Took away Admin rights, so everytime you wanted to install something or do something in general that requires higher privileges, we had to file a ticket in the helpdesk to get 10 minutes of Admin rights.
The review of your request took sometimes up 3 days. Fun times for a software developer.
Oh shit, you just reminded me of the time that I had to PHONE Macromedia to manually activate software because of the firewalling. This was after waiting days to get administrative permission to install it in the first place.
“Thank you” for helping resurface those horrible memories!
We worked around this at my old job by getting VirtualBox installed on our PCs and just running CentOS or Ubuntu VMs to develop in. Developing on windows sucks unless you’re doing .NET imo.
Developing on VMs also sucks, neverending network issues on platforms like Windows which have a shitty networking stack (try forwarding ports or using VPN connections).
In fact, Windows is just a shitty dev platform in general for non-Microsoft technologies but I get that you needed to go for the least shit option
Yeah fortunately we didn’t need to do any port forwarding or anything complex for networking for developing locally. It was definitely much easier for us. I don’t like Apple, but I didn’t mind my other old job that gave us MacBooks honestly.
I submitted a ticket that fell into a black hole. I have long since found an alternate solution, but am now keeping the ticket open for the sick fascination of seeing how long it takes to get a response. 47 days and counting…
Any ticketing system set up like that is just begging for abuse. If they don’t have queue managers then the team should share the hit if they just leave the ticket untouched
I actually think they’re new school enough where Linux to them means a lot less than it does to us. And so they don’t feel at home on a Linux machine and, unfortunately, don’t care to learn.
I could totally be wrong, though. Maybe I’m the moron.
I’m happy enough to spend time and energy and get into new games. The difference is my standards are WAY higher than when I was younger. I’ve played so many games that it’s hard to impress.
Yup. My first console technically was a NES (technically Atari 2600 but I was really young). Been playing console and PC games ever since. I used to love games. Wanted to design them and even got a job as a game tester and GM for WoW (tester made me realize I didn’t want to work in the industry). I don’t know when it started but outside of a few instances I can’t get into games anymore. I think there are a few reasons (though they’re sort of overlapping).
I’ve already experienced a lot of it. I’ve saved countless kingdoms, stop hundreds of bad guys from blowing up stuff, repeatedly discovered the mysteries of crystals/labs/villages. There isn’t a lot of “new” stuff.
I don’t have consistent chunks of free time and don’t want to use all my freetime playing games. I can’t always invest in a long story and a lot of games take a while to get started.
As I get older I value my time more. I’m not necessarily old but looking at life expectancy I’ve hit the midway point. That just causes me to evaluate my freetime differently. Unfortunately that doesn’t mean I am necessarily making the best of use of my time but stops me from spending 8 hours of a Saturday playing the new Spider-Man.
I find my need to unwind and relax increases with age. After a long stressful day at work I don’t necessarily want to engage with complex systems or drawn out stories. I just want to start playing and not have to think. I also don’t want to be stressed. I find online competitive games to be stressful.
There are other issues like the market has changed and less games align with what I enjoy. Social aspect of games are mostly gone for me.
Banned open source software because of security concerns. For password management they require LastPass or that we write them down in a book that we keep on ourselves at all times. Worth noting that this policy change was a few months ago. After the giant breach.
Care to elaborate “MFA via SMS only”? I’m not in tech and know MFA through text is widely used. Or do you mean alternatives like Microsoft Authenticator or YubiKey? Thanks!
Through a low tech social engineering attack referred to as SIM Jacking, an attacker can have your number moved to their SIM card, redirecting all SMS 2FA codes effectively making the whole thing useless as a security measure. Despite this, companies still implement it out of both laziness and to collect phone numbers (which is often why SMS MFA is forced)
Banning open source because of security concerns is the opposite of what they should be doing if they care about security. You can’t vet proprietary software.
Not my IT department (I am my IT department): One of the manufacturers for a brand of equipment we sell has a “Dealer Resource Center,” which consists solely of a web page where you can download the official product photography and user’s manuals, etc. for their products. This is to enable you to list their products on your e-commerce web site, or whatever.
Apparently whoever they subcontracted this to got their hands on a copy of Front End Dev For Dummies, and in order to use this you must create a mandatory account with minimum password complexity requirements, and solve a CAPTCHA every time you log in. They also require you to change your password every 60 days, and if you don’t they lock your account and you have to call their tech support.
Three major problems with this:
There is no verification check that you are actually an authorized dealer of this brand of product, so any fool who finds this on Google and comes up with an email address can just create an account and away you go downloading whatever you want. If you’ve been locked out of your account and don’t feel like picking up the telephone – no problem! Just create a new one.
There is no personalized content on this service. Everyone sees the same content, and it’s not like there’s a way to purchase anything on here or anyway, and your “account” stores no identifying information about you or your dealership that you feel like giving it other than your email address. You are free to fill it out with a fake name if you like; no one checks. You could create an account using obvioushacker@pwned.ru and no one would notice.
Every single scrap of content on this site is identical to the images and .pdf downloads already available on the manufacturer’s public web site. There is no privileged or secure content hosted in this “Resource Center” whatsoever. The pictures aren’t higher res or anything. Even the file names are the same. It’s obviously hooked up to the same backend as the manufacturer’s public web site. So if there were such a thing as a “bad actor” who wanted to obtain a complete library of glamor shots of durable goods, for some reason, there’s nothing stopping them from scraping the public web site and coming up with literally exactly the same thing.
Endless approval processes are a good one. They don’t even have to be nonsensical. Just unnecessarily manual, tedious, applied to the simplest changes, with long wait times and multiple steps. Add time zone differences and pile up many different ones, and life becomes hell.
They set zscaler so that if I don’t access an internal service for an unknown number of months, it means I don’t need it “for my daily work”, so they block it. If I want to access it again I need to open a ticket. There is no way to know what they closed and when they’ll close something.
In 1 months since this policy is active, I already have opened tickets to access test databases, k8s control plane, quality control dashboards, tableau server…
Zscaler is one of the worst products I’ve had the displeasure to interact with. They implemented it at my old job and it said that my home Internet connection was insecure to connect to the VPN. Cyber Sec guys couldn’t figure out the issue because the logs were SO helpful.
Took working with their support to find that it has somehow identified my nonstandard address spacing on my LAN to be insecure for some reason.
I kept my work laptop on a separate vlan for obvious reasons.
Pretty sure it’s some misapplied heuristics for previously identified bad clients, but that should only trigger an alert (with details!) in most cases and not block you if it’s not also paired with any known malicious activity
I’m going off memory from early 2021. But it was my private IP on the laptop using a Class B private address according to their support team. I was flabbergasted. Maybe they just expected every remote worker to use Class C or something. Who knows?
Haha, I never thought of this but…I WAS the IT department in a previous life. I never really thought about how none of this shit really affected me. Granted, I’d have everyone using Yubikeys+Password for logins if I were in charge now.
We’ve moved to SilverFort. That way I can keep using the YKs but actually enforce them correctly. It allows WAAAY more visibility and control over the things that matter, and it’s diagnostics and easy policy generation from lookups is great.
They forbid us to add our ssh keys in some server machines, and force us to log in these servers with the non-personal admin account, with a password that is super easy to guess and haven’t been changed in 5 years.
I’m sure there are more elegant ways they could have disabled the USB ports, but this might have been partially to avoid users being able to accidentally compromise their device by sticking a thumb drive they found in the parking lot in to see what was on it. For exfiltration and VPN usage over the network there are other controls they can/likely had put in place that you may just not have known about
asklemmy
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.