The Official Status Thread
-
Please tell me that at least once they went over to DeviantArt and edited in some Cortana/Master Chief porn just to screw with people?
-
And done!
-
Ok. They went over to DeviantArt and edited in some Cortana/Master Chief porn just to screw with people.
-
I hate you.
-
Status: So, one of our clients just had this same ransomware hit one of their production web servers.
It was caught within a few hours of it actually happening, and so far the only affected servers that we are aware of are running websites that are external facing and don't have real data to lose. Just means the people who set them up and "maintain" them have to do that work over again (and explain to their clients what happened). And in the meantime, our IT guys have started shutting down what they can to try and avoid it spreading from whoever got in and caused it.
So far, it only looks to have targeted JPG images and nothing else I could see, but I use a VM that can see their side, and to be safe it is now shut down so... guess I'll find out the damage later (and report it here).
-
Btw, if anyone is better than me at typing with the MSPaint pen tool, and wants to do a better job of this, I would approve. I did my best, but at least half the letters at the bottom are custom, the alignment is all wrong, and I'm bad at fonting.
-
just got back from the Bahamas. no, I did not miss you either.
-
stopped at burger king on the way home. the menu was on four flat screen tv's. while I was ordering my food, one by one the menus all rebooted. TIL burger king is powered by linux.
-
stopped at burger king on the way home
Well, there's your first problem.
TIL burger king is powered by linux.
Linux hardware strikes again.
-
Update: So, "patient zero" was found, how he got it is likely determined (and is due to a lack of security by the client's choices in how to do things, and probably was caused by one of their clients), and the scope of the damage is, last I heard, 8 web application servers and 1 FTP server.
As far as I know, absolutely nothing that was lost was crucial, but they have egg on their face and possibly have to answer to their clients as to why they need to send over their content again.
-
No backups? No snapshots? No VSCs? Just gone?
-
No backups? No snapshots? No VSCs?
NFC. I'm just the programmer, not the IT support for the client. But considering all but the one are application servers, I doubt they wanted to put those in the backup plan.
This client is adverse to spending money they don't think is necessary, hence the lack of backups for these servers, and hence the lack of options to avoid the situation where it got in in the first place.
AFAIK, the actual important servers are on a backup plan.
-
the applications can be reconstructed without a lot of work?
if so, it might not be so bad.
anyway
This client is adverse to spending money they don't think is necessary
why it's so difficult for the non-IT people to understand the importance of the backups?maybe we should start teaching things like this instead of programming in high schools
-
the applications can be reconstructed without a lot of work?
if so, it might not be so bad.
It would take more work to set up IIS than all the applications (especially since on 6 of the servers, they're all virtual directories pointing at one actual folder on each server). And if the servers aren't infected themselves, it's basically just replacing the files that were lost (and removing the ransomware files added).
-
This client is adverse to spending money they don't think is necessary, hence the lack of backups for these servers, and hence the lack of options to avoid the situation where it got in in the first place.
They all are, until they get proper fucked just once, then they want to do all the things.
-
until they get proper fucked just once
Just like here, and they're now listening to what we're saying for better security on the front for how that ransomware got in. Not sure about the backup front yet, but that can be talked about another day I'm guessing.
-
Honestly, we get more clients by someone completely dropping the ball, things going to hell for someone and then one of their friends referring us. Occasionally we can put Humpty Dumpty back together again, usually we have to tell them, "Here is why you are screwed, and here is what we need to do to keep it from happening again."
-
Status: So, one of our clients just had this same ransomware hit one of their production web servers.
Hmm, that seems a common pattern at the moment. One of my boss's collaborators got hit with something rather similar just a few days. Fortunately, the pain was only shared somewhat: my boss found out when it encrypted the shared Dropbox folder they were using to hand documents back and forth. Since Dropbox keeps file versions, recovery is just a matter of reverting. By hand using a sucky-to-automate web interface. For each of a thousand filesβ¦
Still, not my problem.
-
Well this was an interesting day. I got some of my wisdom teeth removed this morning. The doctors and I disagree on whether I was actually asleep, they say I was out but I was watching them work and could see and hear everything. At least they'd numbed me, and if I wasn't outright knocked out I was definitely heavily sedated, so no biggie.
Now I'm waiting for the narcotic painkiller to kick in. It doesn't seem to be doing much. Also waiting for my face to regain feeling, but they say it may be a long time since the tooth was pressed into the nerve in my jaw and the nerve probably took a bruising.
-
I wasn't willing to be aware during that process, but they were rather amazed at how early I woke up. Apparently it didn't make me act terribly strangely either.
-
I was a bit wobbly and had double vision for a few minutes, but I probably could have driven myself home after that and was otherwise normal. I was expecting all the YouTube videos you see of patients spouting nonsense after wisdom tooth extraction.
-
They tried once without knocking me out. Since pain killers don't work on me (seriously, six full shots had almost no effect), and they told me to squeeze according to the level of pain I was in (poor chick might have needed surgery on that hand, one hopes she was left-handed), they eventually stopped and agreed to another session without my... input.
-
You were obviously not on the right stuff then.
-
I suspect my metabolism is weird. I'm currently on narcotic painkillers, and other than my throbbing jaw I feel pretty normal.
About to try some ibuprofen, I know that stuff works on me.
-
Status: ARE YOU FUCKING KIDDING ME?
NO, REALLY. ARE YOU?
Where's that screen that tells me how close I am to TLWhatever? I need in the lounge RIGHT NOW because I need to post some un-anonymized, unadulterated idiotic bullfuckingshit orchestrated by the biggest squad of incompetents ever created.
Seriously. My manager had to talk me out of filing an emergency ticket with the DBA's to have an entire system's database access revoked.
-
Where's that screen that tells me how close I am to TLWhatever?
Go to the shadowmod queries topic. Post
@shadowmod trust
.
-
Huh.
"Status: Met requirements, should be promoted soon!"
Howmuchyouwannabet there's a discobug in play? A discobug standing between you guys from the rant (and terrible SQL) of AGES.
-
-
please, write it down now. before it loses steam
-
Status: What the fuck happened to my eighteen megabits? It's been like this for the last three days.
-
Status: Bored. Going to watch random dumb YT videos.
-
-
This client is adverse to spending money they don't think is necessary
I was involved in a conversation with multiple people in upper management when the server that hosted the company's application, that generated $10 million a month in revenue, had a RAID controller shit the bed. One high-level idiot had to be told "you can't just go down to Best Buy and get a replacement." So they called IBM, who said "oh, you let your maintenance lapse? We'll be out tomorrow morning at 8." It was 3PM.
Sometimes the client learns.
-
Bored. Going to watch random dumb YT videos.
You just have to rub it in to @ben_lubar that your internet will stream video, don't you?
-
Status: improved the run time of my program from 74174.58 seconds to 3683.57 seconds.
-
Status: Telly broke down yesternight, so now I've bought a new one. Once it arrives, I'll take the old one apart and discover it was just a faulty capacitor in the PSU.
Sorry, @NeighborhoodButcher, I bought one of yours. I figured it can't be that bad. If it starts emitting spanking noises I'll let you know.
-
Is there an inverse relationship between the run time of your programs and the speed of your internet connection?
-
####Status:
I didn't know that VB.NET doesn't COMPLAIN at compile time when implicitly casting Nullable(Of T) to T ...Fuck that language.
-
Newest news from the DC bikeshed:
Of course, nobody mentioned :( . :(β
-
-
your criticism fails on meta.d
no mustache there
-
Yeah, they have the one emoji set where does look vaguely sad, but still.
-
Tried to copy the image from here, got this:
Pasted the image URL in, that worked, but then clicking Reply...
-
Oh, I see, I got suspended while editing the post;
-
Reason? You frowned at Jeff?
-
Association.
Everyone seems to be getting banned.
-
"Reason: because fuck you that's why".
-
Went to see which other customers use Discourse. Oh, Cisco is on the list. Let's see what they use it for:
-
-
That seems to fit the Cisco model of customer support.