Ontopic Random Computer-Electronics Thread

[fly]

Well, theyre not giving the admin password to everyone
Theyre making a specific account that engineering will control
Theyre just worried about managment realizing theyre useless

Coming from the other side, I don't think that's the reason. They're just trying to prevent more work from you guys. And btw, its a slippery slope. Once it gets out that you guys are doing it, everyone else will as well. And now the chicks in HR can install the new Crystal Crash game, or whatever the fuck they're playing. And now ticket volume will have tripled, and tickets will now be taking two weeks.

 

[fly]

No I get that but I'm saying if there's that much lag time for tickets then an alternative solution is called for. Otherwise you end up departments going to management to demand admin privileges and you lose any reasonable control over that segment of the network.

If security is so strict that the users are having to work around it then the security measures become counter productive. Accessibility is just as important as the rest of the triad.

Agreed on ticket times. I'm shocked there isn't an SLA in their agreement with this company.

 

[my little brony]

Well, theyre not giving the admin password to everyone
Theyre making a specific account that engineering will control
Theyre just worried about managment realizing theyre useless

And this is the kind of solution that, to me, causes more problems. Now you have a shared account with higher privileges that presumably the entire department will have access to. Even if only a few people have it then they've lost any semblance of non-repudiation.

A better solution is selecting a few users from engineering that are trained or knowledgeable in IT stuff that can receive elevated power user accounts. They can still accomplish simple tasks but each one maintains responsibility over their own account.

Otherwise what's almost certainly going to happen is one of you gorillas is going to just log in to their computer with the engineering account every day

 

[my little brony]

Coming from the other side, I don't think that's the reason. They're just trying to prevent more work from you guys. And btw, its a slippery slope. Once it gets out that you guys are doing it, everyone else will as well. And now the chicks in HR can install the new Crystal Crash game, or whatever the fuck they're playing. And now ticket volume will have tripled, and tickets will now be taking two weeks.

Any decent IT department should have a software whitelist running at the domain level that prevents stuff like that being installed.

Granted most of that stuff happens in the browser anyways

But I see what you mean, it can cause more problems than it solves

 

[Mean Mr. Mustard]

Yeah if they would respond to a ticket request in a timely fashion, none of this would have come to a head.
I mean, theres like 10 of us here, the ticket volume is going to be small, even if we do fuck shit up.
But waiting days on end just so some asshole can remotely update my makerbot software is fucking ridiculous.

 

[Mean Mr. Mustard]

A better solution is selecting a few users from engineering that are trained or knowledgeable in IT stuff that can receive elevated power user accounts. They can still accomplish simple tasks but each one maintains responsibility over their own account.

This is actually the case, one person will have control of the account.

 

[APRIL]

Agreed on ticket times. I'm shocked there isn't an SLA in their agreement with this company.

SEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE What did I tell you?

 

[my little brony]

This is actually the case, one person will have control of the account.

Ah, much better, then. We did that on larger bases where each unit sent a couple soldiers to get training and sign forms saying they'd behave in order to do simple shit like password resets so people wouldn't have to walk halfway across the base to the help desk.

I just loathe the notion of shared accounts on principle.

 

[fly]

Any decent IT department should have a software whitelist running at the domain level that prevents stuff like that being installed.

Granted most of that stuff happens in the browser anyways

But I see what you mean, it can cause more problems than it solves

They can't answer tickets and you want a whitelist? I've never seen a company do a whitelist, as its a nightmare to manage.

 

[my little brony]

They can't answer tickets and you want a whitelist? I've never seen a company do a whitelist, as its a nightmare to manage.

I WANT EVERYTHING

I've seen them managed fairly easily. It's not like it should change that often

 

[Domon]

Ah, much better, then. We did that on larger bases where each unit sent a couple soldiers to get training and sign forms saying they'd behave in order to do simple shit like password resets so people wouldn't have to walk halfway across the base to the help desk.

I just loathe the notion of shared accounts on principle.

it sounds like one person in engineering (who hopefully has some guidance and training) will be a DTA (designed transfer authority) who can download shit for the org at large.

 

[Domon]

My concern with all this Xiami gear is battery life. Its easy to make a cheap rf device that spits a couple of bytes back occasionally with off the shelf chips.

It takes some diligence to properly code it so it doesnt eat the whole battery every 6 months.

 

[gee]

At the place I'm at, people like me in R&D have admin accounts so we can install drivers, development tools and other shit that we need to do our jobs. It's understood that we know what we're doing, and we're responsible if we fuck something up.
People on the production line don't do those things, so they've got ordinary user accounts.

Pretty damn simple.

 

[Mean Mr. Mustard]

At the place I'm at, people like me in R&D have admin accounts so we can install drivers, development tools and other shit that we need to do our jobs. It's understood that we know what we're doing, and we're responsible if we fuck something up.
People on the production line don't do those things, so they've got ordinary user accounts.

Pretty damn simple.

And that would be perfect here as well
Whats frustrates things, is that I used to work at NASA, inside the gates, had access to all kinds of stuff, and our machines were less locked down than where Im at now.
Pure insanity

 

[my little brony]

it's also pretty easy to isolate those parts of the network that have users with elevated privileges

you need admin access to all your machines for special snowflake software? great, you're living behind a DMZ

 

[fly]

My concern with all this Xiami gear is battery life. Its easy to make a cheap rf device that spits a couple of bytes back occasionally with off the shelf chips.

It takes some diligence to properly code it so it doesnt eat the whole battery every 6 months.

My entryway motion device seems solid. It's been about a month and still at 91%. The temp sensors shipped with low batteries, so I'm replacing them. It's just 2032 coin batteries, so its not like its going to break the bank.

 

[fly]

And that would be perfect here as well
Whats frustrates things, is that I used to work at NASA, inside the gates, had access to all kinds of stuff, and our machines were less locked down than where Im at now.
Pure insanity

You expect the government to know its ass from a hole in the wall?

 

[Mean Mr. Mustard]

the hole in the wall is where they ran the cat5 through

 

[Mr. Argumentor]

the hole in the wall is where they ran the cat5 through

I thought that's where the men can see it all?

 

[Domon]

the hole in the wall is where they ran the cat5 through

and it terminated in someones ass?