Discussion:
Just don't, for God's shake
(too old to reply)
Juancho
2021-02-06 06:23:12 UTC
Permalink
I need to vent.

It was standard procedure, at $WORKPLACE, to document critical systems
through email. Including the passwords to administer such critical things.

That was a custom from before the horrible times of BYOD came upon us.

And then people began to connect shitty mobile devices to see their
email on those. And people use their smartphones to "try new apps"
and dick around.

I guess you can see where this is going...

Yeah, to a hacked mailbox which led to a massive breach of critical
systems by compromising the password of a superuser account (which was
25 random characters long).

So now $WORKPLACE has reverted to document critical passwords on post-it
notes attached to the monitors.

Well, at least post-it notes are not remotely hackable...
--
EOT
David Cameron Staples
2021-02-06 08:56:28 UTC
Permalink
Post by Juancho
Well, at least post-it notes are not remotely hackable...
... he says, from the before times, when people didn't have multiple
cameras at every workplace.
Juancho
2021-02-06 09:23:52 UTC
Permalink
Post by David Cameron Staples
Post by Juancho
Well, at least post-it notes are not remotely hackable...
... he says, from the before times, when people didn't have multiple
cameras at every workplace.
True, but the security posture of $WORKPLACE does not contemplate
protecting against insider threats. But yeah, we are at the mercy of
the janitors, and rogue engineers.
--
EOT
Gallian
2021-02-06 10:48:45 UTC
Permalink
Post by Juancho
So now $WORKPLACE has reverted to document critical passwords on post-it
notes attached to the monitors.
Could be worse.

Management could have met a salesman for PloreNex.

Mart
--
Nobody surrenders to the dread pirate Wesley
The Horny Goat
2021-02-06 16:43:42 UTC
Permalink
Post by Juancho
I need to vent.
It was standard procedure, at $WORKPLACE, to document critical systems
through email. Including the passwords to administer such critical things.
That was a custom from before the horrible times of BYOD came upon us.
And then people began to connect shitty mobile devices to see their
email on those. And people use their smartphones to "try new apps"
and dick around.
I guess you can see where this is going...
Yeah, to a hacked mailbox which led to a massive breach of critical
systems by compromising the password of a superuser account (which was
25 random characters long).
So now $WORKPLACE has reverted to document critical passwords on post-it
notes attached to the monitors.
Well, at least post-it notes are not remotely hackable...
As opposed to falling off the monitors, landing on the floor and
getting sucked up by vacuums. On our store floor we have the password
for the Canada Post shipping app printed on a P-touch label stuck to
the side of the monitor. (We routinely get asked for tracking numbers
by mail order customers as the post office app that is SUPPOSED to
auto send e-mails with tracking numbers doesn't always work as
advertised...) For more critical things I keep these handwritten in
my personal diary which I keep under a stack of papers at my desk.
This stack is seldom under 6" deep.
Mans Nilsson
2021-02-20 07:49:36 UTC
Permalink
Post by Juancho
I need to vent.
It was standard procedure, at $WORKPLACE, to document critical systems
through email. Including the passwords to administer such critical things.
Luser behaviour, luser outcome.

There are several <UI> that state they're "safe" while offering
"pybhq" synchronization (ie. possibly eventual consistency, sometimes,
later, perhaps. if you're lucky. Written by a poser who thinks that
"low-level communication" is not using a "senzrjbex" to do ones WFBA-ECP)
but being the die-hard "I want my own mistakes" person i've installed
cnffjbeqfgber.bet which is as close to usable as it gets.

The yellow stickie method is OK, but a personal little black book,
under lock and key, is more appropriate. If you want no accountablity,
do go on, of course.
--
Måns Nilsson primary/secondary/besserwisser/machina
MN-1334-RIPE SA0XLR +46 705 989668
On the road, ZIPPY is a pinhead without a purpose, but never without a POINT.
Juancho
2021-02-26 20:51:41 UTC
Permalink
Post by Mans Nilsson
The yellow stickie method is OK, but a personal little black book,
under lock and key, is more appropriate. If you want no accountablity,
do go on, of course.
The notebook under lock and key is great, but not very operative when
that superuser password has to be "reachable" by a team of four engineers,
on an as-needed basis.

In these times of "agile", I think nothing is going to beat the post-it
note as a locatable, off-line, sharable and unhackable --and of course,
"agile"-- device.

Attack vectors are it not being sticky enough and getting lost, and
camera phones of rogue persons reaching the sancta sanctorum.

Accountability, of course, be damned and sacrificed on agile's altar.
--
EOT
Mans Nilsson
2021-02-28 11:56:39 UTC
Permalink
Post by Juancho
The notebook under lock and key is great, but not very operative when
that superuser password has to be "reachable" by a team of four engineers,
on an as-needed basis.
<UI deleted> has personal root principals, restoring accountability at
the cost of making crusty old men like yours truly happy and having to
give each luser a little black book.
--
Måns Nilsson primary/secondary/besserwisser/machina
MN-1334-RIPE SA0XLR +46 705 989668
Being a BALD HERO is almost as FESTIVE as a TATTOOED KNOCKWURST.
Niklas Karlsson
2021-02-28 12:07:20 UTC
Permalink
Post by Mans Nilsson
<UI deleted> has personal root principals, restoring accountability at
the cost of making crusty old men like yours truly happy and having to
give each luser a little black book.
It's good to be back at a Xreorebf/NSF shop.

Niklas
--
Chancellor Angela Merkel arrives at passport control in Poland:
"Nationality?" asks the immigration officer. "German" she replies.
"Occupation?" "No, just here for a few days."
-- Via John Forster
Wojciech Derechowski
2021-02-28 13:25:09 UTC
Permalink
Post by Niklas Karlsson
"Nationality?" asks the immigration officer. "German" she replies.
"Occupation?" "No, just here for a few days."
There is another side to this joke, the one you are probably too stupid
and ignorant to see: s/Angela Merkel/Vladimir Putin/ is equally funny.

WD
--
Who is Entscheidungs and what is his problem?
Niklas Karlsson
2021-02-28 13:39:53 UTC
Permalink
Post by Wojciech Derechowski
Post by Niklas Karlsson
"Nationality?" asks the immigration officer. "German" she replies.
"Occupation?" "No, just here for a few days."
There is another side to this joke, the one you are probably too stupid
and ignorant to see: s/Angela Merkel/Vladimir Putin/ is equally funny.
Okay, if you're going to accuse me of stupidity and ignorance on such
flimsy grounds, you can fuck off.

I have indeed seen the joke in both variants. I don't see that it
matters much, because It's. A. Joke.

Niklas
--
A medium apple... weighs 182 grams, yields 95 kcal, and contains no
caffeine, thus making it unsuitable for sysadmins. - Brian Kantor
Juancho
2021-02-28 15:29:51 UTC
Permalink
Post by Wojciech Derechowski
There is another side to this joke, the one you are probably too stupid
and ignorant to see
Ououooh, have you misplaced a post-it note recently? Beware some are not
very sticky.
--
EOT
Wojciech Derechowski
2022-02-28 15:23:06 UTC
Permalink
Post by Juancho
Post by Wojciech Derechowski
There is another side to this joke, the one you are probably too stupid
and ignorant to see
Ououooh, have you misplaced a post-it note recently? Beware some are not
very sticky.
This one is, don't you think?

WD
--
Who is Entscheidungs and what is his problem?

Loading...