Skip Navigation
InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)SD
sylver_dragon @lemmy.world
Posts 9
Comments 876
Windows Defender be like...
  • Na, my experience is that Defender is fine with users downloading browsers and "updates" from random Russian sites. It's happy to let the users install that software and only bothers to log a "hey, maybe this was bad" alert some time later. Edge, on the other hand, loses it's shit when you visit the official download sites for Chrome or FireFox.

  • Police officer tells court of failed attempts to disarm 95yo holding knife
  • The incident involved two knives. Here's a picture of them (from the linked article):

    The officer tased a 95-year old woman, who needed a walker to move about, because she was holding a steak knife.
    Ya, I get not wanted to get a bit of a ragged cut, but Jesus Zombie Christ, that situation sounds less threatening than a box full of kittens.

  • AI PCs flood the market. Their makers hope someone wants them; Despite 49% surge in shipments, buyers seem unconvinced.
  • I’m still hoping that the somewhat irrational anger towards “AI” stuff subsides

    I think this anger is linked to the irrational exuberance for "AI".

    Personally, I kinda hate AI. Not because of any sort of fear of job loss or anything like that. It's because "AI" has been rolled out heavily in the Cybersecurity space, making my work life hell because of it. Models are only as good as their training and this means that any AI model which is going to spot anomalies in a network needs to spend a good amount of time being trained. However, what the vendors sell are touted as unsupervised models. They just need to spend a while on your network and they can automagically learn what "normal" is and then alert you on "abnormal". This ignores the fact that you still need your analysts chasing false positives constantly from this black box. And that "black box" aspect is a major problem. You'll get an AI/ML based alert with exactly fuck all in detail on why the alert triggered. If you're lucky, you might get a couple log entries along with the alert, but nothing saying why those entries are suspicious.

    I will grant that, there are a few cases where the "AI" in a product has worked. Mostly, it's been in language processing. Heck, having an AI half-write a function for you in a tool you don't use very often is quite nice. You almost always need to rework the results a bit, but it can get you started. But, my first question for any vendor talking about "AI Detections" is "how do we tune false positives?". It's just too big of a headache. And most of them try to downplay the need or dodge the question. Or, you have to babysit the model, effectively making it a supervised model. Which, fine. Just stop telling me how much time it's going to save me, when I'm going to spend more time supervising the model than searching for threats in my environment. And, for fucks sake, design that shit to explain itself.

    As for putting AI in my system. I can see a use case for language processing. Heck, I'd love to have the Star Trek style, "hello computer..." type stuff actually work worth a damn. Google and Siri are pretty close, though even those can be shit on toast when trying to do anything slightly complex. And having all that done locally, without having to send data "to the cloud" sounds great for privacy and security (until MS adds a keylogger as part of the OS). But, given how much time my GPU sits at or very near idle, I do wonder if the extra chip is worth the silicon or space.

    In the end, I'm expecting this to go much the way TPM has. We'll all end up with it in our systems, whether or not we know, care or use it. All because manufacturers just start soldering it on to everything. Maybe someone will find a good use for it eventually, distributed AI porn, maybe? But, like a lot of AI, it seems like a solution in search of a problem.

  • What your coffee preparation method says about you
  • BLUF: It's been a mixed bag, but I would call it "worth it".

    I've used Ubuntu a bit before. That's what my home server runs on and has for years. Granted, most of it's functions live in Docker containers. I also used both Debian (via Kali) and Ubuntu at work (yes, I know Ubuntu is Debian based, but it's also big enough to have it's own dedicated ecosystem). I work in Cybersecurity and use Linux based tools for image acquisition, digital forensics and data recovery. Kali makes for a great "it just works" system to validate vulnerabilities and poke at a network. And, between a lot of tools targeting Ubuntu and frameworks like SANS SIFT, Ubuntu gets used a lot. I also supported several Red Hat based servers at work for various tools. I'm far from an expert on Linux, but I can usually hold my own.

    In a lot of ways, Arch wasn't an obvious choice for me. And I seriously considered going with Ubuntu (or another Debian based OS (e.g. PopOS)) at first. It's worth mentioning that my primary use for my desktop is video games. So, that heavily effected my choices. That said, the reasons for choosing Arch ended up being:

    1. I have a SteamDeck and most of my games "just work" on it. With Arch being the flavor of Linux Valve is targeting, following their lead seemed like a good idea. I expected that a lot of effort to get games working on "Linux" would ultimately be focused on getting games working on Arch.
    2. I wanted a "minimal" system. I can be a bit of a control freak and privacy nut. I already self-host NextCloud, because I don't want my pictures/data sitting on someone else's computer. So, the "install only what you need" nature of Arch was appealing.
    3. I did do some testing of Ubuntu on my system and had driver issues (nVidia GPU) and some other problems I didn't put the time into running down. In the end, it put me off Linux for a while before I came back to it and ran Arch.

    One of the things I did, which was really helpful, was a "try before you buy" setup. I was coming from Windows 10. And, as mentioned above, gaming was my main use case. So, that had to work for me to make the jump. Otherwise, I was going to milk Windows 10 for as long as possible and then figure things out when it went EOS. So, I installed Arch on a USB 3.0 thumbdrive and left my Windows OS partition alone. I also mounted my "Games" drive (M.2 SSD) and installed games to that. It was still NTFS, but that only created minor bumps in the road. Running that configuration for a couple months proved out that Arch was going to work for me.

    When it came time to fully change over, I formatted my Windows OS partition as ext4, setup the correct folder structure and rsync'd everything from the thumbdrive to it. So, everything was the way I'd had it for those couple months. I did have an issue that my BIOS refused to see the OS partition on the SATA SSD I used for my OS partition; but, that was MSI's fault (I have an MSI motherboard). And that was resolved by changing where GRUB is located in my /boot partition.

    Overall, I've been happy with the choice I made. Arch hasn't always been easy. Even the Official Install Guide seems to come from a RTFM perspective. But, if you're willing to put the time into it, you will learn a lot or you won't have a functional system. And you'll end up with a system where you can fire up a packet capture and have a really good idea of what each and every packet is about. As for gaming, so far I've had exactly one game which didn't run on Linux. That was Call of Duty 6, which I was considering giving a go to play with some folks I know. But, Activision's Anti-Cheat software is a hard "no" on Linux. So, I had to pass on that. Otherwise, every game I have wanted to play either had native Linux support or worked via Proton/WINE.

  • Swords suck, spears are a way more effective weapon
  • You only get a short time with the pointy end of the spear and then once a sword wielder is inside your range, you’ve got an unwieldy stick and they have a sword. Good for stand off melee maybe but prob not.

    Yes, but getting in close without getting stabbed is really hard.
    Here's an actual example of modern HEMA folks giving it a lot of goes:
    https://www.youtube.com/watch?v=uLLv8E2pWdk

  • What your coffee preparation method says about you
  • I have a Cuisinart grind and brew, which is pushing a decade old at this point. Love the thing and will replace it with something similar if it dies before I do. But, I use Ubuntu on my server and Arch on my desktop. So, not this meme fits, but it is funny.

  • What do zoos do with dead animals?
  • For a similar story, which isn't a urban legend. My mother used to be the main resource for an archeological information center in the US Southwest. When work crews dug up a body, she'd get a call from the coroner to ask, "is it yours or mine?" While both are going to want to know the cause of death, the coroner isn't going to open a criminal case for a Native America burial.

  • Do you think it's okay to not have an opinion on something?
  • Do you think it's okay to not have an opinion on something?

    Yes, absolutely. There are enough issues in the world that you probably don't know about a lot of them. And even once you are made aware of an issue, you likely don't have enough information to form a well considered opinion. It's also possible that you will never have enough information on an issue to have a well formed opinion. You only have so many hours in a day and, unless an issue impacts you directly, it's quite possible that you just won't have the time to put into it. There's no reason to feel bad about this, the issues that are most important to me may not be the issues which are most important to you.

    How important is it to educate myself and ask questions?

    Very important. If you are going to have an opinion on something, you should try to have a basic understanding of the issue. You'll never be an expert on everything; but, for issues which you truly care about, you should have at least a passing understanding of the subject matter. Also, asking questions is always good. If someone is trying to shutdown your asking questions, you should start questioning that person's motives.

    Do you feel that pressure to have an opinion on everything?

    Nope. One of the big secrets of life is learning to set boundaries. Just because someone else is incredibly passionate about something doesn't mean you need to be. Learn to tell people "fuck you and the horse that came on you". If that bothers them, then that's their problem, not yours. This isn't carte blanche to be an asshole, you should still strive to be a good person and act in pro-social ways. But, it does mean that you can draw a line and not have to own everyone else's problems all the time.

  • Why do People Choose BlueSky Over Mastodon?
  • That sounds more like a feature than a bug. I remember when Twitter was actually useful. You could sort by "new" as the default and your feed only included stuff from people you followed. And then it went to complete shit with the sort defaulting to "fuck your preferences", sponsored content and your feed being littered with click bait, paid content and all the other bits of enshitification. And that is all built on the algorithmic selection of content.

  • D-Link refuses to patch a security flaw on over 60,000 NAS devices — the company instead recommends replacing legacy NAS with newer models
  • Any vendor is going to reach a point where they no longer are willing to support older devices. So you have three choices:

    1. Run with the vulnerability. This is incredibly stupid and I'd hope no one did this.
    2. Replace the OS on any such device with something open source. Probably the best option for those who already own such a device.
    3. Never buy a proprietary device in the first place. Unless you really, really need something the propriety device offers, a beige box running some flavor of 'nix is probably a better long term solution.

    Ok, I guess there is a fourth option. Learn to enjoy that vendor bending you over every few years. This is what many businesses do and it can make sense. You just need to have lots of money.

  • What food did you hate in the past, but enjoy now?
  • Brussel Sprouts. Absolutely hated them as a kid, which I blame my mother for. She "steamed" them in the microwave in a dish with water. Turned them into a slimy, horrible mush. My wife sautes them in a pan, with bacon. It's one of my absolute favorite dishes now.

  • Sony boss admits forcing PC gamers into PlayStation accounts can "invite pushback," but insists they have to keep games safe – which doesn't really track in single-player
  • I don’t see in what way having a PSN account would make Horizon Zero Dawn safer on PC.

    It's safer for Sony's stock price, as they can report higher numbers of people on the PlayStation Network and greater "player engagement". What, you thought this was about improving the experience for the customer? No one gives a fuck about them.

  • Should I switch to a different IT job?
  • Step one, take a deep breath and realize that, unless you own the company, killing yourself to save it is dumb.
    That said, there are some things you can do to try and improve thing:

    Learn to "talk business". Yup, this one sucks, but it's also the only way you are ever going to get traction. Take that Windows 7 system, why do you want to upgrade it? "Because security", right? Well, how does that translate into costs to the business? Because, businesses don't care about security. I work in cybersecurity for a large (Fortune 500) company and upper management has given exactly zero fucks about security for a very long time. They only started coming around when that lack of security starting costing them real money. They still give zero fucks about security, but they do care about risks to the business and what that might cost them. Having security and money linked in their heads means we can actually implement better security. You need to put the lack of security of that Windows 7 system in terms of dollars potentially lost. Something like the Annualized Loss Expectancy. If that box gets popped, how much would it reasonably cost the business to recover from? Is that something which you expect to happen once a year, once every five years? These numbers will be mostly made up and wildly inaccurate. But, the goal is to just get in the right ballpark. How does that cost compare with the cost to upgrade? What about other possible mitigating controls you could use to protect it? Does it need to have internet access? Could you VLAN it off into it's own little world and keep it running with reduced risk? Give management the expected costs of that system becoming patient zero in a ransomware outbreak and then give them several options and the associated costs (upfront and ongoing) to secure it. Have multiple options. A high cost one (e.g. replace the box), a low cost one (FW and VLAN controls) and the one you actually want right in between (OS Upgrade). Managers are like children, they need to feel like they made a choice, even if you steered them into it.

    Next, don't try to boil the ocean. You're not going to fix everything, everywhere, all at once. Get some small wins under your belt and prove to management that you aren't going to break the business. Show that you aren't just some greenhorn cowboy who is going to break the business because you think you are so smart. If you can make a plan for that Windows 7 system, show the costs involved and actually get the job done smoothly, then you might be able to move on to other things. Sure, you might actually be right; but, you could also end up breaking a lot of stuff in your quest to have perfect security (which you'll never actually achieve). Take one one or maybe two things at a time. It's a slow process and it leaves things broke far longer than you will like, but it builds trust and gets more action than just screaming about everything at everyone. Slow is steady, steady is fast.

    Moving on, be aware that you probably don't know everything about the business, and the business functioning is paramount. Why does everyone have local admin? Because that's the way it's always been and it has always worked. If you start pulling those permissions back, what processes get broken? This is a tough one, because it means documenting other people's processes, many of which probably only exist in the heads of those people. How often are people moving around critical files using CIFS and the C$ share. It's fucking stupid, but there's a good chance that the number is greater than zero. You pull local admin from people, and now work doesn't get done. If work doesn't get done, the business loses money. You need to have a plan which shows that you have considered these things. Design a slow rollout which phases local admin rights out for the users who are least likely to affect the business. Again, slow is steady, steady is fast.

    And thins brings us to another point, auditors are your friends. No really, those folks who come in and ask you where all your documentation is and point out every single flaw in your network, ya, they deserve hugs not hate. You're in healthcare, where does your business fall on regulations like HIPAA (US-centric but similar regulations may apply in other countries)? 'Cause nothing says, "fuck your wallet" to a business quite like failing an audit. If you can link the security failures of the business to required audit controls, that's going to give you tons of ammunition to get stuff done. I've watched businesses move mountains to comply with audit controls. Granted, it all becomes "checkbox security" at some point; but, that is vastly better than nothing.

    All that said, company loyalty is a sucker's game. I'm guessing you're early in your career and an early IT career likely means job hopping every 3 years or so. Unless you get a major promotion and associated pay bump in that time, it's probably time to move on. Later in your career, this can slow down as you top out in whatever specialization you choose (or you get lured in by the siren song of management). So, there is that to consider. It might just be time to go find greener pastures and discover that pastures are green because the cows shit all over them. But, it can feel better for a while. Having your resume up to date and flying it out there usually doesn't hurt. Don't job hop too fast or you start to look like a risk (I stick to a 1 year minimum). But, don't stick around trying to save a sinking company.

    Along with that, remember that you don't own the company; so, don't let it own you. When you get to the end of your day, go the fuck home. Don't let the business consume your personal time in actions or thoughts. If they place burns, that's the owner's problem, not yours. Do your best while on the clock, do try to make positive changes. But, killing yourself to make the owner just a bit richer makes no sense. The only person who is ever going to truly have your best interests in minds is you, don't lose sight of them. Say it with me, "Fuck you, pay me"

    So, where to go from here? Well, you sound like you have a good plan at the moment:

    I am also looking into getting my Linux+ (currently only have my A+)

    Sounds solid. If you care about security, let me recommend poking your head into the cybersecurity field. I'm am absolutely biased, but I feel it's a fantastic field to be in right now. Following up the Linux+ with the Sec+ can be a great start and maybe the Net+. The A+, Net+, Sec+ trifecta can open a lot of doors. And you now have some IT/systems background, which I always suggest for folks (I look for 3-5 years in IT on resumes). As a lead, I get to be in on interviews and always ask questions about networking, Active Directory, email security and Linux. I don't expect entry level analysts to know everything about all of them; but, I do expect them to be able to hold a conversation about them.

    Good luck, whatever path you choose.

  • Israel passes law to deport relatives of Palestinians accused of attacks
  • the minister of the interior can deport people for a period of up to 20 years to the besieged Gaza Strip or another location based on the “circumstances”

    But don't worry.
    Work will make them free!

    Do I even need the /s?

  • Anger in Taiwan over reports SpaceX asked suppliers to move abroad
  • It's a dick move, but I can kinda understand why SpaceX would make it. There has been a push to "de-risk" supply chains, after the disruptions caused by Covid, Russia's invasion of Ukranie, and other world events. This type of de-risking was partly responsible for the CHIPS and Science Act. The US Government has a strategic incentive to have a stable and resilient supply chain for semiconductors.

    For SpaceX, having critical components be only available from fabs in Taiwan is a risk to business. China has been more and more vocal about it's desire to annex Taiwan. With Trump taking office, one can imagine that the US commitment to protect Taiwan may not be quite as iron clad as it has been in the past. It's not hard to imagine a future where China launches an invasion of Taiwan and the US does little more than shrug. At that point, any business which is solely reliant on Taiwan for semiconductors is going to see major disruptions.

    So ya, it's a complete dick move. But, I suspect SpaceX will be far from the last company looking to build a supply chain outside Taiwan.

  • Why Riot Games’ Entertainment Aims Stalled Beyond ‘Arcane,’ the Priciest Animated Series Ever (EXCLUSIVE)
  • Riot recruited experienced execs from Disney, Paramount, HBO Max and most notably Netflix, which yielded a well-regarded 15-year marketing veteran, Shauna Spenley, who was named president of global entertainment at the end of 2020. She in turn brought other Netflix execs...

    Ahh, now the "two seasons and killed" makes sense.

  • Firefox for Android Private Browsing and gmail

    I recently used Firefox Nightly on my Android device, in a private tab, to login to gmail. After I closed the browser, both via the "quit" menu icon and via swiping the Firefox away in the Overview, I had expected the session information to be deleted and the next time I came back to gmail via a private tab, to be required to login again. However, this was not the case. Despite closing out the browser, something seems to have survived and the I was immediately logged back into the gmail session.

    Is this some sort of expected behavior? Shouldn't closing out the browser delete all session information from a private tab? Is there something I missed that maybe I'm not actually "closing" the browser?

    3

    Horribly inefficient party favors

    My daughter wanted a "Gorilla Tag" birthday. And my wife wanted me to print some party favors for the guest kids. Not my model, but they are churning out ok-ish.

    13

    Display cabling choice

    I'm currently purchasing a new GPU and specifically settled on the MSI 4070 Super. I'm all set for everything except connecting the display to the card.

    Currently, the display I have (which isn't being upgraded for now) only has two input options: DVI and VGA. The new GPU only provides HDMI or Display Port. This isn't really a problem as adapters/cables exist to go from Display Port/HDMI to DVI-D.

    But, the question I have is, which is the better option, or does it make any difference? And, are there any "gotchas" I should watch out for when buying the cable?

    I realize that I am likely over-thinking this, but I would rather ask a stupid question than make a stupid mistake.

    5

    Controller aim speed

    Just got started with this game (PC - Steam version). It's fun so far. I had really wanted to use my controller. But, the aiming movement is so sluggish. I've tried pushing the "Aim Sensitivity" up to 10, but still felt like I was turning through molasses. Is there anything which can be done to speed that up, or is the controller just fundamentally slow on PC?

    Using an Xbox controller via Bluetooth. And the issue isn't lag, it's the rotation speed in game.

    6
    apnews.com Virginia lawmakers pass long-overdue budget bill with tax rebates, extra aid for schools

    The politically divided Virginia General Assembly has approved long-overdue budget legislation, sending it to Republican Gov. Glenn Youngkin.

    Virginia lawmakers pass long-overdue budget bill with tax rebates, extra aid for schools

    The politically divided Virginia General Assembly approved long-overdue budget legislation Wednesday, voting in an unusually fast-paced special session to both reduce taxes and boost spending on public education and mental health as part of the package.

    0

    GETTING THERE: VRE adjusting in post-pandemic world

    The free Friday ride program seems to be having the impact the Virginia Railway Express wanted when the commuter rail system decided to offer it earlier this year.

    The program started on June 2 and will run through Sept. 1. The aim is to draw new and non-traditional riders to take train trips north and back home.

    So far, the program has increased average daily rider trips for those Fridays by around 40%, from about 3,500 to 5,000

    1

    Live Stream of Virgin Galactic Launch: Galactic 01 (1500 UTC)

    Virgin Galactic will be launching their first commercial, sub-orbital space flight today. Link is to the Live Stream for the event.

    0
    apnews.com Mother of 6-year-old who shot teacher pleads guilty to using marijuana while having a firearm

    The mother of a 6-year-old Virginia boy who shot and wounded his teacher in Virginia has pleaded guilty to a federal charge of using marijuana while possessing a firearm. It’s a crime under federal law that’s facing increasing scrutiny as more states legalize the drug. Deja Taylor is accused of lyin...

    1
    PowerShell @lemmy.world sylver_dragon @lemmy.world

    What have you done with PowerShell this month?

    As a way to kick off migration from Reddit to Lemmy, let's start with a classic thread. So, what have you done with PowerShell this month?

    For bonus imaginary points, have you done anything in regards to the Great Reddit Migration?

    6