The Official Status Thread
-
Things you are missing by not being on IRC:
-
-
You know you would watch Slawvatar: The Last Sweetbender (or whatever sauce the Air Nomads should represent).
-
That's some true dedication!
-
We'll do the whole sick-buckety-cute thing with helpful visual identifiers when our better/ other third joins TDWTF as well, aka never.
-
@Arantor and @royal_poet are in a real relationship, not like @accalia and @RaceProUK's pretend internet lesbian animal relationship.
-
Status: Looked through every single result for "moa butt" in Discosearch. Couldn't find this image.
Searched for moa butt on Google. Not only did it find three results, but all three of them are moa butts. Of the same color as @Arantor's pet moa.
Unfortunately, I forgot what joke I was going to make with a picture of @Arantor looking at a moa's butt.
[spoiler][/spoiler]
-
I like moa butts and I cannot lie ?
-
Happy Forgot My Password Day everybody!
-
-
It's the new year so it's *****
-
It's January, so it's **********.
-
Monthly password changes? Do you work at MI5?
-
At least it's not every Dwarf Fortress month.
-
Monthly password changes? Do you work at MI5?
No, but I've seen rumblings that such a policy might be enforced. Because it's obviously never ever going to lead to people using the date or writing it down on a post-it…
-
We're expecting it in the list of recommendations in the next external audit. The frustrating thing is that none of the 12 year olds that turn up to do the audit can tell you why it's more secure, they're just parroting off a crib sheet.
At least it's not every Dwarf Fortress month.
We were all thinking it.
-
Things you are missing by not being on IRC:
So basically, it's like the Likes thread, only without the constraining influence of Discourse crapping out.
-
The frustrating thing is that none of the 12 year olds that turn up to do the audit can tell you why it's more secure, they're just parroting off a crib sheet.
Our IT management — being a bunch of people who used to do the same shit at a bank — think that this sort of thing is best practice. Fortunately, they're beginning to see just how thoroughly awkward a faculty full of professors and lecturers can really be. I think they need some more seeing of this…
-
This post is deleted!
-
We have 30 day password expiry where I am at the moment. No reason for it, other than to piss off staff. A nice side effect is that approx 50% of the office have permissions to reset passwords...
-
Monthly password changes? Do you work at MI5?
They did it in my last place. I just kept incrementing some of the numbers in the password, and from what I know most people devised some scheme to "generate" new passwords this way.
It was also really easy to lock yourself out of the account - a few wrong tries and off to the helpdesk it is. Truly nasty combination, those two things.
-
t was also really easy to lock yourself out of the account
Did you have email access on phones? We do, and it is the most common cause of people getting their account locked on a monthly basis...
-
Happy Forgot My Password Day everybody!
I wrote mine down and left it under my keyboard before I left for the holidays two weeks ago. That's better than forgetting it, right?
-
I guess your company has never heard of smartcards/OTP tokens?
-
Yeah, you can even change the topic as much as you want!
-
never heard of smartcards/OTP tokens
Heard of… maybe. Likely to purchase… nope. It took them years to figure that using our ID cards as things to enable entry into a semi-secure area of a building was possible, despite the cards having been designed with that in mind.
Also, we use a vast diversity of different hardware and OS platforms. IT would love to standardise, but the users (including almost all the budget-holders) are quite un-keen…
-
The ROI is there, for sure: http://download.microsoft.com/download/5/5/E/55E7D048-243C-497F-92A9-C7F82670FB98/SmartCardsROI.pdf
And, thankfully, USB OTP tokens and smartcards are both well-supported on pretty much all platforms I've used. I'd definitely try to make that argument once they see that the one-month password policy causes helpdesk calls to double.
-
Things you are missing by not being on IRC:
You know you could have just typed "nothing" and saved the effort of uploading the image.
-
-
The ROI is there, for sure: http://download.microsoft.com/download/5/5/E/55E7D048-243C-497F-92A9-C7F82670FB98/SmartCardsROI.pdf
I'm a little pressed for time right now. Does that include BYOD scenarios? We have to support those.
And, thankfully, USB OTP tokens and smartcards are both well-supported on pretty much all platforms I've used.
Without knowing a bit about the range of platforms, that's not helpful. Does it include the iPad? Those are wildly popular with the academic staff…
-
Does that include BYOD scenarios?
A USB OTP token like the Yubikey Standard (or any other YubiKey, they all support OTP) emulates a keyboard, so any device that supports USB keyboards would work.
Does it include the iPad?
Kind of, depending on the model of iPad and if you have an adapter: link
I know the Yubikey Neo supports NFC, which works with most Android NFC-enabled smartphones and tablets for BYOD.
Each scenario is different, so I'd encourage you to look at your ecosystem and find out if this kind of solution is for you. It's painful to set up, but it's very easy to support, maintain, and is orders of magnitude more secure than passwords.
-
Status: Trying to find out why a build script seemed to be hanging. Then I basically found this:
On Error: pause
Why would you DO that?!?!?! It prints no error message at all...just hangs...
-
microwaved container of mac 'n cheese
Filed under: there's your problem, doing it wrong, etc.,
-
Filed under: there's your problem, doing it wrong, etc.,
Yeah, but with a broke hot water heater, washing dishes is TRWTF so we're stuck with stuff like that or eating out. It was a Stouffer's white cheddar mac 'n cheese, and was actually pretty good for what it was.
-
-
@Arantor and @royal_poet are in a real relationship, not like @accalia and @RaceProUK's pretend internet lesbian animal relationship.
wow, such triggering.
-
Hey, at least it's not Dwarf F-
Wait, @ben_lubar is on the IRC never mind.
-
a broke hot water heater
Make sure you check the fuse/circuit breaker before buying a new one.
-
a broke hot water heater
Obviously you need to pay it more and/or teach it to be financially responsible.
-
Obviously you need to pay it more and/or teach it to be financially responsible.
...maybe it just needs a less-hostile bank branch?
-
Make sure you check the fuse/circuit breaker before buying a new one.
LOL. Bad thermostat[s].
Obviously you need to pay it more and/or teach it to be financially responsible.
I swear it worked really hard but just couldn't get ahead. END COLD WATER PRIVILEGE.
-
@boomzilla said:
a broke hot water heater
Obviously you need to pay it more and/or teach it to be financially responsible.
Or perform a tax inversion so that it loses less money to the eeeeevul gub'mint.
-
Status: Wondering why it is so hard to keep production, 'test' and development databases in some resemblance of sync? Just spent all morning chasing down an issue on our 'test' instance, only to discover that it only has 1/2 the indexes of production, and dev has even less. Guess what the issue was caused by...!
-
@Arantor and @royal_poet are in a real relationship, not like @accalia and @RaceProUK's pretend internet lesbian animal relationship.
I'm confused. Are @accalia and @racoprouk pretending to be lesbians, pretending to be animals, pretending to be in a relationship, or pretending to be on the internet?
-
@Lorne_Kates said:
@ben_lubar said:
@Arantor and @royal_poet are in a real relationship, not like @accalia and @RaceProUK's pretend internet lesbian animal relationship.
I'm confused. Are @accalia and @racoprouk pretending to be lesbians, pretending to be animals, pretending to be in a relationship, or pretending to be on the internet?
I'm confused, and frankly extremely hurt by @ben_lubar's comment there. I would love to hear his justification for making such a comment.
because as far as I can tell that comment is entirely unjustified, and unecessarily cruel.
I was going to keep such objection between the two of us via PM, but since you mentioned it as well.... there we go.
-
@Boner said:
Monthly password changes? Do you work at MI5?
No, but I've seen rumblings that such a policy might be enforced. Because it's obviously never ever going to lead to people using the date or writing it down on a post-it…
I used to work somewhere that required password changes every 3 (IIRC) months, complete with not reusing your most recent N passwords. That wasn't so bad, except it was really easy to screw it up1 and get your passwords out of sync on various systems, thereby getting locked out of one or more of them, necessitating a call to IT to get your password(s) reset. The password reset apparently reset the history, too, because you could then reuse the password you had 5 minutes ago.
1 Not screwing it up required logging out of every *NIX session you had except the one you were using to change your passwords, run a script that theoretically changed your password for every *NIX account, log out of that *NIX session, change your Windows password, and reboot your Windows machine, all before something tried to access a network share or something with the wrong password. If there was a VNC session you forgot about, or the script failed to change a password for one system, or one system tried to access another before everything was updated, "Hello, IT."
-
@Lorne_Kates said:
I'm confused. Are @accalia and @racoprouk pretending to be lesbians, pretending to be animals, pretending to be in a relationship, or pretending to be on the internet?
@accalia We have to know!Speaking of @accalia are you the writer of sock bot? I had time today to look over it with the intention of
stealing itlearning rest and it was so well written I think I might to replicate it whole sale with little difficulty.The password reset apparently reset the history, too, because you could then reuse the password you had 5 minutes ago.
Funnily enough this actually happened to me using a keyboard WITHOUT A FUCKING CAPS LOCK LIGHT!!!!!
-
Well I certainly overlooked it before the topic came up again.
Filed Under: Not that it affects me
-
Yes.
-
@accalia We have to know!
this isn't the topic for those answers. find my AMA in the Look at Me subcategory and if that topic doesn't already answer your question ask it there and i'll answer it.
Speaking of @accalia are you the writer of sock bot?
one of the writers, yes. @raceProUK, @yamikuronue, and @onyx also contributewhat did you have in mind for the project?