cross-posted from: https://feddit.uk/post/40593125

They state it's scheduled maintenance but the dashboard link leads to a 500 return. https://www.cloudflarestatus.com/

Hi, I’m looking to set up a Hybrid Cloud Infrastructure with my homelab as I’m lacking additional processing power.

• Does Hetzner have concepts for VPC/VCN and subnets, similar to AWS, GCP, or Oracle? I’ve been browsing through the documentation (https://docs.hetzner.com/networking/networks) but couldn’t find anything related to it.
• Does anyone have a new referral code they can share? Thanks!

Remote terminal application that allows roaming, supports intermittent connectivity …

Hello guys,

We're somewhat struggling with moving traditional file shares to SharePoint Online. Unanimously people recommend moving to multiple sites vs a single one because the ease of management. While I do not doubt that I simply cannot see the logic. The only real limitation I can think of is the amount of items per site where moving to multiple sites would make a difference.

What is easier about managing permissions on for example 5 folders in the root of a single site vs managing the permissions on 5 separate sites?

What I do know is that it is way easier to have my user go to a single site to find their stuff vs 5 different sites (and their corresponding URL's) or am I missing something here?

Why troubleshoot Terraform when you can procrastinate by updating your onboarding slide deck instead?

For a few years I'm noticing more and more weird and unexplainable behaviour in Outlook. We support mostly 365 Exchange Online clients on Windows workstations or RDS environments.

The amounts of unexplainable bullshit we face is staggering. Outlook not being able to open the folder set, weird MFA glitches, weird bugs in the UI and downright weird errors coming from nowhere is some of the stuff we face weekly.

Am I alone on this?

With version 142, Google Chrome just rolled out a new permission prompt for Local Network Access.

While technically a good feature, this caused me the better half of the day hunting a production bug in our SaaS product, which after all did not exist.

Turns out that Chrome will display the permission dialog also for requests which your company's IT-mandated Endpoint Protection solution is grabbing for inspection. In our case, it was Zscaler causing issues.

If you deny the request (which from an end user perspective is the only reasonable choice), your web application will act weird.

Lucky me, our devices had just upgraded to Chrome 142 at the very same day we rolled out a production release. That's how all hell broke loose.

Working on a machine that BSOD'd 3-4 times a week, couldn't find much wrong but then I saw this. An NVME drive from a company named "OEMGenuine".
Their website 404's, waybackmachine says it was last cached 2 years ago, and even then it was a broken Godaddy landing page.

Found in a Thinkpad purchased from Amazon, sold by a third-party reseller who "upgrades" the devices before reselling.

Machine seems just fine/stable with a credible drive in it.

What's the craziest shady "brand" name you've seen in the wild?

EDIT: NEW Discovery! One of the ancient waybackmachine cached pages previously redirected to oemgenuine.NET! It's shoddy as hell but the .net domain is still visible today! oemgenuine.net

AWS Us-east-1 has broken itself on a European Monday morning.

So far we have Slack being slow and image attachments preview broken.

No SSO auth with Atlassian (JIRA, OpsGenie, and Confluence)

Sadly, I looks to be resolving. Back to work 🥲

About a month ago NPM was compormised. It was advised to lock versions to before the compromise.

However, one eventually needs to unlock and start getting updates again. Does anybody know if the coast is clear, or possibly a place that is tracking known compromised packages and their current status?

So we just hired a contractor. We wanted a mid level devops like engineer that can handle cleanup tasks that we are far behind on. Grunt work, mostly like cleaning up terraform repos, adjusting configuration to comply with audits.

What we go instead is a highly pushy dude who really wants to push us to a specific stack architecture.

Right now we use a pretty old but standard setup of public lb to nginx, to app load-balancer to our app servers.

We want to move to Kubernetes but there have been some roadblockers with the way this app location is configured.

He's been trying to push us to move to a tool chain that uses terragrunt and terraform to deploy kubernetes and argocd.

We finally agreed to let him do what he wanted, and the very first thing he asked for is a separate AWS account, and the ability to register two top-level domains through Route 53.

Myself and management talked about it and while we understand the requirement for the AWS account,and how does complicate network infrastructure, we're a bit concerned about why he wants to register two new domains to work with.

I've been doing this for almost 10 years now, and I've read all of the documentation for these tools, and while I haven't used argocd and Terragrunt, I don't see any reason why they could not work with us to use one of our pre-existing domains.

Hi there, looking for a KVM for my home server to fix it remotely when having an important issue
because wel... My home server isn't at MY home but at my mother's home

I was looking at nanoKVM-USB which I would plug to a raspberry pi, enabling and disabling the remote app according to my need to avoid unnecessary security issues, maybe even unplug it and ask my mother to plug it when needed, what do you think of such a solution ?

Thanks !

This is nice for those tired of wrestling with TLS certs and CAs for your database

EDIT: I had mistakenly stated that Windows Update was where the issue was. I am experiencing this issue attempting to update my apps via the Microsoft Store. My question still stands, just added some clarifications and corrected my mistake.

I have the perpetual license for Clip Studio Paint. If you aren't familiar with their licensing model, basically I don't get the minor update versions (4.1, 4.2, etc). I only get security patches and hotfixes. My issue is every time Microsoft Store's update runs, it tries to install 4.1.0. Obviously, the Store is just seeing a new version present and isn't checking any licenses or anything. Is there a way to block CSP from ever updating through the Store?

If the program updates through the Store, then I have to uninstall it and reinstall the version I'm licensed for. When I do that the loop just starts over again because MS detects I'm not at the newest version anymore.

[Adding some answers to questions]

I did not install CSP via the Windows Store since some people have asked about that. I installed it via CSP's own installer downloaded from their website. The Microsoft Store update section seems to have recently started pushing 3rd party app updates which is where I believe this is coming from.

I also changed the picture to show more context as well as what is in the "..." menu option.

Had a fun occurrence today, the org is revoking JIRA licenses because some of us haven't used them is the last year. About an hour later a bunch of people on my team reported failing a phishing test because the org decided to do a your license is being revoked internal phishing test.

Well played security team, well played.