Yep totally. The documentation is downright wrong so much more today than it used to be. It's all written like they pawned it off on a junior engineer, who then threw shit at the wall until they got it working, then that process becomes the official documentation.
And don't get me started on Copilot hallucinating Powershell cmdlets.
With support it's become kind of a game to see how quick you can get to T2. My tactic is to passive aggressively point out how their first response shows a complete lack of understanding of the topic, then directly request escalation.
The reality is they probably don't know the full scope or root cause and are going off of limited reporting coming from their beta channels.
But they likely determined the impact was low enough that they could still ship the update while they investigate further.
There are similar known issues reported in the update KBs all the time that sound much worse to me as an admin but are as equally low impact in the end. But they're not as easy for the layperson to latch onto like these low-effort "VPN no worky" articles.
Regardless, none of this absolves IT of the responsibility of testing patches.
Exactly. Everybody on Lemmy a couple days ago was acting like the sky was falling when all we had were these one-paragraph FUD articles quoting Microsoft's own KB article. Most people commenting have no clue that "VPN" is a broad term covering at least a dozen different possible protocols and acted like Microsoft was intentionally breaking all VPNs.
The only thing I found was a reddit thread talking about how some VPNs using TPM-backed certs were broken. I, for one, am using an IPsec VPN with certs stored in TPM on one of the affected versions of Windows 11 and have had no problems. Nor have I had any issues with SSL or Wireguard-based VPNs, so it does just seem to be a fringe case they're warning about.
So Microsoft is just giving a heads-up that IT should probably include VPN testing in their patch cycle test rings and all the anti-MS people are losing their shit.
ASAs are still way more prevalent than they should be when Palo Alto and others are much better options. Still, I'm glad I barely have to deal with them any more.
I like returning 418 instead of 404 or 403 on the files the script kiddies are hunting for on my web servers. I'm sure it does nothing but I'd like to think I've wasted some of their time at least once.
There are two different, and only slightly related, things here:
Access to company data through your phone (via Teams, Outlook, etc)
Using your phone as an MFA device to access company data, even on your work-issue laptop and to access browser-based SaaS apps like your payroll system.
The first absolutely can and should depend on the age of your device. MAM or MDM policies combined with Conditional Access should block older devices not receiving security updates from accessing and storing company data.
The second, assuming they are now requiring phishing-resistant MFA, only requires that you have the Microsoft Authenticator app installed (FIDO2 and CBA are alternate PRMFA methods, but more complicated to implement). The MS Authenticator is supported on Android 8.0 and above and your S8 supports Android 9.0.
So unless there is a job requirement to use your phone for email and Teams -- in which case they should definitely offer a stipend or CYOD phone -- you should be fine just installing the MS Authenticator app on your phone and using your work-issue laptop for email and Teams.
Edit: I just saw your other comment that they use Duo. In that case you might be hosed since it requires Android 11.0. I'd at least start by opening a ticket with the help desk and keep an email trail with your manager of what part of your job you can't do. But they should be able to provide a method of authentication that complies with their policies.
Third. The first thing I mention when one of my clients asks anything about PCI is to offload as much card processing onto third parties as possible.
And if you have nothing in place yet, then 100% offloaded should be possible (with the possible exception of secure payment terminals if you need to process physical cards).
That said, it is still possible to use your own hosted WordPress storefront and offload the payment processing via tokenization or redirection. But a turnkey solution like Shopify might be better if you lack the experience.
If I recall it's only like 10 minutes and either no dialog or in French. But it's easy to get the gist of it and worth a watch. And it unlocked the thought experiment about someone witnessing their own death through time travel that Terry Gilliam expertly ran with.
This is entirely from memory from a time before every Easter egg and explanation was published on the internet, and I haven't watched it in a few years. So I could be wrong.
But I always thought >!the woman on the plane next to the red-haired man with the pre-released, pure virus about to travel around the world, is one of the doctors from the future that was sending Bruce Willis back to locate a pure sample of the virus so they could develop a cure in the future. As she introduces herself, she says she works "in insurance." So I always took that to mean their original goal was successful. !<
Regardless I need to watch this movie again. It is easily one of my favorites and the first movie that made me realize just how amazing an actor Brad Pitt is and that he wasn't just another pretty face in Hollywood.
I've always felt the protagonists win in 12 Monkeys. They say in the beginning that the virus outbreak can't be prevented (it's not that kind of time travel), but they needed a pure sample of the virus for the future to cure it. I don't want to spoil anything more than I have, but the plane passenger at the end is relevant. They work in insurance.
Exactly my thoughts. Without a doubt I WILL buy it, but I have enough games in my backlog that I don't need it in early access.