That’s the dream. After years I finally got serious about learning/implementing VLANs and have begun to isolate everything out/properly firewall them. Most of the smart home stuff is already Z-Wave/Zigbee, but the few devices that aren’t are mostly already migrated onto a dedicated IOT network, as is the hubs, where only devices that have business talking to each other can even see one another.

I have yet to play with tailscale, but it’s on the list.

I like smart home stuff. I hate my privacy being invaded. It’s a very thin line to walk.

A company recently released a product that promises to be Matter compatible. By the time the product arrived, they edited their product description to say it worked with Matter if you bought their always online hub, created an account, let their hub talk to the internet, and then installed their internet-connected plugin to Home Assistant. (So it’s not that HA talks to these devices, or that it talks to their hub. It logs into the company’s servers to get the current state of the device.)

I wrote a review outlining this. An AI bot sent me a message offering me additional products from this company. (Ha!) And included the line “We strictly adhere to data protection regulations” … in the U.S?

Laughably misleading.

I’m in IT, but not that kind of IT.

Last week I afflicted myself with the Location Services are turned off bug by installing the 23H2 update to duplicate an issue a user in my work area was having.

When I called desktop support, we could not replicate the issue after he remoted in.
He closed the Remote Desktop connection, and the issue reoccurred.
He remoted in. The popup vanished as soon as he connected. We couldn’t replicate the issue. He seemed dubious now. He disconnected. It occurred. I got a screenshot. He reconnected. We looked at the remote connection settings. Remote connections were set to override location. Disabled that. Issue presented. We both had a good laugh.

Everybody hates the government, but that take is not applicable.

Reading the incident report -
A privileged user got spearphished into downloading a compromised system administration tool. After the compromised tool was detected by industry standard (and modern) intrusion detection software and removed, the backdoor it installed, which was not fixed, was (eventually) used to install a keylogger. Shortly thereafter, another privileged user had a keylogger installed. Afterward, the harvested credentials were used to create further compromises in their network and to move laterally throughout it.

The age of the equipment or software is not a factor when your admin accounts get compromised. The user that got compromised should have known better, but they literally failed one thing - double checking the veracity of the download website. They didn’t surrender credentials, or fall for any direct attack. It’s not really a government bad, private industry good sort of thing. Heck, if that had happened to a non-admin user, the attack wouldn’t have been possible.

The why is sort of at the limits of my knowledge. I can tell you a ‘close enough’ what, though.

By default, Windows tries to install programs to the program files directory, but that requires admin, which triggers user account control. However, apps that do not require admin to install or run can still be installed to the users profile. Clicking cancel from a UAC prompt will just try to install the program locally instead of for all users.

My assumption is that many system administrators believed UAC was enough, or that programs installing locally (as in, just for that user) and not requiring admin were not a big deal.

I know. I was just seeing if you would notice. awkward laughter

(But thanks, I was trying to wing the conversion and started off with 3.3ft =1m and then did the numbers meme while my fingers typed gibberish.)

I have an FDM printer (Ender 3 clone) that is mostly 2020 aluminum extrusion as the frame. A few years ago I found some 2020 on sale and built a set of shelves for my wife’s plants out of it. (Now - I know. It’s not the most economical use of materials, but it was the middle of winter, and I didn’t want to go work in the garage. Plus the 2020 was on sale.) It’ll support a slew of plants over a 4-foot span (~1.2m) without any sagging or other concerns. It can be wobbly side to side, but that’s a matter of bracing and connectors.

My first Linux issue was that it didn’t support the USB hub I had at the time that was just always plugged into the windows machine I was installing Linux onto. So in 2003, I took my bulky tower to a friends house and it booted on the first try after weeks of failures trying on my own at home.
I was both relieved, and incredibly annoyed.

My overactive imagination: They used a speargun designed to fire RJ-45 shaped bolts through walls, pulling high tensile strength networking cable with it.

Many years ago, I discovered that my then-employer’s “home built” e-commerce system had all user and admin passwords displayed in plaintext at home/admin/passwords.

When I brought this to the attention of leadership, they called the “developer” in and he said “oh, well, that’s IP locked, so no one on the web can access it!” When I pulled it up on my phone, he insisted my phone was on the work WiFi, despite it being clearly verifiable that was not the case. (The same work WiFi that had an open public connection, which is the one my phone would have been on, if it were on it…)

He did fix that, but many other issues remained. Eventually a new COO hired someone competent as his ‘backup’, replaced our website and finally suggested he pursue other employment opportunities before he could no longer voluntarily pursue them. (There was concern he might sabotage.)

He’s a sweet guy. … Mostly. Very much in need of a lot of attention. Sometimes he just sits next to you on the couch and puts his paw on you if you’re not giving him enough attention.

Here he is posing with his sister as a prop:

This made me laugh so hard one of the dogs came to check in on me.

Oh, snap, bringing me the magic I need, but didn’t know to look for.

I’ve been refusing to update because of video station. Looks like I’m saving your comment for later.

The advice I needed and have not been able to find. I could kiss you. Or at least give you a fond nod.

The first time I ever experienced this was in a printshop with a bunch of older guys who were definitely not computer illiterate, but all gathered around the monitor for the server that ran our RIP/platemaker to watch commands appear in the terminal when I remoted in from my computer to do something or other. (They would go into the room and work directly on the machine, but it was loud in there and smelled funny, so I remoted in.)

They made jokes about me being a hacker, and although being distinctly boomer-ish, it was high praise coming from some of the smartest people I’ve ever worked with.
(I’ve worked with more accomplished people, and more highly educated people, but not with folks who had built a successful business that dealt with a variety of complex tech from the ground up with their own knowledge and effort. It was a bit charming to have them wowed by such a simple thing.)

But then, as now, it won’t understand what it’s supposed to do, and will merely attempt to apply stolen code - ahem - training data in random permutations until it roughly matches what it interprets the end goal to be.

We’ve moved beyond a thousand monkeys with typewriters and a thousand years to write Shakespeare, and have moved into several million monkeys with copy and paste and only a few milliseconds to write “Hello, SEGFAULT”

You’re one of the founding members of the greater Seattle area polycule, aren’t you?

Well, I just realized I completely goofed, because I went with .arpa instead of .home.arpa, due to what was surely not my own failings.

So I guess I’m going to be changing my home’s domain anyway.

That’s the reason I killed IPv6 on my network.

Only when it’s traumatizing.

Things that seem to go well and then later need intervention are the worst.
Suddenly I’m Gandalf: “I have no memory of this place.”