IT BS thread

Ugh 30+ domains .

I have nuked a few domains that were just shit and migrated to new forest/domains before. Doing that at the current place but we are pretty small.
I have even done a domain rename before which was fun. Had to do it because we were deploying exchange for the first time in the domain but when it came to getting the cert their internal domain name was a real domain name but it wasn't owned by them so we couldn't get a cert issued. Had to UNINSTALL Exchange (thankfully not in production yet), rename domain, reinstall Exchange.

Now I am getting ready as a side job to finish the migration to Exchange 2016. They were on 2007 and last year I did the first migration to 2013 and now they are ready to finish it up. They also took back over the IT support of an affiliate that has some fucked up shit done by the previous VAR I worked for that they want me to fix.

Nice way to fund truck stuff though

 

Lemme see if I can kinda field this one. Graduated as a CS degree, but never became a real full-on dev because I don't have that passion and I tend to be more social.
Also know that I'm not picking on anyone particular, just commenting from my side of the fence. I hated it in college how the hardware guys picked on the "softies for taking classes to make bloated slow crap", the software guys picked on the hardware guys for "only knowing preschool code", both of those picked on the IT guys for "not earning a real degree", and around and around... we all do hardcore shit, get underpaid for being mini-Einsteins, and if some of us went on vacation, the rest of the building would be making fires in the break room for survival by the end of the week.

Too big a question. I think early days you had true inventors. Nothing existed, it was stupid expensive. Jobs and Gates were literally building an empire in their garage with whatever they bought at Radio Shack. Now, there's so much available information, you just buy some ready made stuff from Best Buy, let your ISP do a lot of heavy lifting, and steal up some answers from stackexchange to bolt together.
The other part is that people forget an important aspect of being a proper dev is architecture and planning. Most of the people I've worked with were CPAs who thought coding looked fun and could save the company a buck, or level 1 IT people who were thrown into it to keep momentum on their contract or get a leg up. When you learn that way, you learn enough to renovate a house, but not know why everyone thinks you're a dumbass for putting the laundry hookups in the bedroom.

I wish I could find it, but there was an article that came out a while back about a group that was frustrated about how big game installs were getting and how much unneeded libraries were included in the install. They decided to challenge themselves to reverse-engineer some games so that the games would be a smaller footprint. If I recall correctly, they shrunk Quake 1 down from a CD to a floppy, and managed to still have a 3D engine compatible with OpenGL cards.

One of the quickest and simplest ways I know to change the mindset is to give a person a model of good behavior. If you don't know Mark Brummel, go check him out, he talks about Natural Language Programming. If your dev can only spend 15 minutes to learn something, have them look at this page on Natural Language Programming. Mark talks about two key principles on how to separate 'the readable code from the nerdy code':

1. create a list of steps and turn them into functional pieces
2. add the necessary nerdy code inside those functional pieces.

The method almost becomes self-documenting and component-based in this manner.

Careful there - do you want a specialist, or someone who knows how to half-ass everything they do?
Also, learning languages is honestly a difficult thing to do. Think about how wildly different they can be, and the skill it requires to be good.
I admit I've picked up PowerShell out of necessity and I code it like I'm on C#, so picking up Python or something to 'make me better' isn't really what you want.
Teach your devs excellent structure, then have them specialize. Have them work under someone that knows generalizations of the different languages, so the superior can determine which language fits best per the scenario. Does this project require C#, all the class libraries and .NET, or does it need VT100?

Business majors started learning that these terms sounded cool.

 

This is not a novel concept, but probably one they should cover in school. This works well for small scripts and programs that run from start to finish (or just loop). In the real world of larger systems, entry points and flow are much more dynamic and less obvious. Within each component, you can certainly make it easier to follow what is going on in that part of the world.

I respectfully disagree. A true developer that understands the different language paradigms can (or should be able to) easily switch from one language to another within the same general paradigm -- it's not about being an expert in a language, it's about understanding the underlying concepts and how to use them effectively. I haven't coded as part of my job in a while, but I spent a half a day digging through the RUST documentation and have a good understanding of how to use it (but they have good tutorials that hit on the important differences). It wasn't difficult at all -- very similar to C# and Java and other object-oriented languages (outside of Smalltalk, which I will concede is a bit more difficult to learn). Languages are just tools. An expert in using a Snap-On wrench that has no clue how an internal combustion engine works is not who you want fixing your car. This is kind of my point, but I think you hit on it a bit -- devs should now in general how to solve problems with technology and where to put what functions and why. Less important are the tools or languages they choose to use, as long as they are effectively using the underlying infrastructure and solving the user's problem.

 

... and yet it's not drummed in within the classroom, and this article was part of a very expensive class seen as cutting edge thought for MS Dynamics NAV developers at the time. I remember transitioning between "doesn't everybody know this?" to "hey, here's some stuff I forgot about along the way, and that's a great way of preaching it!", while some of my senior colleague accountants-turned-devs were blown away.
In school, you do get lessons on how things could be elegant, but it's treated almost like a nicety - sort of like how projects get documented on a real job.
Instead, praise is showered for those that make the assignment work, no matter the means to that end. You might get slapped for spaghetti code, but no one cares if your solution is extensible or not, or if you run around obfuscating all your variables.

There's certainly more components, but it doesn't mean that there's a large chance that your code can follow well-established design patterns for even situations like multi-request processing (example)

I think we are more or less in agreement, in that the architectural knowledge is critical. I warn that the languages themselves can be forced to do things they don't like to do, shouldn't do, or is ineffective because your dev is throwing out a jack of all trades, master of nothing approach. Let's say you toss a really great C# dev into a C/C++ project. There's a high likelihood that the dev will make an elegant solution that will gobble down the RAM until he learns that his grandpappy's coding language never hired a garbage man. Is the measure of a good coder simply breadth, or is it depth?

 

Had a meeting last week with some tech writers for getting some SOPs updated. I wanted them to feel accepted and understood.

 

Nice font.

 

And Monday morning hit list for the Enterprise Content Management Systems team...

Pages like this



are being scanned into the system anyhow.

Yes that is by design (yeah I know hate to hear it but love to say it), detect blank page threshold is set to 1600 bytes.

But it says it is blank. Why does it scan in then?

 

I worked on a family friend's desktop last week (basic stuff - cleaned it up/updated programs) and he asked if I wanted his old laptop. At first I was thinking not really but if he doesn't want to recycle it/take it to the landfill then I would for him.

So to make a long story short.. he was not there when I went to work on his desktop he went to a hockey game but his wife was there. When I was leaving she was like here is the laptop that you are suppose to take. So I took it and when I got home I took a look at it.

It's not a bad laptop. Dell Inspiron 17R 5720 i7-3632QM with 8GB RAM and a 1TB hard drive. It shows some signs of wear on the touchpad area but overall not bad. I might clean it up a bit and reinstall Windows on it but I'm going to keep it but ask family members to see if they need a laptop.

 

My girl gave me her old laptop to recover the Admin password. Something to do when I get home. If I remember correctly, it's a simple process.

 

I have a boot drive with enough windows to crack the SAM. I used to keep it on a CD, but then we went driveless (CDRWs are the DEVIL!) to prevent the kind of crap that started Wikileaks. There are a lot of utilities to help you do it, it's a painfully easy process.

The first rule of IT security is physical access. If I can touch it, I can make it my bitch.

 

Bitlocker on everything .

 

I remember watching an episode of Hak5 where 15 seconds with an available usb port was all that was needed to get important info from the machine. Plug in the flash drive, wait, unplug and go. No other interactions necessary
https://youtu.be/4kX90HzA0FM

 

Yeah, we got that. My token gets me past it and into the O/S.

Which is why we also have Bitlocker or Symantec full disk encryption (but migrating to fill Bitlocker because Win10). And it's the law - FISMA states all storage will be encrypted.

 

bitlocker don't do shit if the machine is already running when that USB is plugged in and autoruns.

 

GPO locks workstations without a 2FA token. The only other way to bypass windows is to reboot...and that's where Bitlocker comes back into the picture. USB storage is disabled by default unless the session belongs to an authorized administrative token.

 

i figured you had that stopped, but most people don't.

Social engineering can be more destructive than straight up hacking. Knew of a guy who was hired to do penetration testing and he would start by getting the secretary to plug in his ipod to her computer to charge it while he was in his meeting. Come grab it afterwards and have all he needed. This guy only needed the hash, not even the pwd. He would then inject the hash into the command line and be running as a domain admin in seconds.

 

I can plug my work iPhone into my computer and access the pictures, but I can't access my personal iPhone. Even our work cell phones are locked down and listed in a trusted container. They can join the wireless network, but personal phones and equipment can't. It's super slick. I can also send a kill command to any of our phones and completely wipe out the secure operating space without bricking the phone, which is something that we could not do with a BlackBerry. That command also alerts the carrier to a lost/stolen device which flags the IMEI, and all inside of 10 minutes from pressing the "NUKE" button.

 

The technology is out there to secure things, but not all tech departments take advantage of it.

 

I find it funny that there are a vast array of laws that require certain security measures but most non-government networks don't implement them until 3 months before they get audited.

 

Nothing does shit if the OS is already booted and is logged in.
GPO to disable AutoRun/AutoPlay