Posts made by Dashrender

@travisdh1 said in What Are You Doing Right Now:

@Obsolesce said in What Are You Doing Right Now:

@travisdh1 said in What Are You Doing Right Now:

@Obsolesce said in What Are You Doing Right Now:

Time to change all of my passwords and get rid of LastPass

https://nakedsecurity.sophos.com/2022/12/23/lastpass-finally-admits-they-did-steal-your-password-vaults-after-all/

Time to replace Lastpass was years ago when they started tracking everyone.

Really, this isn't a reason to panic and change ALL your passwords unless you don't trust how Lastpass was designed.... If that's the case, why were you using it in the first place? Change your master password, done.

Read the article.

I haven't read this specific article, but I have seen lots of panic reporting saying "Change all your passwords right now!"

Which is only good advice if you've got a bad master password and no 2FA enabled.... Do the basic security things that you should be doing already, and no problem exists.

@Obsolesce is right - read it.

but since most won't - the hackers got into a backup of LP, they had access to all encrypted vaults. This means they can run hashes against the dbs offline, no MFA required.

Now sure, if you had a good LP password in the first place, this is much less of an issue, but not a zero issue situation.

I agree with Obsolesce - it's time to reset all passwords. The question for me is - is it time to change password managers?

I'm probably going to change - which also means changing many people at my company - ug damn I'm going to have a lot of people saying - "see - told you having all of your passwords in a one place was bad" /sigh.

@RojoLoco said in What Are You Doing Right Now:

Got some heavy tunes blasting, coffee brewing (again)... so much to do before heading across town for the xmas-ing.

I also just remembered it is 17F out, so I finally put a space heater in the garage to keep those pipes from freezing.

17, that’s a heatwave compared to our -7

I tried something similar to your soul ago with a USB print server on a demo printer and it did not work.
I have use the demo print servers and they seem to work OK.

@dafyre said in Random Thread - Anything Goes:

@PhlipElder said in Random Thread - Anything Goes:

@scottalanmiller said in Random Thread - Anything Goes:

Anyone been to Rackspace's website recently? I forgot that they even existed. I went to their website and realized why...

https://www.rackspace.com

This looks like an AI generated page of gibberish if you said "make a generic MSP page that says nothing."

I'm seeing rumblings that business continuity for anyone on their Hosted Exchange is a total loss. So, if they are not Outlook enabled and thus able to export their mailbox to a .PST file, or other such client that can do so, they are totally and completely hooped.

Sacrosanct Edict #1: One shall never lose the data. One shall save the data. One shall always back up the data. One shall always test restore the data. One shall lose job if lose the data.
^^^
In this case, one has to wonder how long RS is going to be around as the rest of their businesses get hit with the lack of trust.

Now, the G00g lost a freaking huge amount of mailboxes something like a decade ago. We had a customer impacted by that. No redress. None. Back then there wasn't a disaster recovery structure in place where they could back up their data short of making regular .PST files. So, gone. It was all in the G.

For personal backups, I'm using MailStore Home (https://www.mailstore.com/en/products/mailstore-home/). They have some business offerings that might be worth looking at regardless of your provider.

Thanks for this.

I have a client that doesn’t want to do M365 backups because they think a cloud provider won’t lose data.

@JasGot take a look at https://vitalpbx.com/sonata-stats/

@Pete-S said in "Snapshots" on win10 laptops?:

@scottalanmiller said in "Snapshots" on win10 laptops?:

@Pete-S said in "Snapshots" on win10 laptops?:

I want to be able to take a snapshot and then install things and then being able to roll back everything to the exact same place.

Windows Backup and Restore does this via the Volume Shadow Service (VSS). They call it a backup, but if the target is local, it's just a snapshot.

Windows Backup and Restore doesn't seem to allow a local target. I'm on 21H2.

While I suppose I could see a use of this - I wouldn't expect to be able to "backup" to the same disk you're backing up.

If you had a second physical disk, or even a second partition large enough to hold the contents of the backed up one - that should work for you.

Unlike VM backups - Windows generally doesn't have the ability to stop using the "disk file" and create a new one for changes, then allowing you to discard the extra disk, thereby reverting to the original. That's the process that makes snaps so good.

@JasGot said in "Snapshots" on win10 laptops?:

They are called Restore Points on windows 10.

https://support.microsoft.com/en-us/windows/create-a-system-restore-point-77e02e2a-3298-c869-9974-ef5658ea3be9#:~:text=In the search box on,and then select Create > OK.

Make a restore point, play around, the revert.

these are not the same as snaps in a VM - many things aren't reverted in restore points.

@scottalanmiller said in SAMIT: Stop Using Secure Email:

@Pete-S said in SAMIT: Stop Using Secure Email:

@scottalanmiller said in SAMIT: Stop Using Secure Email:

@JasGot said in SAMIT: Stop Using Secure Email:

@scottalanmiller
For regular e-mail (not "Secure E-Mail"), isn't the message traveling un-encrypted when it is moving MTA to MTA on port 25?

If you use things like free cPanel email or your ISPs email or have your nephew deploy his own email server without hiring any IT people... it's plausible that someone will screw up the config and leave it unsecured or if you accidentally host your email with scammers or something. That's essentially true with any misconfigured system of any type.

And even when misconfigured, most systems today will enable it by default. You'd have to run something unmaintained for a super long time or really go out of your way to do a bad job to have it come up in a new deployment.

There's no reasonable case where a business (or an individual at home) would not have obvious access to a secure system and defy all reasonable recommendations for many years and demand to be intentionally insecure to make them be in a situation where they don't have security on their own end and only if sending data to an insecure second party would the data be at risk and when that happens, the encrypted channel is moot because the target itself is insecure so it doesn't matter.

Yes, even scammers and spammers use TLS nowadays.

The only time we ever receive emails that are not TLS encrypted have been same odd email notifications from ERP or LOB systems. Probably legacy systems.

oh for sure, the only people we ever see on unencrypted email are senior citizens and doctors these days.

I’d add smaller ISPs too.

I'm lucky i have minimal pain, even after PT.

I've been on minimal narcotics.... and currently planning to quite narcotics sometime tomorrow.

the most annoying thing is everyone telling me to just chill and basically do nothing-ug

@gjacobse said in Todays' replacement for Teamviewer:

@Dashrender said in Todays' replacement for Teamviewer:

are you needing a free solution?

I wouldn't expect Teamviewer to give you unattended access for free. Heck they start nagging and possible disabling the use if they see you abusing the 'free' option.

This is for a 70+ year old club member for his own personal use between his laptop while in Florida and his home computer... so needs to be super simple and reliable and repeatable and - yea... free. And stupid simple.

looks like remoteutilities might fit the bill

@stacksofplates said in Todays' replacement for Teamviewer:

From what I remember with team viewer if you were logged in on both ends you didn’t need the OTP.

This is another piece of software I’ve used also and worked well.

https://www.remoteutilities.com/

nice

are you needing a free solution?

I wouldn't expect Teamviewer to give you unattended access for free. Heck they start nagging and possible disabling the use if they see you abusing the 'free' option.

if you want the users to transparently access the fileserver, then yes, when you change the password on the workstation, you would have to change the password on the server (someone remotes into the server, updates the password to match - done).

If you don't care about transparent access, then the user's have their own local (or MS ) account on their PCs.

The server has it's own set of users created for each person who will have access to the file server.

When the end user of the PC connects to the file server, they willp present their server created credentials, that information is stored by windows and from that point it's transparent.
IF the user changes their password on the PC, the mapped drive will continue as if nothing has changed.

@WrCombs said in PlayStation Game Drive; wont read on PlayStation or computer:

Checked for Drivers to install and installed 2 tool kits and a seagate driver that matches the model number. still no luck. It's USB only so I can plug it into a different computer as the hard drive to see if it boots up. I'm not sure what else to do.

huh drivers for a drive?

I'm guessing you could have a similar issue to connecting a Tivo drive to a windows machine - Tivo uses a file system that windows can't read.

Booting from Linux Live or attaching to Linux based OS provided additional file system support and instructions on how to access/copy, etc.

@dafyre said in What Are You Doing Right Now:

@Dashrender said in What Are You Doing Right Now:

Today I begin the recovery from my rotator cuff surgery I had this morning. Today is mostly my wife sterning telling me to sit down and stop doing stuff... I'm way more restless than normal. ug.

You can do stuff... Just not things that aggravate your rotator cuff, lol.

lol, the reality is that most movement involves moving the shoulder, even if it's just the tiniest amount.. which of course aggravates the rotator...

so along these lines, does there exist any cloud (SAAS really) solution provide a, from box open, ability for central user authentication?

I'm guessing not.
With Windows we have AutoPilot that can have a OOBE that directly attaches it to Azure AD.

But for Mac, Linux OSes, maybe chrome OS, you'd have to have an admin setup the device first, likely add software/agent, then those devices could use Azure AD.

Of course Google has their own solution for Chrome OS, though I have no idea if they have agents for Windows/mac/Linux OSes to do the same?

Now the flip side of that - the company allows you to work from home, but considering today's work environment, we assume most home workers will be using stuff like zoom, and the wardrobe (at least the top) is still required.

transportation no longer is - employee saving
commute time - employee saving

But
the company to no longer has a building - HUGE company savings
power bill greatly reduced - company saving
ISP likely reduced - company saving

I see a situation where this money spent on buildings goes to the employees so the employees can have homes that specifically cater to their work from home lives - i.e. a dedicated office space. Studies have shown the specific space is a function that allows an employee to more mentally break from work when most work is done in that office space, and life/family is done elsewhere.

Of course that said - the blend that Scott mentioned is important too - you need two hours in the middle of the day to do something with your kids - whatever it may be - you work two hours later that night to fulfill your work day.

But to that end I ask Scott - with unlimited vacation - where is the line? You mentioned that someone had a baby and took months off on vacation - so we assume this means paid... there has to be a line somewhere. The company needs to make money off the labor of the employee, otherwise why have them on staff? even more - why pay them?
And when not on vacation - what do you use to measure their output to ensure you're still getting enough value from their labor to keep them employed by you?

But speaking to the point Scott makes about using your own equipment and where the line is...

If you work in an office - you are required to have a wardrobe the office requires - you aren't paid extra for that. Sure you can likely wear that wardrobe other places as well, but how likely is that really?
As Scott pointed out - you are responsible for providing your transportation to the office (at least in USA, and I assume in Canada and EU). In USA and Canada this almost exclusively means you need to own a car, unless you live in one of around 8 (and it's probably more like 3) cities that have unbelievably good public transportation. OK Transportation - so that means owning a car - something most companies pay zero for.

again as mentioned, you're not paid for your commute time, etc.

why are these things acceptable? these are all things that cost YOU because you work for THEM.

wow - the whole company owns your house thing seems super scary to me. You fire me and I'm instantly homeless... I don't even necessarily have a lease to protect me for some remaining months - and even if you put a lease in place, without a provision like - if fired the employee can pay xxx rate for 6 months while finding new accommodations, after which time they must move out. Of course a provision like this is bad for the company, because they have no place to put the replacement person for 6 months...

As for @William issue - I would definitely consider making an appointment with a chiropractor. I too hurt my back 20 years ago... and a few weeks at chiro made all the difference in the world. Since then I've gone back a few times here an there as pain came up.

At a minimum, considering how long you've dealt with this - it sounds like it's time to expand your treatment options.

As Scott said - most 'doctors' dismiss Chiropractic care. there's two general reasons for this - they are trained to dismiss it during their education as - non medical, and two as Scott said - it takes money out of their pocket.

That second reason is the main reason why I would consider a national healthcare situation as a good one - take the incentive away from doctors making more money because they see more patients. Their desire to make money is in direct conflict with your desire to feel better.