Give us the cheat codes to your industry/place of work!
I work in information security.
Don’t use biometrics to secure your devices. Biometrics are a convenience feature to make it easier to access your device. Biometrics are NOT security. You can be compelled to unlock your device by having it pointed at your face or your finger forced onto the reader. Don’t do it.
Use 2FA/MFA everywhere you can. If it’s an option, turn it on.
Use a password manager that generates strong passwords and use a different password for every service you use.
Update, update, update. Allow your devices, OSes, and software/applications to update automatically.
Talk to your parents about safe surfing. Tell them that their bank won’t send them an email or text asking them to send personal information. Set a password with your family to identify them if they are in trouble and need help. Tell parents and grandparent not to send you bail money to get you out of jail in Morocco.
Teach your kids that everything they post on the internet is public and permanent. Teach them that if they do something that they think will get them in trouble and someone is blackmailing them that it’s better to tell you and ask for help than to give in to the blackmailers.
Regarding biometrics, I’ve felt that one advantage is that if I’m in a public space, I don’t have to worry about someone watching me enter my password over my shoulder. If I got into a situation where someone is physically overpowering me to get my finger onto my device against my will, I’m probably going to give them whatever password they want so I don’t get a beat down.
That’s a threat and risk assessment. You’ve decided you’re willing to accept the risk of anyone being able to unlock your phone. For me, I’m not really worried about someone in the street strong arming me. I’m more worried about a state actor, border guard, police officer, etc demanding that I unlock my phone. They can physically compel you to unlock your phone by pointing it at your face or putting your finger on the pad but they cannot compel you to give them your password.
I’m probably preaching to the choir, but for those who don’t know, at least on an iPhone and I’m sure android has something similar, if you foresee the situation coming you can just hold the sleep/wake button for a few seconds (even while your phone is in your pocket) and it will require the passcode and not allow biometrics.
Edit: my memory, it’s the sleep/wake button and volume down. Similar to android as per the below.
For android it’s power+volume up to bring up the power options menu (shutdown, restart, etc) and there is a “lock down” option that disables biometric unlock.
Wish I could do it with one hand, but good to know it’s there.
I definitely see your perspective, but mostly wanted to make sure I wasn’t overlooking some obvious downside in my risk assessment.
I figure my chances are low that I will get into the situation where an authority demands access to my phone but I also don’t have the opportunity to lock out biometrics. Like if I get pulled over I just hold power and volume up buttons for three seconds and biometrics is off. That said, it certainly doesn’t eliminate my risk completely, and I wouldn’t consider anyone crazy for just opting out completely.
The other problem with biometrics is you can’t change them. With the OPM breach a few years ago they lost 5.6 million finger prints. Those finger prints are now useless since they are in the wild and can’t be changed. Not a problem for your average phone user but in my world that’s a really big deal. In my world biometrics are a convenience and convenience is bad for security.
As long as you’ve considered and accepted the risks you’re good.
Time to start using the middle finger, until the next data breach. Then the ring finger.
Can I use my dick head?
“You want me to unlock my phone? I used the head of my erect penis. I’m not going to get it up myself. Knock yourself the fuck out.”
Allowing apps to update automatically often means that advertising and feature removal or nerfing, etc., can happen. Checking manually has saved me a lot of grief.
That’s my expert opinion. Take it or leave it. It’s your device.
I finally let my phone do some app updates the other week, my banking app now displays full screen ads for their credit cards, conveniently right as you go to click the transfer button.
I don’t update shit anymore. I update my OS and apps on my desktop, but my phone is now being actively neglected in regards to app updates. Every single app update breaks something, removes a feature, or brings ads into the picture.
A verbal secret passphrase to identify yourself to your family would be pretty smart.
Yup. Also having an agreement that an X from any family member means they are uncomfortable or in trouble and you should call them in one minute, tell them that there is an emergency, and you need to pick them up right now. Get them safe and don’t ask questions unless they want to talk.
Cybersecurity
If you have anything worthwhile on your PC, you should really buy your own router instead of using the one provided by your ISP.
I’m actually looking for a router right now, do you have a particular one or few you’d recommend?
I was thinking about going with one of the companies that preinstalls openwrt and trying to learn that, but idk much about openwrt just yet.
Ubiquiti unifi: pretty preformant while being dead simple to set up. No licensing fees but upfront price is steep. If you really get into networking you will find their hardware and software stack limiting especially if you need speeds greater than 25 gigabit.
Mikrotik: single handedly the best value out there. Their OSes can be confusing at times and you may need some CLI skills to do everything but it’s a good learning platform.
Opensense: highly flexible where you can tailor your experience to exactly what you need. If you are the type of person who wants all of the bells and whistle along with fine granulated controls this is your option.
Openwrt: a good choice if you already own a supported device but I personally wouldn’t go out and buy hardware for openwrt when opnsense is a better option.
Cisco: there are two types of people who buy Cisco, those who are obtaining their CCNA and those who have their CCNA.
tp-link omada: directly marketed as a ubiquiti unifi competitor but cheaper. Being a new line of products it’s not really time tested. I’ve heard very polarizing opinions on them so your milage may vary.
meraki: Cisco’s other brand. Sometimes you can get their hardware for free because they make all of their money off of the licensing fees.
Thanks I’ll check these out!
I always have a firewall inside the ISP device. I also have segmented network with the devices I mostly control on one network and the devices that the manufacturer mostly controls on another.
So everything in one and nothing in the other besides (obviously) your Linux PC/server? /s
Something like that. Hardened personal devices in one and things like TVs and game consoles in the other.
currently my only option for internet is by tethering my phone mobile data. i do it with a usb hotspot. i have a wifi router but it seems unnecessary, complicated and slower than usb, so it is not currently in use. it’s an android phone and a linux computer but i don’t feel i know enough about either device or networking in general. should i be worried or do things different? i don’t have much that’s important. i still fear i might be doing things wrong.
Software development here. Never, ever, connect your appliances to the internet, and check whether appliances you buy have an offline mode as some are now aggressively forcing users to connect in order to use them.
What’s your reasoning for this?
Anything better than using a vlan to separate these types of devices from the rest of the network?
They are programmed as cheaply as possible and manufactures don’t care once you buy a product so it’s just a matter of time before it becomes part of someone’s botnet, using your power and internet to harass some server somewhere.
As the other reply mentions, aside from these devices representing a security vulnerability, there have been numerous cases where the devices themselves got hijacked. In some cases they can even get bricked via updates. There’s also a privacy concern with these companies collecting data on how you use the device.
Does this also apply when not using the official app? I recently bought a Phillips bulb (not Hue) and set up Home Assistant for it, along with the Matter bridge. This turned out to also connect it to the Wi-Fi, but I never installed a manufacturer app.
Would blocking internet access via parental controls on the router be enough to mitigate such threats, or is its mere presence in an internet-connected network dangerous?
The itself app isn’t typically the issue. It’s the remote server that the appliance and the app connect to that’s the problem. What happens is that the appliance uses your wifi to talk to the company server, and that server pushes updates to it, does tracking, and so on. As long as the appliance can’t connect to the internet there’s no danger from it. Typically, the best approach is to avoid configuring the connection in the first place.
Can’t imagine this is relevant to a lot of folks here, but corporate event audio visual:
Don’t use the audio visual company that’s “in house” at a hotel. They’re paying nearly 50% commission for the privilege of being there and getting business shunted to them, so only half of what you pay is going to goods or services.
That said, make sure your hotel contract leaves you free to bring in an outside vendor without having to pay too many fees. Cross out any lines related to things like “load in/out liaison,” paying for polytak floor covering, or paying some percentage of your outside AV bill to the in house company. It might help to include a proactive clause like “client will not be charged any fees for bringing in our own audio visual partner”. Include a line that you won’t be required to pay surcharges like “event technical support” which is just a “we’re charging you a fee” fee.
You will still have to pay the in-house AV vendor for any power, internet and rigging. For internet, confirm what your rate will be before signing the contract. We see a lot of cases where they’ll say “the meeting room wifi is discounted (free) if you use us for AV too, but if you don’t it’s $20k” (actual number, and could be even higher) Once you sign without negotiating they’ve got you over a barrel.
If you already have a contract you may be able to mitigate these issues by leaning on your hotel salesperson. Trying to negotiate with the in house AV rep will usually be ineffective (sometimes they’re cool). The hotel is the in-house AV vendor’s number one customer, so if the hotel says they need to do something, they’ll do it. Usually leaning on your hotel salesperson after signing a contract only works if you have some leverage like potential for future business.
Yeah, the main company for most hotels literally got the exclusive contract by bribing the hell out of all of the hotel owners/executives. And they were so notoriously shitty that they bought a smaller company a few years ago, just so they could change their name to the smaller company’s name and attempt to sidestep lots of the bad reputation.
And to add to that an outside vendor will almost always provide a better result because they actually have to work for their jobs, rather than their jobs being given to them. They also have to work in more venues so they are more flexible and able to customize your AV to meet your specific needs. Many of these in house crews have only a couple setups that they will do for a room and if your setup doesn’t fit that preset, tough.
The only downside is, because their shop is not on site, last minute add ons are difficult if not impossible to do. So make sure you account for everything that is happening and communicate it with your AV company so they can spares for any last minute add ons you may want.
Good points! I know my last couple jobs have had “partner” companies that were similar to us in each major metropolitan area. So if we had a pop up request beyond the backup gear we packed, we could still get it from a warehouse less than an hour away. (And there’s always the wholesale rental houses like Rentex)
Tax Accountant in U.S.
You don’t need a CPA (and I say this AS a CPA). Don’t get me wrong, if a CPA’s primary experience is in tax, they will do just fine. But you don’t NEED one. Even if your tax situation is complex. An Enrolled Agent (or EA) goes through a rigorous testing process and is run by the IRS. A CPA also goes through a rigorous testing process but it’s 4 parts and only one is tax. An EA exam is 3 parts and it’s ALL tax. So if your tax situation IS complex I recommend one or the other…but an EA is highly qualified and often times less expensive.
All that said… neither is necessary but make sure your tax preparer is at least certified and either is required to take annual continuing education or does so regardless. Tax laws change all the time. EAs and CPAs have CPE requirements…so if ur preparer isn’t one of those, make sure they’re still learning the new stuff. All a person needs to file another persons tax return is a number called a PTIN and literally anyone can pay a fee and get one.
And if you can handle filing yourself (which the vast majority can easily do, and I would rather they do so because why throw your money away if you don’t have to) the IRS is expanding their guided free file program for 2024 to the whole United States (it was in limited testing for 2023) and many states are expected to sign on so you can get fed and state taxes filed for free. IRS.gov has more info on all that.
…what’s a CPA?
Certified public accountant
I work at a gas station—take note of your damn pump number.
You can freeze chips/crisps indefinitely. I used to work for Frito Lay. Just thaw them when you get close to snack time. Of course I never do this because I just eat the chips I have at home.
ITT: shit tons of IT people. does anyone on lemmy not work in IT? yikes
IT folks are exactly the people who will be early adoptors of technology. If lemmy can start growing to something approaching an early majority, then we’ll see a big shift in the demographic of the user base. Unfortunately, that’s a huge gap in expansion.
Well, I’m just an anti-capitalist non-tech person. I barely know anything about what most people seem to consider basic tech knowledge. Fuck that weird pedo ceo of Reddit, fuck that company, fuck corporate greed in general. I’m just here to avoid being forced to take ankther company’s vampiric bullshit.
Fair enough, glad you’re here!
I’m in IT also.
Brewer
Geologist checking in.
Although, I don’t know what LTP means in this context. In my world, it’s “Long Term Planning”.
I’m one of the few that don’t work in tech but it’s arguably the hobby I spend the most time (and money) with so I’m not sure if I really count. I work in emergency management & specialized response services.
Fancy way to say you’re on a peak truck!
Set lighting technician here
I’m not saying I’m in IT, but I’m tired and read the question and thought, “Why are they asking about printers?”
Comstruction:
If you want to build the best building you gotta know every detail about how it’s made, which you can only get close to by hiring competent consultants (i.e.: architects, engineers, etc) Because if you’re not specific about what you want, you can bet your ass you’re getting the cheapest version.
The first rule of comstruction: attention to detail. Got it!
HVAC, most maintenance check ups are scams. Very little in residential air conditioner/heat pumps needs any up keep. All the motors are sealed and you’re better off not putting gauges on a system unless there’s an actual issue.
Change the air filter every three months, and in the spring shut off the outside unit, and hose off the coil fins of any debris trying not to spray anything electrical looking. Wait a couple hours and turn it back on. YouTube probably has videos.
Can I pester you with a question? Feel free to tell me to get bent because I know your time is worth money and this is just the internet. We have a new Trane system that was flawless when it was first put in, but over the past five months the blower has started making louder and louder vibration noises. Almost like it’s slightly off balance. If it was an older system I wouldn’t think twice, but it was dead quiet at first, just the sound of moving air pretty much.
Part of me wants to open up the cabinet and just see if there’s some sort of vibration pad that’s gotten loose, but I also don’t want to to void a warranty, or something. It seems so trivial a thing. We live in the boonies and a service call is pretty onerous for a tech. I thought maybe there could be balancing weights, like a car wheel or a lawnmower blade, but your comment about motors being sealed is making me think twice.
Opening up the panel to the blower area won’t void the warranty. ( not that I would tell anyone you opened it, because disreputable companies will make a stink even though its legal.)
It’s possible a mounting bolt came loose (simple fix). There isn’t anything to balance on any of the blowers I’ve ever worked on. So that leaves a bearing going bad in the motor. Or the set-up being out of balance and it destroyed the bearing. Either way, you should put in a call to a company that is authorized to do warranty work on Trane. If your not sure call their 1-800 number and ask them to recommend someone in your area.
Now, if they recommend only replacing the motor I would ABSOLUTELY make them show you the blower running after they replace the motor. So you can see for yourself that the blower isn’t out of balance. I’ve known way to many lazy mechanics that would just replace the motor, because replacing the whole cage is a royal PITA.
Thank you. It’s a new construction and the builder seems to generally pick really good subs, and I’m pretty sure whoever installed it did the entire house, so they should be familiar with it. I’ll give them a call.
Edit: Update to this. I cut the circuit breaker and opened the unit and something was clearly wrong with the blower motor. Mountings and bushings etc all looked fine, but rotating the blower manually was rocky. It seems like a bad bearing or something but I’m no expert. The tech came out and confirmed in about 15 minutes the blower motor needs warranty replacement. Unit is less than 8 months old, he said it’s rare but he’s seen it before. I kind of want to do a teardown but not enough to buy it. Tech said it was OK to run, and I did that up until yesterday when it sounded so bad I was afraid it was going to grenade the whole box and stopped using AC. Temps close to 100F so hopefully he gets to it soon. I’ll be sure to have him run it before he leaves. Thanks again.
I would add water softeners to this. Just installed one for a mate and bloody hell they’re so low maintenance. Step one, add salt. That’s it.
I know of three other people that are locked in to maintenance contracts for the next three years
Self-storage. Try not to start rental during the summer/spring, prices are way higher than winters. If you’re storing short term with items that are easily bought new, I would suggest just getting rid of them and buying new. I see a ton of people who store thinking they’ll be out in 3 months and end up staying a year and spending way more than the items were ever worth. This is especially true for home renovations, those take up at least 50% more time than you think they will. If you smell something funky throughout a large part of the floor, don’t store on that floor. It’s most likely caused by mouse issues. Try to store in an elevator access unit instead of ground level. They’re usually more secure, tend to not have mouse issues, and end up cleaner because they’re lower traffic.
I hate that just throwing out all your shit is more cost effective
… Also would be pretty true for long moves.
Possible partial solution: Just minimize the shit you own.
I’m a philosopher, nothing matters, so stop worrying about it and live your life the way you want to live it.
You put the peeps in the chili pot and make it taste…bad.
The beautiful thing about life having no sense is that you are free to give it the one you want.
I work in the magical world of ISPs. If you’re having an internet issue, reboot your router and/or modem before calling in. It may not seem like much to you, but many background processes happen when you do so. This can be useful to troubleshoot where the issue lies. There’s a reason why techs will make you do so when calling in. And yes, they can tell on their end if and when you do so. So don’t bullshit them by saying you already did it if you didn’t.
Yeah, but we all know that no matter how many times that I have already done, tech support won’t talk to me until we do it again together
If I had a nickel for every time a full power cycle fixed it all, I’d be rich. However, if you did power cycle before and call in again, often it’s an issue that needs deeper investigation. In that case, the tech can likely watch the process of your equipment coming online in realtime to see where the issue is happening. Network entry, authentication, package application, DHCP, it can often be monitored as it’s happening. A reboot while on the phone starts the process right from the beginning so it can be monitored to determine what happens immediately and what happens after it sits for a while.
I work in tech support. An error I haven’t seen doesn’t exist. So yes, I’m going to re-trace the trouble-shooting steps with you.
90% of the people who call in haven’t done it, but claim they did. Because they think I have a magic tech wand that can find and fix all problems, and that I just make them go through the motions because I’m lazy.
I feel like some people “lie” about rebooting their modem simply because they don’t know how to reboot it
- Unplug the power
- Wait ~30 seconds, just to ensure it’s good and off
- Plug it back in
Fortunately there are no commands to enter or buttons to click. They’re designed to handle losing power.
Corporate IT: I see nearly everything you do on your computer. I can see exactly how long what application is open. If I ask you to restart your computer, you don’t, and you somehow get me in front of it, restarting it better not fix it or your next ticket is gonna be low priority no matter what. If you want in with IT, always open a ticket and include as much info as you can clearly convey. Snacks and bribes won’t always work with those of us who are very antisocial.
Snacks and bribes won’t always work with those of us who are very antisocial.
Always ask the person you are trying to bribe what they like to be bribed with.
Can you hijack the camera and see us too?
Yes, of course. Though your camera light would alert you of the usage, unless of course, your IT guy ordered a camera that can deactivate the light via software (or simply opened the camera and yanked the light)
No and if I found a way I would file a report against any other IT agent who did. That’s invasion of privacy IMO. Microsoft can tho, remember the Kinect?
or your next ticket is gonna be low priority no matter what.
That’s childish and won’t ever cause a change in their behavior.
Bonus points if they show management the ticket that’s stalling a project from progressing and has been sitting on your desk for 2 weeks.You say that like it’s the one “high priority” ticket that the one big project is waiting on. In a sea of backlogged high priority issues attached to critical projects, being an asshat means that yours will be at the bottom of the 100 other super-important, my job-is-special tickets.
BUT MY SLIDE DECKS
I will prioritize nicer clients (assuming the issue is equal as fast to solve) if they are more pleasent to work with.
Stalling a ticket here means a day, not two weeks. I have 72 hours to respond at a maximum before I get penalized. We are worked so fast here the skin flies off your bones.
I’ve dealt with my share of PC issues and apart from digging in and writing scripts, I’m an advanced end user. One time le tired IT guy needed to remote in for some issue I didn’t have appropriate access to deal with. He seemed rather startled when I opened notepad and said “Hi!”
I also swear I began to get more difficult to recognize fake phishing attempts shortly after.
Dave, if you’re reading this you never caught me with one! Gotta try harder!
Theatre tech. Show up on time. Sometimes shows don’t take late comers even with a bought ticket. And it’s bothering everyone else, artists included.
If the venue has a bar, stay for a drink. Like everyone else, artists (and techs) love to have a drink after a hard day at the office.
