HashtagSecurity

Exactly. Managers and business owners always assume "company device, I am allowed to see every detail of everything they do", in many cases especially outside the US but even in the US state to state this kind of activity is illegal even for a company device. IANAL but in many places for example you can't run a keylogger on every machine even if the company owns it, you typically can only do it on a specific device, for a stated reason that the employee is advised on in advance. Some countries even limit browsing through mailboxes without notification. Just because something is technically possible does NOT mean its legal.

Even Doctors feel the same way about their jobs a lot of a the time. They also have the same problem of a bunch of colleagues who always assume they are the smartest person in the room but actually arn't They often also have a bunch of colleagues who are a the smartest person in the room but aren't great at bedside manner or lack the confidence to speak up for themselves. A little bit of ego is okay, it gives you confidence. A lot of us in this industry aren't the most social but people respect people who respect themselves - there is nothing wrong with being a janitor but in the context of this thread: don't go around thinking of yourself as a janitor if you don't want to be treated like a janitor.

It's not that buried these days, I turn these policies on regularly for orgs and as others have pointed out there are multiple big fuck off warnings in a box right next to it with a warning symbol 4 times the normal size that says: > Don’t lock yourself out! This policy impacts the Azure portal. Before you continue, ensure that you or someone else will be able to get back into the portal. Every other section as far as I know has similar warnings intended to get attention. That said people still do this so OP isn't alone - the fix is usually to call Microsoft support on the phone and if its been enabled in the last few days the process is fairly quick and they should have access again that same day. If its been on for longer they are a bit more suspicious and often bump it up to the security team to vet the request so it takes a bit longer.

SharePoint might be worth testing, it has incremental sync large files so it only sync's the bit of the file that has changed, it obviously supports Office Documents but from Adobe land I think it does AI, PDF, PSB and PSD files but I would suggest a small scale test to be certain it behaves as intended

It would help to know the nature of your data - Cloud makes sense with some data and not others: - If you have tons of Office 365 documents it makes heaps of sense for that data and allows for extra functionality like collaborative editing - If you have CAD or Designers it often doesn't as multiple people can edit and review each others work in that in real time on prem BUT the moment you add it to the cloud "hey check these edits I just made to *Design_final_final(1) Copy(3).indd*" goes from being a real time activity to, wait 10 mins for it to sync to the cloud, then 10 mins to download to the other persons workstation in most cases.

Thirding this - its technically excellent Make sure you use a Virtual Credit Card if you can either with your bank or a third party service like Privacy.com or similar. Screen Connect is an excellent technical product but its owned by ConnectWise and they are famous for over billing or continuing to bill after you cancel.

Its on option for English on the installer region settings these days it looks like this for anyone else confused: https://imgur.com/a/bCCL7aE It might be Windows 11 specific which is why I mentioned it was a recent one I haven't done a Windows 10 install for a while so may not exist there? If it does it would only be recent builds.

This is more of a recent one over the last few years but when installing Windows on a system most of the time you should just select the location as "World" not your actual location. Set your location later after you login. If you do it that way, for legal reasons I assume, it defaults to privacy friendly options like: * It enables all the options normally only available in the EU to comply with the Digital Markets Act and GPDR * Defaults to not sending telemetry data * Doesn't enable your advertising ID * Doesn't pre-install all the start menu items like Candy Crush, Instagram and Tiktok shortcuts - similar to Enterprise installs but doesn't matter the SKU you are using Its the best of everything for most scenarios and all it takes is selecting that World Option and changing it later.

Affordability is relative - looks like OP is in Argentina based on post history, I'm not even guess at what's affordable and whats not with the hyperinflation and price adjustments going on there but if its an option to go that route it we would strongly recommend it.

Its mostly very small SMB's - it used to be pushed a lot of commodity providers like GoDaddy as an upsell to single user businesses or <10 user orgs but even they switched away from it I think, most of those that used to sell it default to Office 365 tenancies these days. Most people still on it are just grandfathered in and the provider hasn't shut it down yet but a few of the big ones did that last year so its less and less as time goes on.

100% this. As a security guy all I needed from /u/GastonGC's comment were the words cPanel and Email and I was already jumping to external compromise. Many hosts these days disable those features entirely and just keep the web hosting functionality as the email functionality in cPanel is mostly an afterthought and gets even less development focus these days and very little of it is security focused - odds are you were compromised via an known exploit or just brute forced as cPhulk, modsecurity and other security built into cPanel is pretty minimal if its even turned on by your host. Your solution is to move to GSuite, Office 356 or some other modern email solution as even if you lock out this attack more will come as long as you are on that platform for email.

Greybeard here - started circa 1996 or so. - Apple isn't a religion, they make good stuff, they make bad stuff. - Microsoft isn't a religion, they make good stuff, they make bad stuff. - Google isn't a religion, they make good stuff, they make bad stuff. This can be said for every tech company you work with. - Companies that make nothing but bad stuff might start making good stuff. - Companies that make nothing but good stuff can start making bad stuff too. The list would be long for the companies I stopped buying from cause their QC was trash or some other frequent issue then they turned it around. Its all tools don't get that invested in them and judge them what they have been like the last few years - Don't keep buying because something from a company that used to be good because they used to be good. - Don't ignore companies that became good cause you had an issue with them a few years ago. Judge everything by its merits and don't make the brands you buy from, the licensing you prefer or the software you favor your personality.

> UPDATE: spoke to google and I’ve got both records on my DNS Type SPF and TXT. So they said my delivery won’t be affected. Can you guys confirm if nothing will be affected? I’ve got both spf and TXT type records SPF type records won't break anything by existing most likely true but they were deprecated over a decade ago (EOL was 2014 but they stopped generally being recommended years before that when everyone settled on TXT for SPF records). If you've got both types I can't imagine it would cause a problem as everything made in the last 10-15 years would only be looking for TXT type records but you might possibly hit some legacy system that see's the SPF type record and has an issue or some kind or hangs on some old code that was designed to process them and doesn't work anything since nobody uses them. If it were me I would just remove the SPF record types to keep things clean and up to modern standard but the risk is minimal so you do you.

* Hardware appliances that don't support an agent * Legacy environments (think infrastructure that is heavily locked down due to embedded systems) * Combinations of port restrictions and DNS limitations that can't meet the or other locked down scenarios that can't support any of the verification methods used by LE There are a few others, its all mostly edge cases that involve not being able to run the agent or complete any of the verification processes usually for legacy or policy reasons.

Its not typically based on how long it takes someone to click some buttons or how long a script takes to run. For example 365 provisioning and internal replication - under typical loads 99% of the time it takes 1 hour to provision a new user, provision a license, allocate it and assign it to a user. 365 provisioning however is a best effort, low load process - which in English means "we run it when our compute aren't fully utilized in the relevant region and queue it based on whats free then replicate that out to the other microshards linked to that tenancy when they are free". Your 365 tenancy might be split over dozens or hundreds of systems even within the same region and it doesn't "fully work" until that replication is complete which is why it might still act wierd even when the 365 portal says its available and working. In reality that process is usually fairly quick but there have been many many many times when that process takes hours or longer to complete. That's why Microsoft say it can take 24 hours to provision a new user even when your experience says its way less then that. Other cloud tools Google, AWS, Antispam services all have similar replication times - new user provisioning should always be at minimum the time for the longest of those replication times + the time it takes to actually do the process. 48 hours is pretty standard for a new user creation window to cover all that even when it takes less most of the time automation or no automation.

Acrobat has always dragged its feet in Remote Desktop and the licensing was onerous - the official way to license for an RDS for years was that you had to buy a pro license for every POTENTIAL user of the RDS, specifically meaning you had to buy one for every AD account that was capable of interactive login to be compliant if they audited you including Admin accounts - it was insane. They got a bit more realistic in the era of creative cloud and named licensing but its still very slow to update. The reason I am mentioning all this is I don't think they have official support for Azure Virtual Desktop yet (unless someone corrects me) - so short of using Creative Cloud in there and having the users log in each time I don't know if there is a supported solution. When it is supported they will likely add it to this KB: https://www.adobe.com/devnet-docs/acrobatetk/tools/VirtualizationGuide/index.html But if you want to be 100% certain you could just call them and ask just be ready for a bit of a wait on the phone and get any answer they give in an email or you may have a contradictory answer the next time you ask.

The one tip I always give anyone starting to learn PowerShell is this - use the **-WhatIf** switch. If you don't know about it yet, most Cmdlets allow you to include the switch -WhatIf, it simulates running the command and shows you the result if it does it, for example: > PS> Get-ChildItem -File *.MP4 -Recurse -LiteralPath C:\Recordings\ | Remove-Item -WhatIf > What if: Performing the operation "Remove File" on target "C:\Recordings\car-Talks\Attitude-Control\Attitude-Control.mp4". > What if: Performing the operation "Remove File" on target "C:\Recordings\car-Talks\Personal-KanBan\Personal-kanBan.mp4". > What if: Performing the operation "Remove File" on target "C:\Recordings\car-Talks\Redmond-Week-1\Redmond-Week-1\Redmond-Week-1.mp4". It lets you figure out what will happen before it happens for real and it will save you pain from syntax mistakes when learning that could otherwise be harmful especially if its a destructive command like **Remove-Item**

You may get more specifics for this one over on /r/netsec but I believe the internal drive isn't used when booting from external as you can even do it with a faulty internal drive, it just has to exist. Firmware comes from pre-boot and yes it is stored in RAM. However its worth also pointing out your initial premise while well meaning is flawed - M1 and later MAC's don't need to be physically destroyed to be fully HEPA/NIST compliant, as long as disk vault is used they are fully M1-based Mac NIST 800-88 complaint with software based destruction without need for physical intervention or additional steps as the data is never at rest in an unencrypted state anyway. Refer to https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf Ignore all references to magnetic media because they do not apply. Cryptographic Erasure occurs when you erase the device, since its encoding keys are destroyed upon erasure. The applicable excerpt: > Cryptographic Erase (CE) leverages the encryption of target data by enabling sanitisation of the target data’s encryption key. This leaves only the ciphertext remaining on the media, effectively sanitising the data by preventing read-access. > Without the encryption key used to encrypt the target data, the data is unrecoverable. That encryption is performed in hardware for the internal drive on on M series Macs.

We used it in the past too - it worth noting they only post about major outages there and even then when they have to. Assume that's about 30% of the actual outages. Other issues with it had been minimal development / new / requested features - its been a long time since we used it so that might have changed. The security around the shared password system is questionable, its never been independently audited like most other systems so its very much a "trust me bro" security scenario. And finally that billing association that was mentioned can't be understated, if you leave them and cancel billing they are famous for continuing bill you despite multiple cancellation requests and even then billing the following 30 days or so minimum - use a single use / virtual credit card with anything Kaseya or the billing will be a problem for potentially years after you cancel. I suggest searching on /r/msp for more pro's and con's on IT Glue as that's where its most used and discussed.

For that volume of data I likely wouldn't go cloud. A lot of this is going to depend on where in China you are as to what is available, there is 3 internet providers China Unicom, China Telecom or China Mobile to sign up for any of them you will need a passport and China Bank card so its going to depend on your circumstances about how long you are there. You can access them as a tourist but its basically roaming rates which last time I saw (which was a whiile ago) you were looking at around $20 USD per 3-5GB depending on where you are and who you use. Even if you aren't on roaming rates data can be expensive, the price will depend on the speed, the city where you live, the provider of your choice, how many months you pay for and whether it includes associated mobile phone line cards. Moving that volume of data likely isn't feasible without a massive budget and supporting infrastructure which is highly dependant on where you are and who you are associated with. I would suggest looking at local storage options if at all possible.

Not listing prices doesn't entirely remove them from the running in every case but it drops them down the list a lot. If I'm compiling a spreadsheet of contenders you become my lowest priority that I look at if I don't have enough candidates. I am not going to delay that shortlist a couple of days for run around back and forth Sales calls and do some bullshit dance to get pricing out of you when other products in the category simply list them on the website or volume pricing with Pax8 is available.

It's not just you; there have been threads about this issue popping up all over the place in the last 24 hours. Multiple threads have emerged on /r/sysadmin already. The general opinion suggests that HP inadvertently included a generic Windows printer driver ID in their metadata, which somehow managed to pass through Microsoft's checks and make its way into production. Consequently, when Windows Update queries that thumbprint, it identifies an HP device requiring that software. It's possible that it has already been revoked, as the situation seemed to calm down a few hours ago. However, the revocation pushed out by Microsoft will likely take some time to replicate globally.

More likely an attack based on the hints that have been dropped The biggest one was the federal communication minister was just asked about if she knew what was going on and she "had been talking to Optus" and said she "couldn't confirm it was a cyber attack but Optus needs to make a statement soon" the question she was asked made no mention of an attack so yeah subtle.

Types of files also matter a lot. For example some very large files are much better suited to be local, think graphic design and CAD type files, some formats are supported some aren't - if they are supported they might be able to just do incremental change syncs which means you aren't constantly syncing multi GB files as staff work on them, if they aren't supported you are. Example use case from real world experience - you have a Graphic Designer and a Manager that use Indesign and the designer makes edits based on feedback from the manager and they go back and forth like that all day with dozens or hundreds of indd files. If they have them stored locally they can do that in real time more or less. If its on SharePoint they have to wait for each file to be closed, sync and opened by the manager, closed again if the manager added things to it then sync again - if those are 1-2GB files that adds minutes or hours to their process for every file. Supported file types like docx and similar support formats that support multi editing don't have that limitation so it very much depends on the type of data.

Seriously - If they are good this is the legitimate answer. its competitive out there as hell right now to find good staff and retraining in this sector is a massive cost sink. That sort of thing makes people stay and helps more with productivity then most tools or software anyone would suggest unless you are massively lacking something very basic.

Need more uptake of the old [shiboleet](https://xkcd.com/806/) protocol in PBX systems

Its pretty standard as a response, I would do the same. Usually all that happens is the tech that made the mistake remembers doing it for a long time, some swing too far the other way and check and re-check before they do things. Look if you were one of my staff its not a firing thing unless you have a track record and aren't learning from you're mistakes Its not the exact same thing but it reminded me a little of this incident one of the Blizzard security guys described: https://www.youtube.com/shorts/VAWwtjtRM98

I didn't think of that, yup maybe > Message limits sections: The settings in this section configure the limits for outbound email messages from Exchange Online mailboxes: > Set an external message limit: The maximum number of external recipients per hour. > Set an internal message limit: The maximum number of internal recipients per hour. > Set a daily message limit: The maximum total number of recipients per day. > A valid value is 0 to 10000. The default value is 0, which means the service defaults are used. For more information, see Sending limits. https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/outbound-spam-policies-configure?view=o365-worldwide

You're describing what's called "Message rate limit". Exchange online does not allow for lowering that either on individual or tenancy reasons, that is one of the few features that is only available in exchange on premise.

As a german speaker I hate this choice of naming.

> New Outlook doesn't support tons of features. There has been regular threads on just how many for anyone considering it here is an example list from https://reddit.com/r/sysadmin/comments/13lo7u6/list_of_new_features_and_missing_features_in_the/ New features: Pin/Unpin Email Snooze email Density has 3 choices instead of 2 Can preview message body next to subject in message list (replaces 1/2/3 line message preview - see below) Board Integrates MS Loop cloud components Features removed (in no particular order): Customize ribbon Ribbon cannot be hidden Preview 1, 2, or 3 lines of message body in message list Choose columns to show in message list Separation of categories from subject in message list Shared categories cannot have color Cannot "view source" of HTML emails Status bar Item count, server connectivity status, zoom level, etc. Rearranging folders in folder tree Cannot set folder to show item count Outlook forms Notes view Folders view Folder pane cannot be "minimized" to show folders sideways "Share to Teams" "Send to OneNote" Find/replace within message when composing email (Ctrl+F) Outlook Today (although may be replaced with "My Day" or “Board”) PST file support Translate Search ribbon Advanced Search (Ctrl+Shift+F) Search Folders "Unread Mail" in favorites is an example Cannot right-click and “Add to favorites” for shared mailboxes Reply with IM (opens Teams chat with sender) Copy email attachments Sort/Filter options greatly reduced Rules are far less capable Can see, but not access/use better rules from old Outlook Rule to move message to another mailbox OneDrive link does not honor policies and be hidden “To Do” opens in browser instead of within Outlook No contacts from shared mailboxes No print options in Mail view. Must open each message and print one at a time No print options in Contacts view "Clean up" mailbox Send/Receive/Sync Now Creating email signatures via script Recall email Resend email Work offline Quick Access Toolbar and Previous/Next email buttons when viewing a message Public folders must be manually added to favorites to see them Accessibility is basically gone Using Outlook without mouse/touch is not possible To Do bar (although may be replaced with "My Day" or “Board”) View Settings is extremely gutted. (old Outlook is insanely powerful here) Rich text format for composing email Voting options (replaced with browser-based MS forms) Does not use Word as email message editor, so these features are gone when composing email: Styles, smart tables, thesaurus, find & replace, paragraph formatting, advanced character formatting, page color, effects, themes, smart art, word art, OLE objects, etc. Set bullet type/style in bulleted list Quick Parts Right-click Does not use Word as description editor for calendar event entries. So, above features are gone here too Email composer does not support: Message expiration Hanging indents or tab customization Reply-to alternate email address Digitally signing or encrypting emails Auto pick time for creating meetings High importance & low importance tags for calendar events Dictation No way to open address book within "Create calendar event" Looking at Settings/Options reveals dozens (hundreds?) of missing options when compared to old Outlook New features (from the comments): None Features missing (from the comments): Alt-R and Alt-W hotkeys Not having Word as email editor: Cannot put border or shading around inserted images Can only select from a subset of Windows fonts Does not migrate quick steps from old Outlook even though they are stored on the server. Cannot open .EML or .ICS files COM and VTSO add-ins MAPI is gone. No more "Print PDF to email", or other apps using email workflow Can't "share as attachment" from the other Office apps. Mail merge using Word and Excel may not work Message Templates Unable to sort by name, then type in the name to go to that grouping. Custom follow-up reminders for email "Next 7 Days" Calendar view Tasks view Can't delete attachments from emails and still keep the email Can't save an attachment where you want, it goes to downloads Cannot setup multiple languages for spell checking within a message. Read Aloud (text-to-speech) is only available within Immersive Reader instead of right-clicking Right-click on message -> Find Related Auto correct shortcuts are gone Sort messages by category Does not work with on-prem Exchange Server Lots of missing Enterprise controls, such as using Group Policy to prevent users from adding their personal accounts. Cannot drag-n-drop emails into other Office apps Quick Steps cannot create new email Cannot import Holidays into Calendar (.hol files) Cannot minimize to system tray Can't view headers of attached emails Gray theme missing, only white and dark available Cannot change icons of quick steps

If anyone needs an idea how many portals there are someone made this to keep track: https://msportals.io

There are a couple of tricks with Premier support - the two main ones are, log tickets outside the North American working hours, you get different teams at different times and the NA team seems to be the worst in my experience. If you have to log in NA team hours select the option for Spanish, it means you get routed to a team I think is based in Costa Rica rather then the India, the CR team is all bilingual with English anyway and have had nothing but good outcomes with those guys.

We have some IP's for an org that were previously in the Japanese block and are now assigned to Australia where the org is based. They got them in 2009 and still occasionally hit systems that think the IP is based in Japan. It should be of no surprise to anyone in this subreddit that some large org's use older software and don't update it, even for things like like Geolocation.

Wages being public in some way is fairly common. In some places like Norway for example its just publicly listed on a government website for everyone to read. Most don't go that far but the US goes the extreme in the other direction where its almost taboo to discuss. OP is German where [Entgelttransparenzgesetz](https://en.wikipedia.org/wiki/Transparency_in_Wage_Structures_Act) applies which is a little more complicated but any employee can request info about anyone else's wages at your company and make the company explain why they make more then you if its unfair. /u/Oga_the_Creator if you believe the dismissal was invalid you can file [Kündigungsschutzklage](https://de.wikipedia.org/wiki/K%C3%BCndigungsschutzklage) with the employment court to dispute the termination but it must be done within 3 weeks of termination, bit more about it here: https://www.taylorwessing.com/en/insights-and-events/insights/2022/10/dismissal-law-and-termination-procedure-under-german-law

We've used it for years - Its fine technically, detection rates are good. The negatives that come to mind is the Web UI is a little hard to find things in if you're operating a multi-tenant environment but its not horrible, I've seen worse and the price is going up, they used to negotiate that down with volume but just seem to have stopped doing that. We are moving off them shortly purely based on that cost factor to DNS Filter which has similar functionality and detection rates, bit of a better UI but costs less.

> Kevin is survived by his beloved wife, Kimberley Mitnick, who remained by his side throughout their 14-month ordeal. Kimberley is pregnant with their first child. Kevin was ecstatic about this new chapter in his and Kimberley's life together, which has now been sadly cut short. Damn that's rough, never even got to see his kid. Appreciate the time you have folks it always ends too soon.

These outrage threads should really be cross posted to /r/AZURE/ and /r/microsoft/ where the Microsoft blue badges are and actually pass things up the chain.

Also worth mentioning data export limitations Unless its changed recently you have to migrate through RSS and manually saving each image and upload from your WiX site to the new platform. There have been people that have scraped their own sites and replicated them to basic HTML in the past but there are a couple of problems with that: * It is static from that point on and you loose the ability to edit it by normal end users as there isn't a visual editor for them * WIX reportedly at one point was actively searching for people that had done that (I would guess by looking at metadata or something that they could search for in the content and comparing it against the cancelled site) and sued at least some of them for replicating their propitiatory front end.

IANAL but I sure work with a lot of them and from what they have said if you say you don't remember something and that's not the truth, you are lying under oath whether it's provable or not which will almost certainly result in a perjury charge. Claiming "I don't know" or "I don't remember" may work in circumstances like recalling events from a long time ago sure but for something like this it generally doesn't. It would generally be thought of as if a taxi driver claimed to not know how to drive a car suddenly. No "reasonable person" (legal term) would believe you suddenly forgot. In fact if you historically only kept them in your head and nowhere else as OP mentioned that would more then likely work against you claiming that verses keeping it in a master keypass file that got corrupted or something.

Just to give you an idea about the mechanics the block time is 14 days in most of them (Cisco Umbrella/OpenDNS, DNSFilter and so on) so it will pass. It basically exists to counter Malware Command and Control servers spinning up domains and subdomains on demand before they can be classified. All the ones I know of trigger the "newly seen domain" rules based on subdomains as well as actual domain so if his spawning subdomains event.domain.com, event2.domain.com or anything like that each will have its own timer and will block until they age in. The newly seen flag is typically started from the first visit on that service so the first person using Cisco Umbrella starts the 14 day timer for all clients, meaning its not the first person from that company. The users visiting the site should also be getting a big warning in their browser explaining this is a temporary block for a new domain but mostly end users wouldn't fully understand it (and its possible their IT disabled the warning or customized it to something generic).

There are some specific countries (you can probably guess at least a few of them as they are often sources of other malware threats) where we never return the laptops from as they are known to use sophisticated firmware based observation tools and target them at all the people from specific industries. So depending on where OP is going and who he is even erasing may be insufficient. We just return them to the vendor if they are within the return window or e-waste them if it was a longer trip / vendor won't accept them back as a change of mind return.

Skipping over the bit about not using a GA for day to day use, yes you can you can setup alerts to do this - you just create a new low severity alert and it will email you an alert like this every time there is a permissions change: > Mailbox Permission Changes > Severity: ● Low > Time: 6/23/2023 11:30:00 AM (UTC) > Activity: AddMailboxPermission > User: NT AUTHORITY\SYSTEM (Microsoft.Exchange.ServiceHost) > Details: AddMailboxPermission. This alert is triggered whenever someone gets access to read your > user's email. > See details in the Microsoft 365 security center As you can see from the above you will get them when 365 do maintenance or patching too but as with the example above it will mark the user as NT AUTHORITY\SYSTEM, you can scope these alerts to whatever you need and wherever you need them to go really, you likely wouldn't want them to go to that same mailbox - ideally you should have legal hold or something like that so the other GA can't tamper with or remove the alert (or send it to an entirely separate email system).

Just for context the main difference between the two files is the OS you are copying them too * start.bin is the older file format and is used in Windows 11 versions up to 21H2. It stores the layout of the Start menu as a single array of app IDs. * start2.bin is the newer file format and is used in Windows 11 versions 22H2 and later. It stores the layout of the Start menu as a tree of app folders. This allows for more complex layouts, such as grouping apps into categories. If you have a Windows 11 version up to 21H2, you will only have the start.bin file. If you have a Windows 11 version 22H2 or later, you will have both the start.bin and start2.bin files (and I think MUST have both files).

This is the correct answer. I've seen the exact same thing with industrial clients every time they decided to fire up an arc welder on the same circuit. It was knocking out one of the phases of power or something. They ultimately fixed it by putting the welder outlet on its own dedicated circuit which they said it should have been on in the first place, you can't just whack those things into a normal outlet and not cause problems.

The one thing I would add to this is I usually conditional access limit it to for example the geographic region they are in AND more importantly I establish boundaries so around using it for example the most common one is: * I let them know the risks of using it and the damage that can be done without training * I add an alert for whenever they login that emails or otherwise notifies me and let them know about that * I require their personal cell, home phone number or any other form of immediate contact and let them that if they login with it I will be calling them on their personal cell phone to confirm its them and if I don't get the confirmation within 15 mins or so as a security protocol the account will be suspended (I usually don't go into the mechanics of explaining my account can lock their account and they can lock mine as they are both GA's as that's usually a hard concept to make a non-technical person comfortable with). * I generally throw on object auditing that kind of thing for their account if it wasn't on already and if they use it that's the first thing I check to see what they did when they logged in Usually this sort of "alarm bells will ring if you use this" is enough to make them not poke around casually and gives them a little reassurance honestly if their intention is to have a backup plan that that sort of thing is actually monitored.

The Apollo App subreddit suggested some tools such as this one: https://github.com/j0be/PowerDeleteSuite More info in that thread: https://www.reddit.com/r/apolloapp/comments/144hlr8/guide_how_to_delete_your_reddit_account/

I'll say the same thing I said in /r/msp who also aren't protesting This doesn’t have to be a protest limited by mods. Want to protest yourself? You can take away the value you have contributed to Reddit in protest; All you have to do is delete your comment history.

Might just be a delay with the sudden influx of users or something, but there is a lot of communities springing up, seems like someone is creating similar communities to reddit ones at the moment, there is tons at the time of writing this under https://lemmy.ml/communities (also apparently you can block communities, like blocking entire subreddits which is a nice feature)

Yeah its the same thing that put me off and a lot of people off with Mastadon. Mastadon seems to have made it simpler for new users somewhat by having a default instance on signup now. Lemmy does seem to have ones like https://lemmy.ml/ which people seem to reference a lot so maybe they will do the same