Jump to content

AngryBeaver

Member
  • Posts

    3,440
  • Joined

  • Last visited

Posts posted by AngryBeaver

  1. On 2/15/2024 at 7:18 AM, Agall said:

    Regardless if infosec is someone's primary responsibility, its a necessity in today's world in my opinion. Even if you're a dev or the least privileged administrator, having infosec knowledge/understanding enough to be able to fulfill that role shouldn't be viewed as 'cross training' but as core training, in my opinion.

    I completely agree. It needs to be a part of everything we do. 

  2. On 2/10/2024 at 3:29 PM, wasab said:

    These positions also require decades of experiences and many of the technology and tools they use did not even exist until 5 years ago. I would imagine they would have a huge shortage of workers if they ask for 10 years of experience in some xyz skills/knowledge of something that just came out 5 years ago. That doesn't mean you can just study cyber security, get certs, and expect to easily nag a job.

     

    Companies today are looking for unicorn candidates and they don't care at all about false negatives, they simply want to get rid of the false positives. They don't just find the best interviewing candidates out of a talent pool. If they find no candidates they are happy with, they simply won't hire anyone at all and continue posting the job ads while complaining they can't find skilled workers. It doesn't mean lack of competitions and a low barrier of entry for those jobs, it means lack of experienced and qualified workers. In fact, harder the position is to fill like cyber security, the higher the barrier to entry.

     

    In addition, don't trust the jobs statistics. Many of these are just bullshit. 

     

     

    fun fact, out of all the job postings in tech, 10% are entry-level, 15% are juniors (3 years experience) and a whopping 75% are looking for mid and senior levels(3-10 years experience). This is what they mean by skilled worker shortage, the experienced 75%. if you are just starting as an entry-level, you can immediately eliminate 90% of the open jobs you see. job seekers at the entry level are a lot more numerous than mid and senior levels since qualifications are much lower so you can also expect a long grind, fierce competition, and an uphill battle.

     

    i am not discouraging anyone to not do it but please be realistic, especially for the Canadian and American job markets. 

    I know plenty of people fresh out of college that are landing jobs as interns while till finishing up degrees. Those "unicorn" positions you mention do exist, but those same requirements get relaxed as more and more time goes on without a candidate. Many companies are filling their ranks with people fresh to the field and/or converting people into this field.

    Contract work is there for people new to the field and looking to get some experience... 3 years of experience to get into the mid-senior range is not a lot. 

  3. 9 hours ago, wasab said:

    yeah... i dont know about this. 

    here is a fun activity, challenge yourself to see how many doom and gloom posts about lack of employment opportunities you can find on these reddit sub

     

    Students of Computer Science! (reddit.com)

    CSCQ protests reddit

     

    of course, IT is not all about engineering but if engineers are struggling, i doubt folks who do IT help desk and whatever other IT jobs are any better. 

    I am mostly speaking from the Infosec prospective. For people in this field you could be fired today and be lined up for your next position in a few weeks. 

    A little bit of data on this. Currently in the USA there are about 750k open Information security positions that still have not been filled. There are 3.5 MILLION world wide... and as of right now. In comparison there are only about 1.2-1.3 Million people worldwide in the profession. That demand is not going to decrease, it is going to actually increase as we move forward. We do have more degrees and people majoring in it now than we did, but there are also a good percentage of people that burn out or just can't handle it unfortunately. 

  4. 10 hours ago, Mark Kaine said:

    what is funny, its almost always the actual pc casing fault as that's what secures the card, and not necessarily the size of the card. so if you're using any of those hip , expensive, but cheaply made "mesh" cases you probably need a "card holder" ... 

    I see your point, but on the high-end cards they are long, wide, and heavy. They are support a little bit by the socket which is about 3.5" for a pci-e 16x slot. Then you have the fact the remaining end of the card (that sags) is another 7+ inches out (High end cards can be 10-13+ inches long!). That means all that is holding that card in place is the presence of the socket connection and the 1-3 Case screws on the very front of the card that keep it in place. This doesn't really do anything for the 7+ inches in the back of the card which is where the sag happens.

    One solution is to vertically mount the cards which is becoming a more and more common option on newer cases. Outside of that though you need a way to give the car more stability in the rear.

  5. 15 hours ago, Dedayog said:

    Well honestly, coupled with a remote access setup, the hard off/on is a resort some of have to use for servers that become unresponsive.

     

    I'm not saying use it for your every day, but when push comes to shove....  It';s not like all of us don't hard shut down once in a while.  The entire world knows the 5 second rule 🙂

     

     

    I can say for certain I haven't needed to hard shutdown a server in many years. I've had times where RDP wasn't responsive, but even then powershell/cmd network commands worked for shutting down/restarting the machine. If this is a common occurrence you would be better off running the game inside a VM so you can keep control on the host OS for that type of thing.

  6. 4 hours ago, NoahJamesTech said:

    Hello lovely people of the internet, I've recently taken over the tech infrastructure of a church, and I'm looking for advice about computer backups. 

     

    Somehow we're currently paying for two backup services! Arq Backup and CrashPlan. 

     

    There's about 10 computers on a mix of Windows and macOS. I'd like to move to a NAS as I'm pretty against paying for tech subscriptions if possible, and think this could be accomplished pretty easily with a decent NAS. I'm wondering what sort of opensource software exist that can be installed on clients and auto backup files, settings, ect. 

     

    If a subscription is necessary that's ok too, but I'm looking for software I can set and forget on the clients where they can autoback up to a NAS. I do not have NAS built or specked yet, but I'd like to maintain around a year of backups so I'm imagining 10tb would be a pretty good starting amount.

     

    Please ask me any questions for more information.

    Backing up to an onsite location like a nas is a great idea in the event a machine fails, but it will do absolutely nothing if your physical location is hit by a disaster of one sort or another. That is why the previously mentioned 3-2-1 thing exists. 

  7. On 2/8/2024 at 8:21 AM, Dedayog said:

    Since @DoctorNick got you for the guide...

     

    For starting, etc.  I use a Wifi outlet to control the power for the machine, so I can turn it on, off, restart remotely.  Then once it's up, you can remote in if you need to do anything.

     

    But if you set the box to Boot on Power, and then Palworld to boot with Windows... should be easy sailing.

    No no no. A hard shutdown like that is not advised unless you don't care about losing data in your game.

    Honestly if you want to do it in the most secure way and have a router that supports it... I would first setup DDNS (to resolve your IP as a hostname and keep it up to date), then setup a VPN with the encryption method you choose (can be a lot of options or just one depending on your router), and last I would go on the computer you want to control and enable "magic packet."

    After you have done that you can use any phone/laptop to connect to your home vpn and access the server VIA RDP. If the server is offline for some reason then you can sent a "magic packet" to wake/start it up.

    There is also the option to skip the VPN, but I would honestly not recommend it since you would be poking a hole in your home network and hoping you hardened that server enough that it doesn't get breached. 

  8. Honestly, a more robust pci-e socket for GPU slot that allows the GPU manufacturers to build in a more robust support system. This problem is only going to get worse as more and more weight is added to each generation of GPU to keep it cool.

    It isn't as bad on a water-cooled GPU, but copper blocks aren't exactly light either.

    For example, if the socket slot was a little taller and extended to maybe 2/3rs of the longer cards and was for nothing more than adding support (no additional communication channels)  it could help a lot.

  9. I just want to point out another common problem with that CPU on budget motherboards....  that is VRM temps. I have a 5950x and the mid-range board I purchased from MSI would thermal throttle based on VRM temps (CPU/GPU are on a custom loop water cooled setup). I upgraded to the MSI ACE and the problem completely disappeared.

    Just something else to check.

    I would see what your VRM temps are in HWinfo when you run an extended stress test. I want to say when I was having issues mine would shoot up over 128C

  10. I see the Apple Vision Pro as helping move the VR/AR/MR space forward. They are another huge name jumping into the space and maybe just maybe it will be enough to bring some of the AAA game makes into the space. If that happens then we will see the game change for VR and likely a big increase in adoption.

    As far as specs vs price go... I don't personally find the Apple Vision Pro worth the huge price. Sure, the cameras are great and the displays used in it are pretty darn awesome... but with it being 7 times more expensive than a Quest 3 which does most of the same things (and more in the game aspect) althought not at the same level... I just don't see the value in one.

    Now if you only care about the apple ecosystem and just want something for MR and digital content delivery then fine... maybe it makes sense. If you want to do any type of gaming or VR on it though currently that isn't going to come close to what the Quest 3 offers.

    I just feel like we will see a Quest 3 Pro at some point that will bring better Cameras and Screens to the table with a sub 1k price. We also have the PICO, HTC, Valve, ETC offerings coming soon too. 

    Anyways, I think Apple bringing this product will hopefully advance the space for everyone, but when it comes to the device itself I don't think it is a leap forward by any means... even less so for that price.

  11. On 1/31/2024 at 6:06 AM, Twinleaf said:

    Hi, I'm Twinleaf.

     

    I'm a bit of a lurker around here, mostly out of my fondness for LTT since the old times. But since I've been trying to change fields, I have come across a few questions here and there as to what I should be trying to even do here. 

     

    I'll keep it short as to not waste anyone's time. I know little about the actual job scene in IT, but I've been into computers and building them since I was 10 (27 now).
     

    1. What certs should I even be looking into? I'm signed up for CompTIA A+ 1 and 2 already, since everything I've read about it gives me the impression its a very easy test since I'm already a techie as a hobbyist.
    2. What is the job market like in America/Canada? Should I be going into a specific part of IT or possibly go back to college? (I am not opposed to a job offer, Mister Sebastian. I'll be in touch at some point!)
    3. I personally have a fascination with servers and networking equipment, are those jobs likely to be automated away at some point? I know AI can't do that much right now, but I like being at least a little future proofed.

    Any and all answers would be very much appreciated, as I am a very paranoid man who likes knowing what he's getting into.

    The Comptia stuff are entry level certs. They are good for helping you get your foot in the door or giving you an edge on other candidates that might not have it.

    That changes once you have some experience. Yes, some high-end certs are very valuable to a company and on your resume, but regardless of that experience is still king. 

    To answer your questions.
     

    1. I would look at the Comptia Trifecta   A, Network+, and Security +.
    2. The job market for tech is good overall. There are some fields that I think are extremely worth it though. DEVOPS and INFOSEC. Huge demand for people and the pay is extremely good. Networking is also a good second choice. IT Support fields are also fine, but they aren't very lucrative and you cap out on job growth a lot sooner than the other fields.
    3. I don't see AI as really taking away jobs. I see it as making people more efficient at their jobs. The AI is only as good as the algorithm or person that designs it. On the generative AI side it is only as good as the data it has access to and that same data can easily cause negative outcomes since it AI isn't able to always decern Fact from fiction.

    I have personally been pushing people towards the Infosec side for the last 5+ years. There are more open positions than people in the industry, the pay is extremely good, and if you like a challenge well it is a challenge than has no end. The only downside is the barrier to entry (which with the deficit is a little easier than it could be), now on the flip side once you are in this field you will enjoy a profession with a 0% unemployment rate. 

    All of that said, there is no right or wrong answer. Look at an internship or contracting positions for the areas you are passionate about. If you don't like it cross the isle to another area in the IT umbrella. The time doesn't get wasted, it is all experience, and with competency you can move from one concentration to another without too much hassle. 

  12. 3 hours ago, Flawizz said:

    okay thanks, isp does not allow bridge mode sadly. they say its coming soon tho.

    Honestly, you were doubled nat'ing yourself before. A little while longer while they bring that feature isn't going to be a big issue (unless your brother had a much different use case).

    Now that you have changed your network setup... this might be a good time to look into enabling and setting up QOS. Be warned that QOS does some inspections that could reduce your network speed a little. The impact entirely depends on your ISP speeds and the processing power of your ax1500.

    *edit* The ax1500 has a Tri Core 1.5ghz processor. With your current network size I am guessing it should be able to handle 1gb with QOS on.

  13. 47 minutes ago, Flawizz said:

    so i should not even have the router, just hook everything up to the modem?

    the problem is that its hard to manage, very few settings and can only manage through my isps slow site. which is why i went for a tplink router.

    Or you put the gateway in bridge mode (makes it a normal modem) and then use your router as the primary routing device.

  14. 41 minutes ago, Flawizz said:

    i seperated me and my brothers pc from the rest since we're heavy users and wanna have priority/full connection without interruption.

    my router is ax1500, i entered the correct ip but i'm not sure about the port, on the tplink camera site it says port 554, i set one camera to 554, but i cant set the second camera to 554. still neither show up on the program.

    All you have done is create a double nat scenario on your end. You are not increasing your bandwidth since you both have unfettered access to the main modem. All you have managed to do is create a scenario where items behind your router are unreacheable on the rest of the internal network and if you do any multiplayer games have created a double nat scenario which can impact your multiplayer experience.

  15. Ok from what I am seeing there are some solutions.

    Is your main network operating in the Class B or C range? If B (subnet 255.255.0.0) then your current ip setup will work. If it is C (255.255.255.0 subnet) it won't without ether changing the ip range assigned via your DHCP on the "modem" aka gateway, or just letting the next change assign them a class C in that subnet.

    So, you have a "router" setup with 4 cameras. Looking at the application this is probably a POE DVR serving as a router. On most of these you can actually change them to operate as a switch. Now depending on the model of the unit the steps for that will change. Feel free to post back more information as needed.

    You essentially just want to have that DVR router function as a switch and use the DHCP provided from your modem/gateway device.

  16. Just now, Tomass45 said:

    All is stock i only tried lower clock and memory clock of gpu what i found online.

    I would save your current bios settings then do an optimized reset. Leave Ram at stock voltage. Then try to see if you are getting a crash. 

  17. 8 minutes ago, Obioban said:

    Spoken like someone who hasn't used it.

     

    It's different because it does those things well. The AVP is the first headset I've ever worn where the screens weren't so bad as to actively bother me. The AR spatial tracking is an order of magnitude better.

     

    Really, it's all pretty typical Apple. They're rarely (never?) the first company to do something. They're routinely the first company to do something well.

    I agree and disagree.

    It 100% has better Cameras. The Spatial Tracking isn't necessarily better, but the AR experience is much improved because of the camera quality on the device. I also much prefer the higher definition oled displays, but the ones offered on the quest 3 are by no means bad. The resolution on them is perfectly fine... they just don't give you nice true blacks and you need to play with the brightness settings to make some content enjoyable. 

    Then again, we are talking a 500 dollar device compared to one 7 times the cost at 3500. It would be absurd if the quest 3 beat it on those areas. That said, quest 3 does beat the apple pro in plenty of other areas like gaming and such. 

    I am glad Apple got in the game. It means we will start to see more adoption in the VR/AR/MR space. Now we just need an AAA title or two to jump on the bandwagon and we will see the industry leap forward.

  18. On 1/30/2024 at 3:46 PM, Obioban said:

    Summary

    Reviewers have started posting up their thoughts on the Apple Vision Pro.

     

    Quotes

     

    My thoughts

    Feels like the beginning of a new era. The daring fireball one is particularly in depth.

     

    Sources

    https://daringfireball.net/2024/01/the_vision_pro

    https://www.theverge.com/24054862/apple-vision-pro-review-vr-ar-headset-features-price

    https://www.wsj.com/tech/apple-vision-pro-review-39f2d82e

    https://www.tomsguide.com/computing/smart-glasses/apple-vision-pro-review

    These reviews kill me. They are talking about a feature that has been present in the Meta Quest line for a good while. Sure the passthrough on Quest 2 was in black/white, and the quest 3 cameras are still a little grainy... but you can do all of this immersive watching of videos in that platform. 

    I mean you can download an app on Meta and watch a movie in a virtual theater with all of your friends sitting next to you where you can interact with them. I am just not a fan of how people act like Apple just did something amazing, yet it is something that was already possible with other headsets.

    I am not saying the apple pro isn't a good vr headset, but it hasn't drastically changed anything all it has done has put another big name in the VR/AR/MR space. 

  19. On 3/30/2021 at 2:24 PM, light-v said:

    I know historically aftermarket GPU cooling never was that big. I think this is mostly due air cooling being pretty good already and the added complexity wasn't worth it. If you wanted to upgrade from air you'd go custom loop but that's much more expensive and hard to do. 

     

    With AIOs, the waterblock is small compared to air coolers so mounting shouldn't be as challenging and much cheaper and easier than a custom loop.

     

    Mounting brackets like the Kraken G12 are still very niche which is a shame because I think gpus can benefit a lot from AIOs I mean who doesn't want lower fan speeds on the GPU when gaming without spending a fortune? 

     

    Is this just lack of awareness or am I missing something? 

    I think they are a variety of reasons why they aren't more popular. 
     

    • They require much more disassembly than say just putting it on a cpu
    • The brackets out there don't work for all cards and for some cards they don't offer enough cooling for things like memory
    • GPUs with AIO preinstalled are disproportionately priced. 
    • GPUs have more orientations and positioning options which can complicate routing or placement in general
    • Most people looking to put and AIO on a gpu probably is considering it for the CPU. You can build a budget custom loop for slightly more, but with higher gains.

     

    It essentially comes down to being a very niche market. I think most people either are satisfied with air cooling and the ones that aren't probably lean towards a custom loop. There are a few reasons I can see someone using an AIO VS the other two options, but they are again niche use cases. I think that is why you just don't see a huge market for it.

    Just to touch on one of your points "Custom loops are much more expensive and hard to do."

    I would have to disagree. From what I have seen installing a AIO bracker on a GPU for example is more rigged feeling than something like a dedicated water block made for that card. The disassembly of the GPU is the hardest part of the loop.

    If you are running dual AIO that is the equivalent of installing 2 radiators. You will need to install a pump which can easily mount to a radiator if needed or you can even buy blocks/radaitors with them build in. 

    The biggest difference would be the tubing, but soft tubing is super simple to install and you can find fittings to suite the look or ease of use you are aiming for. Then you just fill it up. Leaks can happen, but are pretty darn rare even for first time loop builders provided they pay attention to what they are doing. Use distilled water and just power up the loop to fill and check for leaks... you aren't going to damage your hardware if a leak happens that way.

    In the end you have 2 more things to worry with and they aren't hard by any means or even time consuming. If we look at cost it can go either way... you can go high end or budget just like anything else.

    A decent AIO for GPU and CPU would be lets say 150 each. Then another 20-50 for the mount. So lets call it $350. You can buy cheap copper radiators online for 20-30 bucks. You can get the Corsair offerings for 50ish each for a 240 and 360 for 60 ish.  If we budgets for 2 of the 360s you are sitting at 120 for radiators, add some tubing for 25ish for 145 (this will include a coolant mix to use with distilled water) A cheap CPU block for 20-40 and a gpu block for 60-80 so lets call those 120 together. We are sitting at $265. Then toss on a cheap res/pump combo for 40 puts us at 305 which leaves you about 45 for fittings to be within an AIO build. Now if you want to go high end you can easily spend over a thousand on a custom loop and the above assumed you already had case fans to reuse, but you can toss in a couple 4 packs of artic p12s for about 25-30 a box.

    Now

  20. To expand on this.

    For me the top contenders for PCVR on a budget is Quest 2 ($250) Quest 3 (500) or a Pico (400)

    The Quest 2 and 3 can also be used stand alone and if you have a decent wifi setup you can stream your pcvr wirelessly. 

    As to the PC that is where things get more complicated. Running a game on the Quest 3 for example is harder than running 4k content. Now there are ways to reduce the quality and resolution to make these games run smoother, but if you want to crank everything to the max then you will need a pretty beefy computer for that.

    I personally prefer the Quest 3 because you get more overall games thanks to Metas huge stand-alone library. It doesn't have Oled screens or Local Dimming, but if you adjust your brightness it is still very immersive. The Quest 3 does have a nice FOV though, 120hz displays, and very good resolution per eye. 

    If you are doing this on a lower budget .... the quest 2 is pretty much impossible to beat at the $250 price point. If money isn't a concern though and you are looking to spend 1k+ then let me know and I will update this. Most people coming into this space aren't looking for that though, which is why I have left them out.

  21. 1 hour ago, LAwLz said:

    I disagree, if you do it somewhat decently. But I guess that is kind of what you mean by "really good password", but I promise you I don't need any luck.

     

     

    If someone is doubting the security of encrypted zip files, I have attached a little challenge to this post.

     

     

    Just to be clear, I agree with you that a password manager is better than keeping it in an encrypted zip file. That's not really because the zip files aren't secure, but more about usability and features.

    LAwLzs-LTT-Password.zip 304 B · 2 downloads

    It is going to come down to time investment and if the reward is worth it. I am sure by your confidence you have a nice complex password that is likely avoiding most of the words in a rainbow table.

    The point is a lot don't. They use some 8-10 character password and think that is good enough. The tools for cracking passwords are getting better, the tables and algorithms are improving. We have Generative AI now which can also take password cracking to the next level. Then you have to look at the software doing the encrypting and consider the likely hood of a vulnerability existing in said software.

    Will that file keep your information safe from people in your household? Most likely. It however, will only be a partial deterrent to someone set on cracking it. You can rent out a gpu cracking farm that is capable of guessing and insane amount of passwords per second. 

    Now don't get me wrong. Password vaults aren't perfect, we see them breached from time to time too. Also, depending on setup they are a little more secure in the sense that if your pc crashes you don't lose all your passwords in that now inaccessible file.

  22. On 12/26/2023 at 4:14 PM, Joe Bauers said:

    I would like to backup the passwords I have stored in Chrome and need a safe method to do so. 

     

    If I were to transport then over to a .txt doc and then zip them in a password protected folder using 7Zip, would this be a safe option incase my computer was hacked?

     

    My worries are someone can access my desktop in an attack and get my password folder and crack the encryption of 7Zip. Is 7zip good enough or is there a more hardened method to encrypt password on a desktop folder?

     

    Is this strategy any good?  What do you recommend? 

    While more secure that say a plain text file... it isn't hard to take these zips and Crack them offline.

     

    If they know a little about you then they can toss some lines into a rainbow table and likely get the password relatively quickly.

     

    I mean yes with a really good password and luck on your side then in theory it would take them long enough to Crack it wouldn't be reasonable... that said new methods for cracking passwords, hashes, etc come out all the time.

     

    So, is it better than no encryption? Yes. Is it a better option that a dedicated password vault (even some free ones) not really.

×