IHawkMike
@IHawkMike@lemmy.world
- Comment on Dell warns of data breach, 49 million customers allegedly affected 10 hours ago:
Right, because international hackers are going to mobilize boots on the ground across the world to steal your fucking Optiplex.
- Comment on Traefik conditional certificate for same URL 12 hours ago:
In that case, if CF is taking to Traefik and not the actual origin server, you just need to forget about the origin certs altogether and use LE certs in Traefik.
- Comment on Traefik conditional certificate for same URL 15 hours ago:
If you, Traefik, and your origin server are on the same network, then it’s going to be one hop regardless of whether you’re hitting the Traefik proxy or the origin server. If Traefik is serving up the origin server’s cert and not the LE cert, then Traefik is misconfigured to pass through instead of proxy, but I’m still not sure that’s the case as it’s almost harder to configure it that way than the correct way as a proxy.
What IP:port is your origin server listening on, what IP:port is Traefik listening on, and how is Traefik configured to reach the origin server?
- Comment on Traefik conditional certificate for same URL 1 day ago:
You said Traefik is getting certs from Cloudflare, but do you mean it’s getting Let’s Encrypt certs using a CF DNS challenge? And if that is the case, then your browser should trust the Traefik endpoint since LE certs are publicly trusted.
Are you sure you’re hitting Traefik when you get a cert warning? You need to update your internal DNS if not.
- Comment on The one your friend borrows 3 days ago:
- Comment on The reason prosthetics are so good in Star Wars is because the Jedi use live lightsabers to train. 4 days ago:
And similarly, why can’t Star Trek officers just set it to wide beam and/or just hold down the button while they paint the room?
- Comment on xkcd #2928: Software Testing Day 6 days ago:
Good news! You’re on it.
- Comment on [deleted] 1 week ago:
Yep totally. The documentation is downright wrong so much more today than it used to be. It’s all written like they pawned it off on a junior engineer, who then threw shit at the wall until they got it working, then that process becomes the official documentation.
And don’t get me started on Copilot hallucinating Powershell cmdlets.
With support it’s become kind of a game to see how quick you can get to T2. My tactic is to passive aggressively point out how their first response shows a complete lack of understanding of the topic, then directly request escalation.
- Comment on [deleted] 1 week ago:
The reality is they probably don’t know the full scope or root cause and are going off of limited reporting coming from their beta channels.
But they likely determined the impact was low enough that they could still ship the update while they investigate further.
There are similar known issues reported in the update KBs all the time that sound much worse to me as an admin but are as equally low impact in the end. But they’re not as easy for the layperson to latch onto like these low-effort “VPN no worky” articles.
Regardless, none of this absolves IT of the responsibility of testing patches.
- Comment on [deleted] 1 week ago:
Exactly. Everybody on Lemmy a couple days ago was acting like the sky was falling when all we had were these one-paragraph FUD articles quoting Microsoft’s own KB article. Most people commenting have no clue that “VPN” is a broad term covering at least a dozen different possible protocols and acted like Microsoft was intentionally breaking all VPNs.
The only thing I found was a reddit thread talking about how some VPNs using TPM-backed certs were broken. I, for one, am using an IPsec VPN with certs stored in TPM on one of the affected versions of Windows 11 and have had no problems. Nor have I had any issues with SSL or Wireguard-based VPNs, so it does just seem to be a fringe case they’re warning about.
So Microsoft is just giving a heads-up that IT should probably include VPN testing in their patch cycle test rings and all the anti-MS people are losing their shit.
- Comment on IRS says its number of audits is about to surge. Here's who the agency is targeting. 1 week ago:
The agency will focus on wealthy individuals and large corporations:
- The IRS plans to triple the audit rates on large corporations with assets of more than $250 million. Audit rates for these companies will rise to 22.6% in tax year 2026 from 8.8% in 2019.
- Large partnerships with* assets of more than $10 million will see their audit rates increase 10-fold, rising to 1% in tax year 2026 from 0.1% in 2019.
- Wealthy individuals with total positive income of more than $10 million will see their audit rates rise 50% to 16.5% from 11% in 2019.
“There is no new wave of audits coming from middle- and low-income [individuals], coming from mom and pops. That’s not in our plans,” Werfel said.
- Comment on Why people are boycotting Asus all of a sudden? Asus outrage explained 1 week ago:
The rootkit is easy enough to turn off in the BIOS but I highly, highly recommend G-Helper instead of Armoury Crate.
Moving to it from AC is like leaving a prison cell full of screaming children and entering a calm beach.
- Comment on Cisco firewall 0-days under attack for 5 months by resourceful nation-state hackers 2 weeks ago:
Oh yeah. They all do/will. But they are still better firewalls than ASAs.
- Comment on Cisco firewall 0-days under attack for 5 months by resourceful nation-state hackers 2 weeks ago:
ASAs are still way more prevalent than they should be when Palo Alto and others are much better options. Still, I’m glad I barely have to deal with them any more.
- Comment on [deleted] 3 weeks ago:
No, and it never has been. I use Firefox as my default and it has never changed.
- Comment on Cory Doctorow gets scammed 1 month ago:
Three digits is not that easy to get by brute force. It’ll be locked for fraud pretty quickly.
However the CVV is usually only required for card-not-present purchases. One way around that is to imprint the number onto their own magstripe card and run it as a card-present transaction.
- Comment on Microsoft Ending Support For Windows Subsystem For Android 2 months ago:
Exactly. I decided to check it out a couple weeks ago and needing to install the Amazon app store was an instant nope.
Was going to look into side-loading but I didn’t really have a use case to make it worth my time.
- Comment on What's Your Preferred Server Monitoring Method? 2 months ago:
Adding my vote for Zabbix. It was a bit of a bear to set up and I had to write custom scripts to install the agents with TLS settings that were secure enough for me, but once it’s all set up it’s amazingly easy and intuitive to use and incredibly customizable.
- Comment on Passkeys might really kill passwords 2 months ago:
Yeah, I personally will only use hardware solutions for passkeys – YubiKeys and TPM-backed WHFB creds.
But the other reply makes a very good point about adoption being more important than perfection since, even with software-backed passkeys, you still have the benefit of the secret never leaving the client.
- Comment on Passkeys might really kill passwords 2 months ago:
Yep! In fact you can still use client certificates in certain passkey/WebAuthN authentication flows. It’s more or less how Windows Hello for Business works (although X.509 certificates are only one type of key it supports).
- Comment on Windows 11 24H2 goes from “unsupported” to “unbootable” on some older PCs 2 months ago:
My 3930k is still alive and kicking. Just need it to hold out until Gen 15.
It also runs Windows 11 just fine.
- Comment on Apple Vision Pro review: magic, until it’s not 3 months ago:
I’m always reminded of this video when I think about just how bad AR could be. But then again, it could be pretty cool if we can only keep control over our tech.
- Comment on Haier hits Home Assistant plugin dev with takedown notice 3 months ago:
It’s a shit company for pulling this, for sure. But I kinda like the building.
- Comment on That's a moray! 5 months ago:
- Comment on DoorDash now warns you that your food might get cold if you don’t tip 6 months ago:
Yeah we have one car and mostly don’t drive unless we’re visiting family out of town. But we are lucky and have a lot of restaurants within walking distance from which we can pick up, which is pretty much how we order these days. Also we have one of the best public transit systems in the US (at least we did pre-pandemic) but taking public transit to pick up food is still a PITA.
But there are lots of others in the city who don’t own a car at all because the CTA is enough to get to work, and may live in a food desert without much around.
- Comment on DoorDash now warns you that your food might get cold if you don’t tip 6 months ago:
The problem, and the reason we’ve stopped using Doordash completely, is that your big tip means your order will get stacked with the low/no tippers to incentive the driver to pick them all up. And your food will sit there getting cold while the driver waits to pick up the others.
This has become universally true over the last year or two in Chicago at least. We are good tippers and every single time we’d see our food get picked up then watch the driver wait to pick up some other order – sometime waiting 30 minutes or more with our food in their car less than a block from our home.
- Comment on Remote work is still 'frustrating and disorienting' for bosses, economist says—their No. 1 problem with it 6 months ago:
Of course not, silly. They’ll just promote the 8 hour person to something they’re more suited for.
- Comment on Can we create a new Internet ? 6 months ago:
As someone familiar with the OSI model, this thread is a bit confusing since the Internet to me is really the infrastructure on top of which all of your fancy sites and apps are built. When you say “the Internet”, I’m thinking about TCP/IP, BGP, DNS, etc.
That said, I’m pretty sure most people here are just taking about websites at L7, although there are arguments for change at the other layers.
- Comment on Can we create a new Internet ? 6 months ago:
Kagi has been amazing for me so far. I signed up as soon as they changed the pricing to allow unlimited searches at $10/mo.
I’m still working on my filters and promoting/demoting/pinning sites in my results, but it’s already night-and-day better than Google and even DuckDuckGo (which still deserves much respect).
- Comment on The Israel-Hamas War Is Drowning X in Disinformation 6 months ago:
And if a significant enough portion of the people are getting their information from those sources, we’re all in for a bad time.