What's seems odd to me (even though it probably isn't) is that there are no major players also working on this in tandem. If this is supposed to be the next iteration of anonymous login there are a ton of security adjacent vendors that would love this.

@JaredBusch said in What Are You Doing Right Now:

Nice.

@JaredBusch said in What Are You Doing Right Now:

D&D weekend underway.

Been gaming since 7pm.

All day tomorrow and Saturday too.

Lucky.

@Emad-R said in KVM Desktop Setup Ideas:

@hobbit666

AMD Ryzen and disable SMT, get something with NVMe M2 storage, buy cheapest m2 storage, install OS there, make RAID on the SATA disks, or something else, and use those as VM storage

Why? Your OS gets loaded to memory having it on an SSD when your actual workloads aren't doesn't make a lot of sense.

@DustinB3403 said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

@DustinB3403 said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

@DustinB3403 said in What Are You Doing Right Now:

@dafyre said in What Are You Doing Right Now:

KVM is also nice because you can continue using that machine as a regular desktop as well, if you need to do so. (Can't do that with VMware, Hyper-V or XenServer).

No one expects to use their Type 1 hypervisor as a desktop.

This is the statement that we are all addressing.

Yes, because it isn't a normal expectation to take

We've covered that. It is. SO normal.

It is not normal.

Do you have a Daily driver Type 1 hypervisor that is sitting in a co-lo?

Wait what? Who uses a Daily driver in a colo? That makes 0 sense. A local desktop with Hyper-V on it is my daily driver.

@dafyre said in MSPs the New Hacker Target?:

@scottalanmiller said in MSPs the New Hacker Target?:

@coliver said in MSPs the New Hacker Target?:

@scottalanmiller said in MSPs the New Hacker Target?:

@dafyre said in MSPs the New Hacker Target?:

@Dashrender said in MSPs the New Hacker Target?:

@dafyre said in MSPs the New Hacker Target?:

@scottalanmiller said in MSPs the New Hacker Target?:

User individual user credentials whenever possible, not shared credentials.

It is so tempting, especially because customers often push for this, to has common credentials for tasks. But this means that leaking creds is easy and maintaining them is hard. Not to mention problems tracking their use. Have users log in as themselves, track them, make them maintain their own creds. Keep creds individualized whenever possible.

Both at the MSP and your clients. Each MSP Agent should have an account at the client, with maybe an emergency "if all else fails" shared account.

I'd like to think the client could maintain the emergency account - but I could see some companies where the MSP is the ENTIRE IT department, so there would be no one at the company, save maybe the owner/CEO who could have this - but would likely lose it, etc.

That's actually not a bad idea for the clients that can maintain one.

It's pretty common to do so. Problem is, the MSP also needs confidence that the account is not used without them knowing.

Need a break glass account.

That's what we are discussing, I thought, lol.

He means literally an envelope with a username & password sealed inside protected by a glass case?

I mean not literally... but pretty close. Offline user credentials that are stored in a safe location sealed away to ensure the business doesn't have access to them until a time comes where the need to break the seal.

@scottalanmiller said in MSPs the New Hacker Target?:

@dafyre said in MSPs the New Hacker Target?:

@Dashrender said in MSPs the New Hacker Target?:

@dafyre said in MSPs the New Hacker Target?:

@scottalanmiller said in MSPs the New Hacker Target?:

User individual user credentials whenever possible, not shared credentials.

It is so tempting, especially because customers often push for this, to has common credentials for tasks. But this means that leaking creds is easy and maintaining them is hard. Not to mention problems tracking their use. Have users log in as themselves, track them, make them maintain their own creds. Keep creds individualized whenever possible.

Both at the MSP and your clients. Each MSP Agent should have an account at the client, with maybe an emergency "if all else fails" shared account.

I'd like to think the client could maintain the emergency account - but I could see some companies where the MSP is the ENTIRE IT department, so there would be no one at the company, save maybe the owner/CEO who could have this - but would likely lose it, etc.

That's actually not a bad idea for the clients that can maintain one.

It's pretty common to do so. Problem is, the MSP also needs confidence that the account is not used without them knowing.

Need a break glass account.

@scottalanmiller said in What Are You Doing Right Now:

@coliver said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

@DustinB3403 said in What Are You Doing Right Now:

But there is in no way the general expectation that a Type 1 hypervisor is and should also be capable of being a daily driver.

This is where you go off the rails. Since this is common and everyone knows that this is a normal expectation, why would you state something that you know can't be true?

People need desktop virtualization all of the time. And in the modern market, there is essentially no reason to ever look at the only good Type 2, VirtualBox, because it is not nearly as good as Hyper-V or KVM. It's not as fast, or not as safe, and certainly not as easy.

The only reason anyone still considers Type 2 is because some people want Windows Home, and there is no Type 1 option.

I can see for Gamers who also need to do some VMs they may not want the Hyper-V overhead and would aim for type 2.... I hae no idea how much overhead Hyper-V actually introduces though.

I thought that at one point, but it is essentially zero. Gaming is fine with it.

I think they do native GPU passthrough behind the scenes. So the biggest bottleneck is pretty much non-existent.

@scottalanmiller said in What Are You Doing Right Now:

@DustinB3403 said in What Are You Doing Right Now:

But there is in no way the general expectation that a Type 1 hypervisor is and should also be capable of being a daily driver.

This is where you go off the rails. Since this is common and everyone knows that this is a normal expectation, why would you state something that you know can't be true?

People need desktop virtualization all of the time. And in the modern market, there is essentially no reason to ever look at the only good Type 2, VirtualBox, because it is not nearly as good as Hyper-V or KVM. It's not as fast, or not as safe, and certainly not as easy.

The only reason anyone still considers Type 2 is because some people want Windows Home, and there is no Type 1 option.

I can see for Gamers who also need to do some VMs they may not want the Hyper-V overhead and would aim for type 2.... I hae no idea how much overhead Hyper-V actually introduces though.

@DustinB3403 said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

@DustinB3403 said in What Are You Doing Right Now:

@coliver said in What Are You Doing Right Now:

@DustinB3403 said in What Are You Doing Right Now:

@dafyre said in What Are You Doing Right Now:

KVM is also nice because you can continue using that machine as a regular desktop as well, if you need to do so. (Can't do that with VMware, Hyper-V or XenServer).

No one expects to use their Type 1 hypervisor as a desktop.

I have VMs on my local desktop with Hyper-V. Not production but they are good for a lab.

Is it your expectation to use XenServer as a desktop?

That's impossible, it doesn't offer that feature. Hence your confusion. You are thinking of something totally different.

No the fuck I'm not.

My point was very clear. Is the general expectation to use a Type 1 hypervisor as a desktop. No, generally it is not. If you need to use a Type 1 hypervisor as your daily driver you would skip past XenServer, Xen, ESXi and XCP-ng and look at alternatives.

But there is in no way the general expectation that a Type 1 hypervisor is and should also be capable of being a daily driver.

Two of the big three can be used as daily drivers though.

@DustinB3403 said in What Are You Doing Right Now:

@coliver said in What Are You Doing Right Now:

@DustinB3403 said in What Are You Doing Right Now:

@dafyre said in What Are You Doing Right Now:

KVM is also nice because you can continue using that machine as a regular desktop as well, if you need to do so. (Can't do that with VMware, Hyper-V or XenServer).

No one expects to use their Type 1 hypervisor as a desktop.

I have VMs on my local desktop with Hyper-V. Not production but they are good for a lab.

Is it your expectation to use XenServer as a desktop?

FFS did I say something that was confusing.

This is not an expectation generally made that a Type 1 Hypervisor can also be used as a daily driver. Persons who do this are making a case in which they need a daily driver and a Type 1 Hypervisor.

It is not the normal expectation.

No? I can't use XenServer as a desktop it doesn't have that option without seriously modifying the system. I could use Xen or KVM though if I was trying to emulate what I have with Hyper-V right now.

@DustinB3403 said in What Are You Doing Right Now:

@dafyre said in What Are You Doing Right Now:

KVM is also nice because you can continue using that machine as a regular desktop as well, if you need to do so. (Can't do that with VMware, Hyper-V or XenServer).

No one expects to use their Type 1 hypervisor as a desktop.

I have VMs on my local desktop with Hyper-V. Not production but they are good for a lab.

@DustinB3403 said in What Are You Doing Right Now:

The funny part is that they likely do use Polycom.

Probably a Cisco phone system... it seems to be what every Government agency I've seen uses.

https://techdirect.dell.com/api_docs/apiwarrantyv4.pdf

Purchase date works but if you want specific information Dell has an API designed to look up Warranties.

@IRJ said in Never Give More than Two Weeks Notice:

@flaxking said in Never Give More than Two Weeks Notice:

But if your employer still asks you to do something if you tell them you don't think it is safe, it's probably time to start looking anyway. The biggest problem I see is that employees will not tell the employer they think the work is not safe.

I know quite a few bloodsucking lawyers in my area that would be foaming at the mouth for an oppurtunity like this... Employee reports violation to OSHA and then employee gets fired..

Whistleblower protections are a pretty big deal in the US.

@scottalanmiller said in DD-WRT:

@coliver said in DD-WRT:

@DustinB3403 said in DD-WRT:

@scottalanmiller said in DD-WRT:

@DustinB3403 said in DD-WRT:

In any scenario I would consider GoPro, prosumer at best. But I'm also not an expert on videography or photography. But as a device they seem ridiculous. On par with using a Raspberry Pi in my opinion.

This is a weird stance. What fixed lens, wide angle, ruggedized, portal videography equipment do you feel so outshines GoPro?

I have no comparison. But in handling the equipment it felt like rubbish. I've not used it nor would I want to.

You should. If you ever need something that fits in that specific niche you won't really find anything much better or comparable to a GoPro.

I have a few, I'm constantly amazed by what they can do. I know @MarigabyFrias's shop uses them, too.

I have a front mount on my Snowmobile for one and have a helmet mount I've never used. I really only use it to capture other people doing stupid shit.

@scottalanmiller said in DD-WRT:

@DustinB3403 said in DD-WRT:

@scottalanmiller said in DD-WRT:

@DustinB3403 said in DD-WRT:

In any scenario I would consider GoPro, prosumer at best. But I'm also not an expert on videography or photography. But as a device they seem ridiculous. On par with using a Raspberry Pi in my opinion.

This is a weird stance. What fixed lens, wide angle, ruggedized, portal videography equipment do you feel so outshines GoPro?

I have no comparison. But in handling the equipment it felt like rubbish. I've not used it nor would I want to.

They are super solid, extremely rugged. Incredible image quality. Being able to do what they do at their size is nearly a miracle of modern engineering. They are used by nearly every professional videography shop today because of their outstanding quality and reliability.

They've also had a roll in pretty much every major movie in the past decade. Whether it be as a steady cam tracking a shot or on a rig over the shoulder of a character. They are versatile as long as you understand their use case.

@DustinB3403 said in DD-WRT:

@scottalanmiller said in DD-WRT:

@DustinB3403 said in DD-WRT:

In any scenario I would consider GoPro, prosumer at best. But I'm also not an expert on videography or photography. But as a device they seem ridiculous. On par with using a Raspberry Pi in my opinion.

This is a weird stance. What fixed lens, wide angle, ruggedized, portal videography equipment do you feel so outshines GoPro?

I have no comparison. But in handling the equipment it felt like rubbish. I've not used it nor would I want to.

You should. If you ever need something that fits in that specific niche you won't really find anything much better or comparable to a GoPro.

I think they are still updating it.

https://svn.dd-wrt.com/timeline

@dbeato said in DD-WRT:

@notverypunny said in DD-WRT:

Anyone else on here using DD-WRT? I've been running it on a TP-Link Archer C7 v2 at home for a while now... just tried to check their site for updates and there's no listings in the downloads section anymore. Just wondering if anyone on here had any news or insight.... didn't spot anything skimming their forum really quick and I didn't see anything on the front page.... hopefully just a passing bug on the site.

Mmm no, I have moved onto Ubiquiti, last time I touched ddwrt was maybe 2013.

Same here.