asim0v

joined 1 year ago
[–] asim0v 1 points 3 months ago

Found this playlist on Spotify recently called Creative Flow Music and it is now my go-to.

[–] asim0v 4 points 3 months ago (1 children)

We disable IPv6 often when troubleshooting a network issue. Nothing that I have seen requires IPv6, and turning it off solves more issues than we would expect even today. It’s not the first thing I’m going to try, but I’ll often do it if I have to reboot anyway.

I also uninstall Dell Optimizer and Dell Optimizer Service on sight regardless of the issue because that evil will cause problems eventually. Best to just eradicate it on sight.

[–] asim0v 1 points 7 months ago (1 children)

When you start the MFA registration process for a Microsoft account and select the Authenticator as the method there is a link at the bottom of the page about using a different app. Sure it will only generate a rotating code instead of the “easier” method of just entering a 2 digit number when prompted on the phone, but entering 6 numbers isn’t that much more difficult than 2.

[–] asim0v 6 points 7 months ago (3 children)

Not true. Work at an MSP that has hundreds of Microsoft accounts in our password managers with TOTP. We even migrated password managers and had no issues with TOTP.

That said, we are moving away from shared admin accounts and we will have delegated access enabled with JIT for better security soon.

[–] asim0v 8 points 7 months ago (1 children)

This can be configured for the Microsoft tenant. The admin can allow all possible MFA vectors or restrict it to just a single one such as the Microsoft Authenticator. Microsoft themselves are also pushing the Authenticator, which is actually fine. I haven’t done any packet captures to see what it is sending back to Redmond, but the most secure method is great. The service you are logging into generates a two-digit number that you must enter when prompted in the Authenticator app.

Still, I’ve seen issues arise when an employee only has a flip phone or flat out refuses to install any app required for work on their personal devices. IT departments will typically fold to pressure and allow a call or text for MFA because they did not want to buy, configure, and send out phones to employees refused.

I’ve also seen IT send a company phone to a specific user that refused to allow Microsoft to have their phone number for calls or texts too. Legal told them they could not require the employee to use their personal property or reveal personal details to Microsoft in order to work.

[–] asim0v 9 points 9 months ago* (last edited 9 months ago) (1 children)

Not prosecuting a ex-President for literally trying to both violently and by subterfuge overturn a lawful, democratic election while in office by a position that is literally sworn to preserve, protect, and defend the Constitution would officially make America a joke.

Other democracies can uphold their own laws even when the highest official of the land violates their oath of office. If we do not, the idea of America as a democracy is officially dead.

[–] asim0v 10 points 9 months ago

If Trump wins in 2024 there won’t be a 2028 election, or at least a not a real one.

[–] asim0v 14 points 11 months ago (1 children)

As an IT worker who is regularly subjected to dealing with printers, HP is by far the worst I have to deal with. They are shit from the build quality to the bloated borderline spyware software they push to the awful web interface. If you are considering an HP printer just don’t. It’s a better investment to go buy anything else.