic':78 'paranoia':26 'pcs':46 'port':43 'premis':49 'rw':77 'secur':12 'shut':37 'staff':13 'theft':53 'thing':70 'thumb':55 'tight':16 'unnecessari':41 'usb':42 'via':54 'vpns':67 'went':33"
  +cross: false
  +upVotes: 0
  +downVotes: 0
  +ranking: 1698180461
  +visibility: "visible             "
  +apId: "https://lemmy.world/post/7232834"
  +editedAt: null
  +createdAt: DateTimeImmutable @1698094061 {#1595
    date: 2023-10-23 22:47:41.0 +02:00
  }
  +__isInitialized__: true
   …2
}

null

App\Entity\EntryComment {#1610
  +user: App\Entity\User {#260 …}
  +entry: Proxies\__CG__\App\Entity\Entry {#1583
    +user: Proxies\__CG__\App\Entity\User {#1618 …}
    +magazine: Proxies\__CG__\App\Entity\Magazine {#1587 …}
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1874 …}
    +slug: "Tech-workers-what-did-your-IT-Security-team-do-that"
    +title: "Tech workers - what did your IT Security team do that made your life hell and had no practical benefit?"
    +url: null
    +body: """
      One chestnut from my history in lottery game development:\n
      \n
      While our security staff was incredibly tight and did a generally good job, oftentimes levels of paranoia were off the charts.\n
      \n
      Once they went around hot gluing shut all of the “unnecessary” USB ports in our PCs under the premise of mitigating data theft via thumb drive, while ignoring that we were all Internet-connected and VPNs are a thing, also that every machine had a RW optical drive.
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 261
    +favouriteCount: 423
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1698669717 {#1726
      date: 2023-10-30 13:41:57.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1410 …}
    +votes: Doctrine\ORM\PersistentCollection {#1708 …}
    +reports: Doctrine\ORM\PersistentCollection {#1910 …}
    +favourites: Doctrine\ORM\PersistentCollection {#2030 …}
    +notifications: Doctrine\ORM\PersistentCollection {#1362 …}
    +badges: Doctrine\ORM\PersistentCollection {#2020 …}
    +children: [
      App\Entity\EntryComment {#1610}
    ]
    -id: 7315
    -titleTs: "'benefit':19 'hell':14 'life':13 'made':11 'practic':18 'secur':7 'team':8 'tech':1 'worker':2"
    -bodyTs: "'also':71 'around':34 'chart':30 'chestnut':2 'connect':65 'data':52 'develop':9 'drive':56,79 'everi':73 'game':8 'general':20 'glu':36 'good':21 'histori':5 'hot':35 'ignor':58 'incred':15 'internet':64 'internet-connect':63 'job':22 'level':24 'lotteri':7 'machin':74 'mitig':51 'oftentim':23 'one':1 'optic':78 'paranoia':26 'pcs':46 'port':43 'premis':49 'rw':77 'secur':12 'shut':37 'staff':13 'theft':53 'thing':70 'thumb':55 'tight':16 'unnecessari':41 'usb':42 'via':54 'vpns':67 'went':33"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1698180461
    +visibility: "visible             "
    +apId: "https://lemmy.world/post/7232834"
    +editedAt: null
    +createdAt: DateTimeImmutable @1698094061 {#1595
      date: 2023-10-23 22:47:41.0 +02:00
    }
    +__isInitialized__: true
     …2
  }
  +magazine: Proxies\__CG__\App\Entity\Magazine {#1587 …}
  +image: null
  +parent: Proxies\__CG__\App\Entity\EntryComment {#1655 …}
  +root: Proxies\__CG__\App\Entity\EntryComment {#1655 …}
  +body: """
    I’m in IT security and I’m fighting this battle. I want to lessen the burden of passwords and arbitrary rotation is terrible.\n
    \n
    I’ve ran into a number of issues at my company that would give me the approval to reduce the frequency of expired passwords\n
    \n
    - the company gets asked this question by other customers “do you have a password policy for your staff?” (that somehow includes an expiration frequency).\n
    - on-prem AD password complexity has some nice parts built in vs some terrible parts with no granularity. It’s a single check box in gpo that does *way* too much stuff. I’m also not going to write a custom password policy because I don’t have the skill set to do it correctly when we’re talking about AD, that’s nightmare inducing. (Looking at specops to help and already using Azure AD password protection in passive mode)\n
    - I think management is worried that a phishing event happens on a person with a static password and then unfairly conflating that to my argument of “can we just do two things: increase password length by 2 and decrease expiration frequency by 30 days”\n
    \n
    At the end of the day, some of us in IT security want to do the right things based in common sense but we get stymied by management decisions and precedence. Hell, I’ve brought NIST 800-63B documentation with me to check every reason why they wouldn’t budge. It’s just ingrained in them - meanwhile you look at the number of tickets for password help and password sharing violations that get reported … /Sigh
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 24
  +score: 0
  +lastActive: DateTime @1698149493 {#1434
    date: 2023-10-24 14:11:33.0 +02:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@Krudler@lemmy.world"
    "@Cqrd@lemmy.dbzer0.com"
  ]
  +children: Doctrine\ORM\PersistentCollection {#1652 …}
  +nested: Doctrine\ORM\PersistentCollection {#1679 …}
  +votes: Doctrine\ORM\PersistentCollection {#1668 …}
  +reports: Doctrine\ORM\PersistentCollection {#1666 …}
  +favourites: Doctrine\ORM\PersistentCollection {#1551 …}
  +notifications: Doctrine\ORM\PersistentCollection {#1576 …}
  -id: 69109
  -bodyTs: "'-63':235 '/sigh':273 '2':190 '30':196 '800':234 'ad':76,134,148 'alreadi':145 'also':108 'approv':41 'arbitrari':21 'argument':178 'ask':52 'azur':147 'b':236 'base':216 'battl':11 'box':97 'brought':232 'budg':248 'built':83 'burden':17 'check':96,241 'common':218 'compani':35,50 'complex':78 'conflat':174 'correct':128 'custom':57,114 'day':197,203 'decis':226 'decreas':192 'document':237 'end':200 'event':162 'everi':242 'expir':47,71,193 'fight':9 'frequenc':45,72,194 'get':51,222,271 'give':38 'go':110 'gpo':99 'granular':91 'happen':163 'hell':229 'help':143,265 'includ':69 'increas':186 'induc':138 'ingrain':252 'issu':32 'length':188 'lessen':15 'look':139,257 'm':2,8,107 'manag':156,225 'meanwhil':255 'mode':153 'much':104 'nice':81 'nightmar':137 'nist':233 'number':30,260 'on-prem':73 'part':82,88 'passiv':152 'password':19,48,62,77,115,149,170,187,264,267 'person':166 'phish':161 'polici':63,116 'preced':228 'prem':75 'protect':150 'question':54 'ran':27 're':131 'reason':243 'reduc':43 'report':272 'right':214 'rotat':22 'secur':5,209 'sens':219 'set':124 'share':268 'singl':95 'skill':123 'somehow':68 'specop':141 'staff':66 'static':169 'stuff':105 'stymi':223 'talk':132 'terribl':24,87 'thing':185,215 'think':155 'ticket':262 'two':184 'unfair':173 'us':206 'use':146 've':26,231 'violat':269 'vs':85 'want':13,210 'way':102 'worri':158 'would':37 'wouldn':246 'write':112"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://infosec.pub/comment/3663074"
  +editedAt: null
  +createdAt: DateTimeImmutable @1698149493 {#1699
    date: 2023-10-24 14:11:33.0 +02:00
  }
  +"title": 69109
}

App\Entity\EntryComment {#1610
  +user: App\Entity\User {#260 …}
  +entry: Proxies\__CG__\App\Entity\Entry {#1583
    +user: Proxies\__CG__\App\Entity\User {#1618 …}
    +magazine: Proxies\__CG__\App\Entity\Magazine {#1587 …}
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1874 …}
    +slug: "Tech-workers-what-did-your-IT-Security-team-do-that"
    +title: "Tech workers - what did your IT Security team do that made your life hell and had no practical benefit?"
    +url: null
    +body: """
      One chestnut from my history in lottery game development:\n
      \n
      While our security staff was incredibly tight and did a generally good job, oftentimes levels of paranoia were off the charts.\n
      \n
      Once they went around hot gluing shut all of the “unnecessary” USB ports in our PCs under the premise of mitigating data theft via thumb drive, while ignoring that we were all Internet-connected and VPNs are a thing, also that every machine had a RW optical drive.
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 261
    +favouriteCount: 423
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1698669717 {#1726
      date: 2023-10-30 13:41:57.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1410 …}
    +votes: Doctrine\ORM\PersistentCollection {#1708 …}
    +reports: Doctrine\ORM\PersistentCollection {#1910 …}
    +favourites: Doctrine\ORM\PersistentCollection {#2030 …}
    +notifications: Doctrine\ORM\PersistentCollection {#1362 …}
    +badges: Doctrine\ORM\PersistentCollection {#2020 …}
    +children: [
      App\Entity\EntryComment {#1610}
    ]
    -id: 7315
    -titleTs: "'benefit':19 'hell':14 'life':13 'made':11 'practic':18 'secur':7 'team':8 'tech':1 'worker':2"
    -bodyTs: "'also':71 'around':34 'chart':30 'chestnut':2 'connect':65 'data':52 'develop':9 'drive':56,79 'everi':73 'game':8 'general':20 'glu':36 'good':21 'histori':5 'hot':35 'ignor':58 'incred':15 'internet':64 'internet-connect':63 'job':22 'level':24 'lotteri':7 'machin':74 'mitig':51 'oftentim':23 'one':1 'optic':78 'paranoia':26 'pcs':46 'port':43 'premis':49 'rw':77 'secur':12 'shut':37 'staff':13 'theft':53 'thing':70 'thumb':55 'tight':16 'unnecessari':41 'usb':42 'via':54 'vpns':67 'went':33"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1698180461
    +visibility: "visible             "
    +apId: "https://lemmy.world/post/7232834"
    +editedAt: null
    +createdAt: DateTimeImmutable @1698094061 {#1595
      date: 2023-10-23 22:47:41.0 +02:00
    }
    +__isInitialized__: true
     …2
  }
  +magazine: Proxies\__CG__\App\Entity\Magazine {#1587 …}
  +image: null
  +parent: Proxies\__CG__\App\Entity\EntryComment {#1655 …}
  +root: Proxies\__CG__\App\Entity\EntryComment {#1655 …}
  +body: """
    I’m in IT security and I’m fighting this battle. I want to lessen the burden of passwords and arbitrary rotation is terrible.\n
    \n
    I’ve ran into a number of issues at my company that would give me the approval to reduce the frequency of expired passwords\n
    \n
    - the company gets asked this question by other customers “do you have a password policy for your staff?” (that somehow includes an expiration frequency).\n
    - on-prem AD password complexity has some nice parts built in vs some terrible parts with no granularity. It’s a single check box in gpo that does *way* too much stuff. I’m also not going to write a custom password policy because I don’t have the skill set to do it correctly when we’re talking about AD, that’s nightmare inducing. (Looking at specops to help and already using Azure AD password protection in passive mode)\n
    - I think management is worried that a phishing event happens on a person with a static password and then unfairly conflating that to my argument of “can we just do two things: increase password length by 2 and decrease expiration frequency by 30 days”\n
    \n
    At the end of the day, some of us in IT security want to do the right things based in common sense but we get stymied by management decisions and precedence. Hell, I’ve brought NIST 800-63B documentation with me to check every reason why they wouldn’t budge. It’s just ingrained in them - meanwhile you look at the number of tickets for password help and password sharing violations that get reported … /Sigh
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 24
  +score: 0
  +lastActive: DateTime @1698149493 {#1434
    date: 2023-10-24 14:11:33.0 +02:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@Krudler@lemmy.world"
    "@Cqrd@lemmy.dbzer0.com"
  ]
  +children: Doctrine\ORM\PersistentCollection {#1652 …}
  +nested: Doctrine\ORM\PersistentCollection {#1679 …}
  +votes: Doctrine\ORM\PersistentCollection {#1668 …}
  +reports: Doctrine\ORM\PersistentCollection {#1666 …}
  +favourites: Doctrine\ORM\PersistentCollection {#1551 …}
  +notifications: Doctrine\ORM\PersistentCollection {#1576 …}
  -id: 69109
  -bodyTs: "'-63':235 '/sigh':273 '2':190 '30':196 '800':234 'ad':76,134,148 'alreadi':145 'also':108 'approv':41 'arbitrari':21 'argument':178 'ask':52 'azur':147 'b':236 'base':216 'battl':11 'box':97 'brought':232 'budg':248 'built':83 'burden':17 'check':96,241 'common':218 'compani':35,50 'complex':78 'conflat':174 'correct':128 'custom':57,114 'day':197,203 'decis':226 'decreas':192 'document':237 'end':200 'event':162 'everi':242 'expir':47,71,193 'fight':9 'frequenc':45,72,194 'get':51,222,271 'give':38 'go':110 'gpo':99 'granular':91 'happen':163 'hell':229 'help':143,265 'includ':69 'increas':186 'induc':138 'ingrain':252 'issu':32 'length':188 'lessen':15 'look':139,257 'm':2,8,107 'manag':156,225 'meanwhil':255 'mode':153 'much':104 'nice':81 'nightmar':137 'nist':233 'number':30,260 'on-prem':73 'part':82,88 'passiv':152 'password':19,48,62,77,115,149,170,187,264,267 'person':166 'phish':161 'polici':63,116 'preced':228 'prem':75 'protect':150 'question':54 'ran':27 're':131 'reason':243 'reduc':43 'report':272 'right':214 'rotat':22 'secur':5,209 'sens':219 'set':124 'share':268 'singl':95 'skill':123 'somehow':68 'specop':141 'staff':66 'static':169 'stuff':105 'stymi':223 'talk':132 'terribl':24,87 'thing':185,215 'think':155 'ticket':262 'two':184 'unfair':173 'us':206 'use':146 've':26,231 'violat':269 'vs':85 'want':13,210 'way':102 'worri':158 'would':37 'wouldn':246 'write':112"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://infosec.pub/comment/3663074"
  +editedAt: null
  +createdAt: DateTimeImmutable @1698149493 {#1699
    date: 2023-10-24 14:11:33.0 +02:00
  }
  +"title": 69109
}

App\Entity\EntryComment {#1610
  +user: App\Entity\User {#260 …}
  +entry: Proxies\__CG__\App\Entity\Entry {#1583
    +user: Proxies\__CG__\App\Entity\User {#1618 …}
    +magazine: Proxies\__CG__\App\Entity\Magazine {#1587 …}
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1874 …}
    +slug: "Tech-workers-what-did-your-IT-Security-team-do-that"
    +title: "Tech workers - what did your IT Security team do that made your life hell and had no practical benefit?"
    +url: null
    +body: """
      One chestnut from my history in lottery game development:\n
      \n
      While our security staff was incredibly tight and did a generally good job, oftentimes levels of paranoia were off the charts.\n
      \n
      Once they went around hot gluing shut all of the “unnecessary” USB ports in our PCs under the premise of mitigating data theft via thumb drive, while ignoring that we were all Internet-connected and VPNs are a thing, also that every machine had a RW optical drive.
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 261
    +favouriteCount: 423
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1698669717 {#1726
      date: 2023-10-30 13:41:57.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1410 …}
    +votes: Doctrine\ORM\PersistentCollection {#1708 …}
    +reports: Doctrine\ORM\PersistentCollection {#1910 …}
    +favourites: Doctrine\ORM\PersistentCollection {#2030 …}
    +notifications: Doctrine\ORM\PersistentCollection {#1362 …}
    +badges: Doctrine\ORM\PersistentCollection {#2020 …}
    +children: [
      App\Entity\EntryComment {#1610}
    ]
    -id: 7315
    -titleTs: "'benefit':19 'hell':14 'life':13 'made':11 'practic':18 'secur':7 'team':8 'tech':1 'worker':2"
    -bodyTs: "'also':71 'around':34 'chart':30 'chestnut':2 'connect':65 'data':52 'develop':9 'drive':56,79 'everi':73 'game':8 'general':20 'glu':36 'good':21 'histori':5 'hot':35 'ignor':58 'incred':15 'internet':64 'internet-connect':63 'job':22 'level':24 'lotteri':7 'machin':74 'mitig':51 'oftentim':23 'one':1 'optic':78 'paranoia':26 'pcs':46 'port':43 'premis':49 'rw':77 'secur':12 'shut':37 'staff':13 'theft':53 'thing':70 'thumb':55 'tight':16 'unnecessari':41 'usb':42 'via':54 'vpns':67 'went':33"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1698180461
    +visibility: "visible             "
    +apId: "https://lemmy.world/post/7232834"
    +editedAt: null
    +createdAt: DateTimeImmutable @1698094061 {#1595
      date: 2023-10-23 22:47:41.0 +02:00
    }
    +__isInitialized__: true
     …2
  }
  +magazine: Proxies\__CG__\App\Entity\Magazine {#1587 …}
  +image: null
  +parent: Proxies\__CG__\App\Entity\EntryComment {#1655 …}
  +root: Proxies\__CG__\App\Entity\EntryComment {#1655 …}
  +body: """
    I’m in IT security and I’m fighting this battle. I want to lessen the burden of passwords and arbitrary rotation is terrible.\n
    \n
    I’ve ran into a number of issues at my company that would give me the approval to reduce the frequency of expired passwords\n
    \n
    - the company gets asked this question by other customers “do you have a password policy for your staff?” (that somehow includes an expiration frequency).\n
    - on-prem AD password complexity has some nice parts built in vs some terrible parts with no granularity. It’s a single check box in gpo that does *way* too much stuff. I’m also not going to write a custom password policy because I don’t have the skill set to do it correctly when we’re talking about AD, that’s nightmare inducing. (Looking at specops to help and already using Azure AD password protection in passive mode)\n
    - I think management is worried that a phishing event happens on a person with a static password and then unfairly conflating that to my argument of “can we just do two things: increase password length by 2 and decrease expiration frequency by 30 days”\n
    \n
    At the end of the day, some of us in IT security want to do the right things based in common sense but we get stymied by management decisions and precedence. Hell, I’ve brought NIST 800-63B documentation with me to check every reason why they wouldn’t budge. It’s just ingrained in them - meanwhile you look at the number of tickets for password help and password sharing violations that get reported … /Sigh
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 24
  +score: 0
  +lastActive: DateTime @1698149493 {#1434
    date: 2023-10-24 14:11:33.0 +02:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@Krudler@lemmy.world"
    "@Cqrd@lemmy.dbzer0.com"
  ]
  +children: Doctrine\ORM\PersistentCollection {#1652 …}
  +nested: Doctrine\ORM\PersistentCollection {#1679 …}
  +votes: Doctrine\ORM\PersistentCollection {#1668 …}
  +reports: Doctrine\ORM\PersistentCollection {#1666 …}
  +favourites: Doctrine\ORM\PersistentCollection {#1551 …}
  +notifications: Doctrine\ORM\PersistentCollection {#1576 …}
  -id: 69109
  -bodyTs: "'-63':235 '/sigh':273 '2':190 '30':196 '800':234 'ad':76,134,148 'alreadi':145 'also':108 'approv':41 'arbitrari':21 'argument':178 'ask':52 'azur':147 'b':236 'base':216 'battl':11 'box':97 'brought':232 'budg':248 'built':83 'burden':17 'check':96,241 'common':218 'compani':35,50 'complex':78 'conflat':174 'correct':128 'custom':57,114 'day':197,203 'decis':226 'decreas':192 'document':237 'end':200 'event':162 'everi':242 'expir':47,71,193 'fight':9 'frequenc':45,72,194 'get':51,222,271 'give':38 'go':110 'gpo':99 'granular':91 'happen':163 'hell':229 'help':143,265 'includ':69 'increas':186 'induc':138 'ingrain':252 'issu':32 'length':188 'lessen':15 'look':139,257 'm':2,8,107 'manag':156,225 'meanwhil':255 'mode':153 'much':104 'nice':81 'nightmar':137 'nist':233 'number':30,260 'on-prem':73 'part':82,88 'passiv':152 'password':19,48,62,77,115,149,170,187,264,267 'person':166 'phish':161 'polici':63,116 'preced':228 'prem':75 'protect':150 'question':54 'ran':27 're':131 'reason':243 'reduc':43 'report':272 'right':214 'rotat':22 'secur':5,209 'sens':219 'set':124 'share':268 'singl':95 'skill':123 'somehow':68 'specop':141 'staff':66 'static':169 'stuff':105 'stymi':223 'talk':132 'terribl':24,87 'thing':185,215 'think':155 'ticket':262 'two':184 'unfair':173 'us':206 'use':146 've':26,231 'violat':269 'vs':85 'want':13,210 'way':102 'worri':158 'would':37 'wouldn':246 'write':112"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://infosec.pub/comment/3663074"
  +editedAt: null
  +createdAt: DateTimeImmutable @1698149493 {#1699
    date: 2023-10-24 14:11:33.0 +02:00
  }
  +"title": 69109
}

null

null