I got to say after reading a couple stories here I can understand the frustrations and some very legitimate stories here make a lot of sense in the context of it teams fucking up. but I also think there’s a lot of ignorance about what people are actually trying to accomplish in some of these stories as somebody that does it security and a lot of compliance work sometimes we’re doing these things because we have to not so much that we want to.
Doesn’t matter to the end user whose fault it is. The spirit of this discussion is what was done to make your life harder. If you want to, go ahead and read it as “IT workers, what stupid things were you mandated to do that made your workers jobs harder?” The end user doesn’t know why a thing happens, just that IT did it. They’ll complain to IT and if it’s not their fault, it’s their responsibility to push back on whoever is calling these shots. The idiot in charge won’t know any better unless he’s called out on his bullshit.
I understand, I often have to explain to large groups of people why we make the choices we make as a security team and it’s not always a very popular thing I make a lot of people upset because security and convenience don’t really work well together.
You could try to fix this from a very different angle by buying those strips for the nose against snoring. Those strips can temporarily unobstruct the air flow in the nose.
Snoring is often a sign of sleep apnea, which is easily treatable. Your wife should take a sleep test to see if she has it. Can take years off your life if left undiagnosed.
If it starts to make you do weird/senseless things like waving your cellphone in the air to stop the government from tracking you or similars, then yeah… that’d be a liiiiiiiiiiiittle too much.
Sluggy Freelance is one of the longest running webcomics in the world, and I think it is the longest running one where the author makes a living from it.
Here in Portugal the IT guys at the National Health Service recently blocked access to the Medical Doctor’s Union website from inside the national health service intranet.
The doctors are currently refusing to work any more overtime than the annual mandatory maximum of 150h so there are all sorts of problems in the national health service at the moment, mainly with hospitals having to close down emergency services to walk-in patients (this being AskLemmy, I’ll refrain from diving into the politics of it) so the whole things smells of something more than a mere mistake.
Anyways, this has got to be one of the dumbest abuses of firewalling “dangerous” websites I’ve seen in a long while.
I used to work with a guy who glued the USB ports shut on his labs. I asked him why he didn’t just turn them off in BIOS and then lock BIOS behind a password and he just kinda shrugged. He wasn’t security, but it’s kinda related to your story.
¯_(ツ)_/¯
Security where I work is pretty decent really, I don’t recall them ever doing any dumb crazy stuff. There were some things that were unpopular with some people but they had good reasons that far outweighed any complaints.
I just wrote a script that let me know if usb devices changed and emailed me. It was kinda funny the one time someone unplugged a USB hub to run a vacuum. I came running as like 20 messages popped up at once.
When they did this for the stated reason of preventing data theft via thumb drive, the mice & keyboards were still plugged into their respective USB ports, and if I really wanted I could just unplug my keyboard and pop in a thumb drive. Drag, drop, data theft, done.
Further to this madness, half of the staff had USB hubs attached to their machines within a week which they had purchased at dollar stores. Like…?
At any time, if I had wanted to steal data I could have just zipped it and uploaded it to a sharing site. Or transferred it to my home PC through a virtual machine and VPN. Or burned it using the optical drive. Or come up with 50 other ways to do it under their noses and not be caught.
Basically just a bunch of dingbat IT guys in a contest to see who could find a threat behind every bush. IT policy via SlashDot articles. And the assumption that the very employees that have physical access to the computers… are the enemy.
Okay I’ll concede that SOMEWHERE in the world there exists a condition where somebody has to prevent the insertion of an unauthorized thumb drive, they don’t have access to the BIOS, they don’t have the password, or that model does not allow the disabling of the ports. No other necessary devices are plugged in by USB. Policy isn’t or can’t be set to prevent new USB devices from being added to the system. And this whole enchilada is in a high-traffic area with no physical security and many with unknown actors.
Access to change production systems was limited to a single team, which was tasked with doing all deploys by hand, for an engineering organisation of 50+ people. Quickly becoming overloaded, they limited deploy frequency to five deploys per day, organisation-wide.
I had to run experiments that generate a lot of data (think hundreds of megabytes per minute). Our laptops had very little internal storage. I wasn’t allowed to use an external drive, or my own NAS, or the company share - instead they said “can’t you just delete the older experiments?”… Sure, why would I need the experiment data I’m generating? Might as well /dev/null it!
Unless something's changed recently, you can just install the Chromium browser itself. And it looks like it's available as a Flatpak. As a bonus this will eliminate anything extra added by browser manufacturers as a potential problem.
Yes. I’ve considered that, but does it still report back to Google? Even though that majority of what I visit will be “http://127.0.0.1:8080”, I’d still rather not be spied on by Google.
It does phone home, but with the right DNS settings you can block that. Heck, if you're just going to localhost you can disconnect the machine from the network entirely.
I mostly code on Linux, but I also code on Mac, since I have to test on Safari. I don’t really ever code on Windows. Windows exists on a separate disk in my computer just to boot into every 3 or 4 months when I release a new version of a desktop app and need to build for Windows.
So I want a browser that at least works on Linux and Mac. What I meant in my post was I wanted it installable through Flatpak rather than a snap or deb, since I use Fedora.
Do you just want a listing of facts with no analysis? Probably Reuters or Associated Press (AP).
Do you want facts and context and minor analysis (like historical comparisons, etc.)? That’s gonna be BBC and NPR/PBS. Maybe The Economist.
If you want deeper analysis or opinion… That’s gonna be tricky. Probably Al Jazeera, The Guardian (maybe), … I dunno if it’s possible to find one balanced need source that will have in depth analysis or opinion. Probably best to pick two that are about the same distance from “neutral” in either direction.
I do like Al Jazeera for an alternate perspective from the Western media taking points, but I wouldn’t necessarily call them unbiased particularly when it comes to this conflict.
That being said, I highly recommend their documentary series Al Nakba which is a documentary series about the founding of Israel from the Palestinian perspective.
asklemmy
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.