I don't know who I hate more...
-
glennPattonContracting2 wrote:
I can't use the mini-hub as the Work lappy will not see things plugged into the usb ports!
We have the McAfee virus at work. Its primary faults are two-fold. First, every time you plug a removable device it that isn't encrypted, it offers to do so. You can say no, but it's not the default choice. The encryption typically bricks the device. The other is in insane. Any application that writes executable files is subject to their "Adaptive Threat Protection". This is a heuristic mechanism that locks the file being written and then scans it for malware. Unfortunately, if the original writing process closes the file and then re-opens it, it's now broken. Visual Studio's manifest embedding and Inno Setup get caught in this a lot. I've had stern words with our IT department over the whole thing, with less than pleasant results.
Software Zen:
delete this;McAfee?, I went in now it appears to be working apart from I log into the VPN, but I have to go in tomorrow to run some tests (if the hardware is ready..!). I've only had the weirdness with it (McAfee) not running the VPN software, being updated runs fine, McAfee won't run the VPN. I thank :bob: I haven't had to Vis Studio yet...
-
It's honestly a question of employee training and selection. If an employee has not the honesty, intelligence and integrity necessary to not f* around with company's equipment he has to go. When unapologetically laying off any employee stupid enough to not grasp the basic computer security concepts after 40 years of PC existance becomes the norm, computer security becomes the norm as well. Dura lex, sed lex.
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
What you are missing is that some of these people were hired for things other than their computer skills. That guy who is dumber than a firehose around IT may be the companies best lawyer. The IT systems are (unfortunately) configured for the average person - not developers. Unfortunately IT might not have enough resources to solve more than the average - and developers get caught up in it. . . and to be fair - I've seen my fair share of developers doing pretty stupid things as well. Agree you need to trust people to drive safely - but enforcing seat belts is not such a bad thing. You might even find yourself thanking the seatbelts at some point when you had an "In a hurry, not thinking, just send this file, brain fade." On the other side of the fence - provided you are not a cowboy - most IT staff (given the time) would be happy to set you up better. Speak with them - they should be your friends - not your enemies. Most of the time they can come up with something.
-
Hi All, Trying and failing to work from home due in part to the wet string broad band connection and the laptop I have, locked for my security. Having to use a 'Mini Hub' due to the broadband being unstable I find I can't use the mini-hub as the Work lappy will not see things plugged into the usb ports! So I have go to go into the Office to winge at IT and attend an Online meeting. I wanted to work from home today! :sigh:
If it was just Home Office which suffers from paranoid IT. I had several cases of my work code being marked as malware by some paranoia "solution" (which does exactly as much against malware as Defender does, except with more false positives). I had an API, which according to Microsoft documentation, works just fine, only work when started as administrator. I once had the whole of our worldwide IT chiefs meet at the head quarters just because I've used robocopy (which is such an evil and forbidden tool, the IT didn't even bother lock it with group policy because hey, since when do IT chiefs need to know what's available on a stock Windows machine).
-
Hi All, Trying and failing to work from home due in part to the wet string broad band connection and the laptop I have, locked for my security. Having to use a 'Mini Hub' due to the broadband being unstable I find I can't use the mini-hub as the Work lappy will not see things plugged into the usb ports! So I have go to go into the Office to winge at IT and attend an Online meeting. I wanted to work from home today! :sigh:
"Keys don't lock doors, they only lock locks" - me. I hate it when they give me a new laptop that is locked down. I do like getting a new laptop. What I don't like is the time I waste figuring out how to get it back to a state that serves my needs; so that I can do what I am paid to do.
Nothing succeeds like a budgie without teeth.
-
glennPattonContracting2 wrote:
the Work lappy will not see things plugged into the usb ports!
this is a great security feature as some employees like to steal source code, etc. and put them on thumb drives. My company has the laptop encrypted with Bitlocker and so if you store something on a USB device, it encrypts it, so that only the laptop can read it back again. My company also installed extra security software to prevent uploading anything to non approved repos, etc. so stealing source code, etc. and uploading it to a personal drop box, cloud storage, git repo, etc. can't be done either. My laptop is currently the most secure digital device I have had in my entire life, I think. :laugh:
-
And consultants. Too many firms hire consultants as temporary workers, and consulence companies foster a mercenary environment - they parade us to customers singing our praises and overselling us , just like a pimp would do - so trust is hard to give.
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
Yeah nothing I hate more than uppers who barely know technology trusting people outside more than inside to make up for their deficiencies. And then implementing the practice when it is convenient to them not the rest of the workforce. Ever wonder why they cause the breach and programmers and IT folk get the claim. Mainly because they are given to much power in the workforce. I honestly can't wait till AI knocks out some of the random things people justify to keep themselves from having to learn on a daily basis. That magic excel sheet I want to blow up everyday and they feel the threat so they try to keep us oppressed in the workforce. A building pipe bursts "Ohh, that was just the weather we can deal with it". My email went down "Find the IT person and skewer them" for a cloud problem that is most of the time on a vendor a consultant recommended for hype. I don't feel business people really understand how to connect the dots and I hate the don't care make it work mentality.:mad::mad::mad: :((
-
glennPattonContracting2 wrote:
the Work lappy will not see things plugged into the usb ports!
this is a great security feature as some employees like to steal source code, etc. and put them on thumb drives. My company has the laptop encrypted with Bitlocker and so if you store something on a USB device, it encrypts it, so that only the laptop can read it back again. My company also installed extra security software to prevent uploading anything to non approved repos, etc. so stealing source code, etc. and uploading it to a personal drop box, cloud storage, git repo, etc. can't be done either. My laptop is currently the most secure digital device I have had in my entire life, I think. :laugh:
Slacker007 wrote:
My company has the laptop encrypted with Bitlocker and so if you store something on a USB device, it encrypts it, so that only the laptop can read it back again.
Any machine running BitLocker can unlock those USB drives. You just need to know the password or recovery key.
-
Slacker007 wrote:
My company has the laptop encrypted with Bitlocker and so if you store something on a USB device, it encrypts it, so that only the laptop can read it back again.
Any machine running BitLocker can unlock those USB drives. You just need to know the password or recovery key.
Not when you are trying to recover a system in front of a customer. Recovery keys are a joke lets, make it so long you have no chance of rembering it, thank :bob: for masking tape and a pen, so you can write on the blooming stick
-
"Keys don't lock doors, they only lock locks" - me. I hate it when they give me a new laptop that is locked down. I do like getting a new laptop. What I don't like is the time I waste figuring out how to get it back to a state that serves my needs; so that I can do what I am paid to do.
Nothing succeeds like a budgie without teeth.
Even better: You physically get up early, go to work, go through leaps and bounds so you can get in to the area where you are going run the test, find that the pre-test failed. So the favours you pulled to get some free time to run the test are now in vain. Why didn't the lot that failed the pretest tell me, 'We didn't have your phone number', no Teams, Email or smoke signals!!!!
-
Slacker007 wrote:
My company has the laptop encrypted with Bitlocker and so if you store something on a USB device, it encrypts it, so that only the laptop can read it back again.
Any machine running BitLocker can unlock those USB drives. You just need to know the password or recovery key.
good luck finding my bitlocker key. I don't even know where I put it. Its somewhere in my office. LOL. I have not seen it in years. I have not needed to export anything to USB for work in over 6 years, I think. I don't use USB anymore for my personal stuff. Haven't for years.
-
McAfee?, I went in now it appears to be working apart from I log into the VPN, but I have to go in tomorrow to run some tests (if the hardware is ready..!). I've only had the weirdness with it (McAfee) not running the VPN software, being updated runs fine, McAfee won't run the VPN. I thank :bob: I haven't had to Vis Studio yet...
If my situation with it gets any worse, I'm going to look at measures of my own. Fortunately I'm an administrator on my machine. One possibility is an access control list on some of the McAfee executables that prevents them from executing. Another is a separate Windows service that terminates the Adaptive Thread Protection processes whenever they run.
Software Zen:
delete this; -
If my situation with it gets any worse, I'm going to look at measures of my own. Fortunately I'm an administrator on my machine. One possibility is an access control list on some of the McAfee executables that prevents them from executing. Another is a separate Windows service that terminates the Adaptive Thread Protection processes whenever they run.
Software Zen:
delete this;I removed McAfee from my main computer and switched back to Windows Defender, when McAfee kept flagging the executable of an application I was developing as 'suspicious', and wouldn't let me run it until I identified the executable as 'safe' every time I updated it.
-
I removed McAfee from my main computer and switched back to Windows Defender, when McAfee kept flagging the executable of an application I was developing as 'suspicious', and wouldn't let me run it until I identified the executable as 'safe' every time I updated it.
I had a case where I was compiling an Inno Setup install. McAfee locked the
Setup.exebeing created, terminate the Inno Setup process, and deleted all files that process had open, other than the process executables itself. Unfortunately it deleted the source code for the installer I'd been working on. I lost over an hour's work, since I had to start from the last version of the installer source in our source control. I was peeved.Software Zen:
delete this; -
Hi All, Trying and failing to work from home due in part to the wet string broad band connection and the laptop I have, locked for my security. Having to use a 'Mini Hub' due to the broadband being unstable I find I can't use the mini-hub as the Work lappy will not see things plugged into the usb ports! So I have go to go into the Office to winge at IT and attend an Online meeting. I wanted to work from home today! :sigh:
We implemented USB Write blocking. Our people are able to use whatever USB devices they want to use, they just can't write files to them. So, devices like network hubs, printers, scanners, etc. work without problems. If someone needs something written to a USB drive, they can either file a request to have us do it for them, or they can put in a request to be exempted from the policy. Exemptions go all the way up to SVP level for approval, but having us do it may only require their manager to approve depending on the sensitivity of what they want written out. Of course, anything done under exemption is logged and reviewed regularly. We have had issues in the past where someone abused his exemption, and was downloading CAD files and source code to a USB drive to sell them. We pegged him in less than a week. Only served to cement in the necessity of such security measures. We clamp down where we have to, but we do make an effort to not stop people from doing their jobs. ---------- Money makes the world go round ... but documentation moves the money.
-
Sure, I get that. The old saying, you can't prevent access, merely increase its cost has never been more true. What is also true however, is that if you flaunt your distrust for those you rely upon, you're simply scheduling the time they'll bite you when they can. People that need said measures in order not to steal the company data weren't the best hires in the first place. Oh. Right. Recruitment firms and HR. Nevermind. I'm thinking about some alternate universe where these entities aren't dumber than a firehose. :doh:
-
We implemented USB Write blocking. Our people are able to use whatever USB devices they want to use, they just can't write files to them. So, devices like network hubs, printers, scanners, etc. work without problems. If someone needs something written to a USB drive, they can either file a request to have us do it for them, or they can put in a request to be exempted from the policy. Exemptions go all the way up to SVP level for approval, but having us do it may only require their manager to approve depending on the sensitivity of what they want written out. Of course, anything done under exemption is logged and reviewed regularly. We have had issues in the past where someone abused his exemption, and was downloading CAD files and source code to a USB drive to sell them. We pegged him in less than a week. Only served to cement in the necessity of such security measures. We clamp down where we have to, but we do make an effort to not stop people from doing their jobs. ---------- Money makes the world go round ... but documentation moves the money.
I can understand the whole thing about security ( A company I once worked for one the 'seniors' left for another role elsewhere brought a USB portable hard drive plugged it in and down loaded somefiles, it took nearly an hour, my guess was he was downloading the projects directory, no one said anything!) but this system you lock everything down. Tried to log in this afternoon remotely, Wi-Fi will turn on but the second you try to scan for a network it turns it off, so I have to be on an approved Network for the Wi-Fi to work?
-
The primary operating mode of my non-tech-savy acquittances is taking screenshots on their phones instead of sharing links when go shopping. Second to that is taking photos. Links may come and go, but screenshots remain!
-
all email is scanned, I know that. I have not tried to test their scanning abilities for zip files, etc. or encrypted emails. may raise suspicions with security. not sure. don't want to find out.
-
Occasional dumb mistakes are one thing, many people though cultivate a path of willfull ignorance and criminal negligence.
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
(MAGA)
