• 0 Posts
  • 36 Comments
Joined 2 years ago
cake
Cake day: July 1st, 2023

help-circle
  • Shitty software? The software is great. It sucks that we live in a world that needs MFA to be secure. I also don’t think any software exists in the IT space that doesn’t require some sign in. Every RMM on the planet is going to require secure sign on and so will every knowledge base software. You also need to sign in to access things like domain DNS. Most of my job is locked behind half a dozen sign ins. That’s how it goes for MSPs anything else would be unsecure.


  • Jyek@sh.itjust.workstolinuxmemes@lemmy.worldMicrosoft: "My PC"
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    22 days ago

    Sign in states for tokens expire when you power cycle. If you’re in IT or moving between classes, not only would you have to wait for power down and power on each stop you make,you’d also need to sign into every tool you use that requires credentials. I work as a field tech for an MSP. If I had to shut down at the end of each stop and boot back up then I’d have to spend 20-30 minutes signing back into my RMM, ticket system, azure portal, knowledge base etc on top of the site specific stuff I’m already going to have to sign into for that stop. Sleep great. Just disable S0 sleep.


  • Then you’re not understanding what NPR is at all. NPR is a non-profit radio station that provides free access to news, music, and programming over the radio and through TV and internet channels. Whatever NPR makes in revenue is through donations. Of course their budget is separate from their revenue. You have to have a budget at all to produce revenue.

    What this is saying is that NPR spends 100x more than the government will give them to provide a literal free service to the citizens of the USA. NOR is practically self-sufficient while SpaceX is a for profit corporation whose bigger client is the federal government. If either of these organizations are a leech, it’s certainly not NPR. One of them needs the money to survive.



  • Ehhhh, you can still get in there. Also there are several control panel only functions. It’s been pretty frustrating how they’ve incremented change. I feel like they should have gone menu by menu in control panel and just built their new settings application page by page and then just pushed one big control panel alternative. Then they could phase the old one out or leave it in for legacy users or whatever. But the new settings and how that menu changes every few months is frustrating as hell.






  • Cool man, you’re still saying two completely different things. You either know what you’re doing or you spin your wheels installing windows fresh for an ENTIRE WORK DAY. There is no both.

    Here, since you don’t know how to do it efficiently, let me learn you some. I configure my installer using a 3rd party program more often than not but that doesn’t make the biggest time difference to me. I use Rufus which gives you the option to preconfigure a local admin profile as well as skip the various check boxes about tracking info. You can also skip use the Rufus app to set up an installer that will work on unsupported CPUs. Easy and fast. Lastly, when you get into the OOBE, before you click anything, shift + f10 pulls up an admin CMD where you can run OOBE/BYPASSNRO to skip the network requirement.

    Windows 11 is virtually the same installation as windows 10 at that point

    By the way, you have not been in IT since before I was born. Come on down off your high horse. 25 years is long enough to be stuck in the old ways. There is still room to learn and plenty of time to choose not to be angry at strangers on the internet.


  • Jyek@sh.itjust.workstolinuxmemes@lemmy.worldWindows VS Linux
    link
    fedilink
    arrow-up
    1
    arrow-down
    1
    ·
    4 months ago

    They disabled the local account for offline devices on all versions including IOT. The solution is to hit shift + f10 for CMD and then running OOBE\BYPASSNRO which enables that feature. But 90% of people setting up windows for the first time just create an account or use one they already have. Not that it’s better to do it that way. Just that it isn’t that difficult.


  • Cool story bro. You must be so good at computer yet you can’t install windows. Also very cool that you think you know how old I am or what my experience is. I can do either blindfolded and have been doing so for decades. It’s really not that impressive. This is low level IT shit. Let’s all stand and applaud this guy who can’t install windows. Lol


  • It’s not questionable at all to assume that a user rooting and installing their own OS is a security risk. That’s the entire premise of zero trust. I’m sure Graphene OS is secure and better for user privacy when configured properly. But you can’t trust that an end user will configure it properly. That’s what I am saying and have been saying since the first message. You can’t trust the user to be security minded. Ultimately, the best thing you can do as a developer or a business is support a known quantity of software and hardware configurations and that likely means only supporting OEM installed ROMs.



  • It’s not for your security. It’s for the company’s security. You’re really dense you know that. This is not about you and it’s not about Google. What I’m saying is, people suck ass. So to protect themselves from people sucking ass, they restrict access to their system to their terms. Completely fair if you ask me.

    You can go cry Google bad all you want. I might even agree Google is bad. But this is not a Google thing. It’s an IT security thing. The banks and MFA providers are security first businesses. They will make the decision that protect them first and it makes sense for them to do so. If you owned a bank, there is a high likelihood you would make similar decisions that end users don’t quite understand.

    As far as McDonald’s is concerned, who the fuck knows what their developers are doing. That app is trash anyways.




  • This has very little to do with Google. Custom OS’s in general are being restricted by these apps, not Graphene in particular. All custom OS’s and root access devices are inherently less secure, even if they are privacy focused OS’s.

    In IT this is called a zero trust. You don’t trust anything you cannot verify yourself. And a user installed OS is not something anyone can verify other than the installing user. Obviously for your own security you have your own zero trust policy if you are using something like Graphene, but these companies aren’t making it more secure for you as a user, they’re covering their asses in case there are holes in security they cannot account for.


  • Most banks restrict custom ROM and root access devices for security purposes. Same with MFA apps. I get it. From an IT security perspective, restrictions on software compatibility limit the number of failure points. Even if you find a custom OS that is more secure as an OS, it is installed through opening up your device to security risk and there is no real requirement for you to close up that security risk afterward. My company has made the same choice to restrict supported platforms for our services.

    McDonald’s app restricting the OS is probably some security decision they made because it’s more secure even when they probably don’t need it though.