sylver_dragon

Step one, take a deep breath and realize that, unless you own the company, killing yourself to save it is dumb.
That said, there are some things you can do to try and improve thing:

Learn to “talk business”. Yup, this one sucks, but it’s also the only way you are ever going to get traction. Take that Windows 7 system, why do you want to upgrade it? “Because security”, right? Well, how does that translate into costs to the business? Because, businesses don’t care about security. I work in cybersecurity for a large (Fortune 500) company and upper management has given exactly zero fucks about security for a very long time. They only started coming around when that lack of security starting costing them real money. They still give zero fucks about security, but they do care about risks to the business and what that might cost them. Having security and money linked in their heads means we can actually implement better security. You need to put the lack of security of that Windows 7 system in terms of dollars potentially lost. Something like the Annualized Loss Expectancy. If that box gets popped, how much would it reasonably cost the business to recover from? Is that something which you expect to happen once a year, once every five years? These numbers will be mostly made up and wildly inaccurate. But, the goal is to just get in the right ballpark. How does that cost compare with the cost to upgrade? What about other possible mitigating controls you could use to protect it? Does it need to have internet access? Could you VLAN it off into it’s own little world and keep it running with reduced risk? Give management the expected costs of that system becoming patient zero in a ransomware outbreak and then give them several options and the associated costs (upfront and ongoing) to secure it. Have multiple options. A high cost one (e.g. replace the box), a low cost one (FW and VLAN controls) and the one you actually want right in between (OS Upgrade). Managers are like children, they need to feel like they made a choice, even if you steered them into it.

Next, don’t try to boil the ocean. You’re not going to fix everything, everywhere, all at once. Get some small wins under your belt and prove to management that you aren’t going to break the business. Show that you aren’t just some greenhorn cowboy who is going to break the business because you think you are so smart. If you can make a plan for that Windows 7 system, show the costs involved and actually get the job done smoothly, then you might be able to move on to other things. Sure, you might actually be right; but, you could also end up breaking a lot of stuff in your quest to have perfect security (which you’ll never actually achieve). Take one one or maybe two things at a time. It’s a slow process and it leaves things broke far longer than you will like, but it builds trust and gets more action than just screaming about everything at everyone. Slow is steady, steady is fast.

Moving on, be aware that you probably don’t know everything about the business, and the business functioning is paramount. Why does everyone have local admin? Because that’s the way it’s always been and it has always worked. If you start pulling those permissions back, what processes get broken? This is a tough one, because it means documenting other people’s processes, many of which probably only exist in the heads of those people. How often are people moving around critical files using CIFS and the C$ share. It’s fucking stupid, but there’s a good chance that the number is greater than zero. You pull local admin from people, and now work doesn’t get done. If work doesn’t get done, the business loses money. You need to have a plan which shows that you have considered these things. Design a slow rollout which phases local admin rights out for the users who are least likely to affect the business. Again, slow is steady, steady is fast.

And thins brings us to another point, auditors are your friends. No really, those folks who come in and ask you where all your documentation is and point out every single flaw in your network, ya, they deserve hugs not hate. You’re in healthcare, where does your business fall on regulations like HIPAA (US-centric but similar regulations may apply in other countries)? 'Cause nothing says, “fuck your wallet” to a business quite like failing an audit. If you can link the security failures of the business to required audit controls, that’s going to give you tons of ammunition to get stuff done. I’ve watched businesses move mountains to comply with audit controls. Granted, it all becomes “checkbox security” at some point; but, that is vastly better than nothing.

All that said, company loyalty is a sucker’s game. I’m guessing you’re early in your career and an early IT career likely means job hopping every 3 years or so. Unless you get a major promotion and associated pay bump in that time, it’s probably time to move on. Later in your career, this can slow down as you top out in whatever specialization you choose (or you get lured in by the siren song of management). So, there is that to consider. It might just be time to go find greener pastures and discover that pastures are green because the cows shit all over them. But, it can feel better for a while. Having your resume up to date and flying it out there usually doesn’t hurt. Don’t job hop too fast or you start to look like a risk (I stick to a 1 year minimum). But, don’t stick around trying to save a sinking company.

Along with that, remember that you don’t own the company; so, don’t let it own you. When you get to the end of your day, go the fuck home. Don’t let the business consume your personal time in actions or thoughts. If they place burns, that’s the owner’s problem, not yours. Do your best while on the clock, do try to make positive changes. But, killing yourself to make the owner just a bit richer makes no sense. The only person who is ever going to truly have your best interests in minds is you, don’t lose sight of them. Say it with me, “Fuck you, pay me”

So, where to go from here? Well, you sound like you have a good plan at the moment:

I am also looking into getting my Linux+ (currently only have my A+)

Sounds solid. If you care about security, let me recommend poking your head into the cybersecurity field. I’m am absolutely biased, but I feel it’s a fantastic field to be in right now. Following up the Linux+ with the Sec+ can be a great start and maybe the Net+. The A+, Net+, Sec+ trifecta can open a lot of doors. And you now have some IT/systems background, which I always suggest for folks (I look for 3-5 years in IT on resumes). As a lead, I get to be in on interviews and always ask questions about networking, Active Directory, email security and Linux. I don’t expect entry level analysts to know everything about all of them; but, I do expect them to be able to hold a conversation about them.

Good luck, whatever path you choose.

War rarely decides who’s right, just who’s left.

Can we follow this up by murdering most of the generic Top Level Domains (gTLD)? I have yet to see anything except spam and malware coming out of the .top domain.

there wouldn’t be any reason to tweak and replace it all constantly.

There really wasn’t.

There is the legal concept of Mens Rea which has to do with the mental state of the person committing the act. And I think that applies in this case. Archeology has generally been about learning and providing knowledge of previous cultures. While the methods, mindset and actions of 18th and early 19th century treasure hunters left a lot to be desired, some of them did make some reasonable attempt at documenting their finds and preserving the context to provide that knowledge. Modern archeologists go to painstaking lengths to properly document finds and preserve as much knowledge as possible from finds. Grave robbers do none of this. Their motivations generally revolve around personal gain and they will destroy any context and knowledge in their attempt to make money.

Consider your own reading on the Valley of the Kings. Where did all of the information we have on the Pharaohs in those tombs come from? It’s from the work of the archeologists documenting everything found in those tombs. While there is certainly an argument for leaving things in the same state they were found in, that also means that the artifacts will continue to deteriorate and any further knowledge which might be gleaned from them will be lost. Sending artifacts to a museum isn’t all about putting them in cases for people to gawk at. It also means that actions are taken to preserve those artifacts and maintain them for observation and study in the future. Sometimes this does cause damage. Again, 18th and early 19th century preservation was often just as, if not more damaging than leaving those artifacts in-sutu. But again, the intention was to preserve, not enrich.

So, that’s how I would draw the line, based on the reason and methods used for the removal of grave goods. Is it done with the intention for the furtherance of knoweldge of previous cultures? Or, is it just done to enrich someone? And is the work being done using the current understanding and methods to best capture and preserve that knowledge for future generations?

While I would never support it, the main way to improve online discussion is by removing anonymity. Allow me to go back a couple decades and point to John Gabriel’s Greater Internet Fuckwad Theory. People with a reasonable expectation of anonymity turn into complete assholes. The common solution to this is by linking accounts to a real identity in some way, such that online actions have negative consequences to the person taking them. Google famously tried this by forcing people to use their real name on accounts. And it was a privacy nightmare. Ultimately though, it’s the only functional solution. If anti-social actions do not have negative social consequences, then there is no disincentive for people to not take those actions and people can just keep spinning up new accounts and taking those same anti-social actions. This can also be automated, resulting in the bot farms which troll and brigade online forums. On the privacy nightmare side of the coin, it means it’s much easier to target people for legitimate, though unpopular, opinions. There are some “in the middle” options, which can make the cost to creating accounts somewhat higher and slower; but, which don’t expose peoples’ real identities in quite the same way. But, every system has it’s pros and cons. And the linking of identities to accounts

Voting systems and the like will always be a kludge, which is easy to work around. Any attempt to predicate the voting on trusting users to “do the right thing” is doomed to fail. People suck, they will do what they want and ignore the rules when they feel they are justified in doing so. Or, some people will do it just to be dicks. At the same time, it also promotes herding and bubbles. If everyone in a community chooses to downvote puppies and upvote cats, eventually the puppy people will be drown out and forced to go off and found their own community which does the opposite. And those communities, both now stuck in a bias reinforcing echo chamber, will continue to drift further apart and possibly radicalize against each other. This isn’t even limited to online discussions. People often choose their meat-space friends based on similar beliefs, which leads to people living in bubbles which may not be representative to a wider world.

Despite the limitations of the kludge, I do think voting systems are the best we’re going to get. I’d agree with @grue that the Slashdot system had a lot of merit. Allowing the community to both vote on articles/comments and then later have those votes voted on by a random selection of users, seems like a reasonable way to try to enforce some of the “good faith” voting you’re looking for. Though, even that will likely get gamed and lead to herding. It’s also a lot more cumbersome and relies on the user community taking on a greater role in maintaining the community. But, as I have implied, I don’t think there is a “good” solution, only a lot of “less bad” ones.

Like many of the differences, I suspect that one came out of the attempts as English Spelling Reform, which took greater hold in the US. Ultimately, the process hasn’t succeeded, but it has excised some of inconsistencies from the English. Though, it has also led to some confusion, as in the tire/tyre case.

You have to get out away from cities. We get them in our yard every summer and our kids run about catching them.

Ya, in fairness to MS, Windows XP was a good release (post SP1, like most “good” MS releases). But, the fact is that MS is going to push the latest version, regardless of how ready it is for use. MS was hot for folks to switch to Windows ME. And holy fuck was that a terrible OS. MS also did everything short of bribery to get folks to switch to Vista (anyone remember Windows Mojave?). The “upgrade, or else” mantra has always been their way. Not that I blame them too much, it does need to happen. It just sucks when the reason for the new OS is more intrusive ads and user tracking.

Many years ago, I attended a Windows XP launch event. The Microsoft presenter had the perfect line to describe how MS views this:
“Why should you upgrade to Windows XP? Because we’re going to stop supporting Windows 98!”

This was said completely unironically and with the expectation that people would just do what MS wanted them to do. That attitude hasn’t changed in the years since. Win 10 is going to be left behind. You will either upgrade or be vulnerable. Also, MS doesn’t care about the home users, they care about the businesses and the money to be had. And businesses will upgrade. They will invariably wait to the last minute and then scramble to get it done. But, whether because they actually give a shit about security or they have to comply with security frameworks (SOX, HIPAA, etc.), they will upgrade. Sure, they will insist on GPOs to disable 90% of the Ads and tracking shit, but they will upgrade.

I’ll throw Grand Cayman on the list. Specifically, I’d recommend visiting Stingray City. Just a really neat experience to feed/pet stingrays while wading around on a sandbar.

You claim to dislike it, yet you gave it greater reach by posting it on Lemmy. Good job! Or maybe your actual job, assuming you are being paid to shill for whatever rag this came from.

Someone is trying to re-create the virus from Snow Crash

Probably worth noting that, if you are using an employer owned system to watch said porn, they likely have software on the endpoint which will let them see what porn you are watching, regardless of HTTPS/VPN/Tor. Depending on how much your employer cares about such things, that may or may not come back to bite you. I’ve worked at places where we regularly reported on users watching porn on work computers, and I’ve worked at places where we only reported on users getting malware while browsing porn at work. But, never assume your activity isn’t being monitored on employer owned systems.

writes Nestler. “We want to hear from you when you think Reddit is making decisions that are not in your communities’ best interests. But if a protest crosses the line into harming redditors and Reddit, we’ll step in.”

Translation: We don’t really give a shit what you think. Now shut up and generate that content for us to sell to AI companies.

Necessity is the mother of invention. Laziness is the father.

While it was kinda lame for Mozilla to add it with it already opted-in the way they did

That’s really the rub here. Reading the technical explainer on the project, it’s a pretty good idea. The problem is that they came down on the side of “more data” versus respecting their users:

Having this enabled for more people ensures that there are more people contributing to aggregates, which in turn improves utility. Having this on by default both demands stronger privacy protections — primarily smaller epsilon values and more noise — but it also enables those stronger protections, because there are more people participating. In effect, people are hiding in a larger crowd.

In short, they pulled a “trust us, bro” and turned an experimental tracking system on by default. They fully deserve to be taken to task over this.

Are there seriously no lemmy users on a Mac?

Artist are probably still on Reddit to access the larger user base.

Widespread IPv6 adoption is right there with the year of the Linux desktop. It’s a good idea, it’s always Coming Soon™ and it’s probably never going to actually happen. People are stubborn and thanks to things like NAT and CGNAT, the main reason to switch is gone. Sure, address exhaustion may still happen. And not having to fiddle with things like NAT (and fuck CGNAT) would be nice. But, until the cost of keeping IPv4 far outweighs the cost of everything running IPv6 (despite nearly everything doing it now), IPv4 will just keep shambling on, like a zombie in a bad horror flick.

One idea to always go back to is:

Extraordinary claims require extraordinary evidence

• Carl Sagan

This can be tough to evaluate sometimes, but it’s a good general idea.

Does the claim sit outside the natural world as currently understood by scientific theory?
If yes, then there’s going to need to be a lot of evidence. If not, the level of evidence is lower.

Does the claim involve a low probability event?
If yes, then more evidence is needed of that event.

Does the claimant have a stake in the claim?
For example, does the person get money, fame or other stuff by getting people to believe the claim? If so, more evidence should be required.

What type of evidence would you expect to see, if the claim were correct?
When things exist, they tend to leave evidence of their existence. Bones, ruins, written records, etc. If someone says something exists, or used to exist, but they should have archeological/anthropological evidence to back it up.

Sure, it’s always going to be a bit subjective as to what requires proof. And for a lot of low stakes things, there’s no point in going after it. If someone claims to be from Pitcairn, then what’s the point of questioning it? Just say, “huh, cool” and move on. If someone is trying to convince you that an historical figure existed, and that should effect how you see the world, maybe ask for as bit more evidence.