HackerTrans
トップ新着トレンドコメント過去質問紹介求人

jstarfish

no profile record

コメント

jstarfish
·3 年前·議論
> Has an interesting level up system where at the end of each session you tell the DM something you want to have the chance to accomplish in the next session in order to gain a level.

Ugh, I play games to get away from sprint planning...
jstarfish
·3 年前·議論
It's actually pretty typical for coups/mutinies.

Your position is challenged by military brass, so you imprison/execute them. Anyone charismatic enough to take you on is going to have been popular with the soldiers, so now a heavily-armed mob with tanks and artillery is pissed at you. Now you have two problems, with only two solutions-- eat some shit and hope to make peace, or die.

Putin played it safe in flipping the script-- negotiate surrender, appear to resolve the dispute peacefully, then stage an "accident" of the rabblerouser once tensions are lower. Cooler heads always prevail.
jstarfish
·3 年前·議論
This subthread isn't about the article; we're on a tangent about OpenAI.

He was fired [at] and didn't die. Now he's back, and looking for revenge.
jstarfish
·3 年前·議論
> why would sam altman and the rest of their family deny annie altman's inheritance? [...] either this annie character is making stuff up, or the whole rest of her family are some kind of comic book villains

She's done something to alienate herself from the family. Usual reason is drugs, but given that she's publicly braying about being molested I'd bet that she's told similar stories about other family members, internally, prior to this. (ed: she also made the same allegations against her other brother too. Damn I'm good.)

Look at the number of people ascribing manipulative behavior to Sammy. This sort of thing runs in families.

Or look at the verbiage of the allegation itself:

> I’m not four years old with a 13 year old “brother” climbing into my bed non-consensually anymore. (You’re welcome for helping you figure out your sexuality.) I’ve finally accepted that you’ve always been and always will be more scared of me than I’ve been of you.

Nowhere in there does she actually say he did anything more than get in bed with her. She just implies it, and our minds are filling in the rest, giving her plausible deniability against making such a claim. It's fuckary.

(edit2) Even better, from https://www.lesswrong.com/posts/QDczBduZorG4dxZiW/sam-altman...:

> "Annie had (and still was having?) extremely intense, nearly all-day PTSD flashbacks of the sexual assault she experienced in her childhood from Sam Altman, plus other forms of assault from all members of her nuclear family (except her Dad, I think.)"

Everyone wants a piece of Little Annie Altman, it seems. Histrionic personality disorder (and PTSD!) is treated with...Zoloft, dispensing of which was also considered "abuse" in her claims.

> Our Dad’s ashes being turned into diamonds (not his wishes) and that being offered to me instead of money for rent and groceries and physical therapy says more about me?

lol. The Altmans know how to push the buttons of someone with a spending problem.
jstarfish
·3 年前·議論
When you take a shot at someone influential and miss, falling on your own sword is a kinder fate than what will happen when they turn your direction.
jstarfish
·3 年前·議論
Missed the second part of your post:

> It would be nice if some of the enterprise licensed tools gave some metrics like Outlook, intelliJ/VSCode, and Gitlab, all overlaid on a simple bar chart of activity. It would be pretty easy to see gaps and to piece together a work day. I realize that doesn't account for whiteboard time etc, but that stuff is explainable. 3-4 hours per day of activity + very low contributions is not explainable.

Yeah, they don't make it easy. There are dedicated tools for desktop surveillance but that's too invasive for my tastes. I've been doing this job long enough that I've seen things I wish I hadn't.

It's hard to measure "activity" in an app, but with Defender we can check if a process is even running in the first place. I don't have any canned queries for that since I can't anticipate the tools every random employee is going to use. You start looking for VSCode, j'accuse them after not finding it, and they counter with "but I use Pycharm/Eclipse/etc."

> 3-4 hours per day of activity + very low contributions is not explainable.

Every company is different, but that's pretty typical for ours. Half of everybody's day is meetings, and I don't have any way to easily verify whether a meeting existed or whether they attended, so it's not a standard I would personally hold anybody to. Maybe you're running a sweatshop though, in which case expectations are higher ;)

We're both approaching this from a position of disadvantage...it's real easy to be made a fool of when it comes to accusations.
jstarfish
·3 年前·議論
> Is your role to sniff this sort of thing out, a whole company, or part of your job on a team?

Internal [cyber]investigations. We branched off from cybersecurity, but there's a sister team that handles traditional cases (anything not involving digital forensics).

> We have MDE, which I am starting to dig into now.

If you're talking about Defender for Endpoints, that might be the same thing (I can't keep up with Microsoft's product shuffling). There should be a dashboard you/the admin can access at security.microsoft.com, with a cylinder database icon (Advanced Hunting) in the top left corner that lets you run KQL queries like the ones I shared.

> For the devs, a simple glance at their gitlab contributions tells you a lot. For remote folks the VPN is another like the logins. The truly lazy won't even bother to be on the VPN, but doesn't mean they are not working. Apparently one of our main sys admins is never on the VPN.

Again, kudos for your restraint. Divining truth from ambiguity is not easy.

Commit counts can be an inverse metric. Bad devs overinflate their commits ("typo correction lol"), and those diligently trying to iron out bugs and working on genuinely-hard problems will have less code to commit.

My own VPN usage is spotty, and I'm remote. I just don't always need to be on it-- I spend a ton of time looking at spreadsheets and logs locally. Email, Slack and OneDrive work when I'm not on the corporate network, so sometimes I don't even notice I'm not connected.

Your sysadmin...be careful there. I'm literally seeing the same thing wrt low/no logins of one of ours, but any number of witnesses could confirm he's actively working (attends meetings, available when needed, tasks are completed, etc.). It's just not clear to me how he's doing the job. The nature of that role also makes them a dangerous person to piss off.

No one data point means more than any other. It's all a game of how many red flags, in aggregate, does the individual raise?

> I don't think we have gone up against a real professional yet. If they are here, they are really good.

The single biggest facepalm of my career occurred when I live-demoed this concept to the rest of the team and outed one of our own.

I assumed it was a glitch, but others were harboring suspicions they couldn't justify raising until I presented numbers suggesting that the individual wasn't even logging into their computer. Still wasn't enough to take direct action on...but they did not survive the next round of layoffs.
jstarfish
·3 年前·議論
> yes, in fact it looks like they only spend 3-4 hours per day on corp infrastructure, time for a chat.

Depending on the role, this is a poor metric. I'm saying this as someone who investigates this sort of behavior for a living.

Even a developer-- surely they're actively on the computer all day, right? Except extended whiteboard time, meetings, huddles, etc. all reduce that visible footprint.

> What I am after is a dashboard that I can pull up when someone is suspected of overemployment because of a performance issue.

You have the right approach-- what I'm about to share are a few queries I use to collect intelligence--not evidence--of such behavior. The two are very much not the same.

If you have Defender ATP (or maybe Sentinel?) you could look at this from a few angles. My own little trade secret is looking at the intersection of labor law and login counts.

Start with mouse jigglers. This query catches USB hardware jigglers that have become popular on Amazon and AliExpress. The best jiggler is an optical mouse on the face of an analog clock-- impossible to detect without cursor tracking.

Exceptions: This works for now, but don't trust it long-term since it's easy to spoof the IDs once vendors/users catch on.

``` DeviceEvents | extend ClassName = parse_json(AdditionalFields).ClassName | extend VendorIds = parse_json(AdditionalFields).VendorIds | extend DeviceDescription = tostring(parse_json(AdditionalFields).DeviceDescription) | mv-expand VendorIds | where VendorIds contains '\\vid_' and VendorIds contains '&pid_' | where VendorIds !contains '&rev_' and VendorIds !contains "&mi_" | where VendorIds contains "vid_0e90" | where Timestamp >= ago(90d) | where ActionType startswith "pnp" | summarize min(Timestamp), max(Timestamp), count(VendorIds) by DeviceId, DeviceName, tostring(ClassName), tostring(VendorIds), DeviceDescription ```

There are software mouse jigglers too, same caveat as above, and I'm sure there's a million more I don't know about but this one is currently yielding 300+ results for me as-is:

``` DeviceProcessEvents | where FileName contains "jiggle" or (FileName contains "mouse" and FileName contains "move") or FileName contains "caffeine" or FileName contains "amphetamine" | where Timestamp >= ago(90d) | summarize by DeviceId, DeviceName, FileName, ProcessCommandLine, InitiatingProcessAccountName ```

Then you want to look at login counts. My nutshell theory is that labor law mandates employees take 2-3 breaks a day, and per policy (and PCI and NIST and others) employees are supposed to be locking their workstation or seeing it lock itself every time they leave their desk. Ergo, we should see 4-5 logins at a minimum per employee per day (once in morning, once at lunch, and 2-3+ breaks later). WFH is no excuse to not lock the workstation.

Exceptions: You'll come across engineers who eat nothing but Adderall and piss in bottles at their desk. You'll also come across clowns who claim that they're RDPing into their work machine from a personal device; this is verifiable with a separate query but IME these people are usually problematic for other reasons and the RDP excuse is a red flag for OE in itself ("...b-b-but my big screen" is the usual counter). For some reason our network admin's account has 1 login in the last 90 days but I know for a fact he's working; I assume he's using a root account I don't know about on some jumpbox that I can't reach. You'll usually find executives topping the list of lowest login count for reasons other posters have enumerated. Be aware that this will also net people on leave, vacation, holidays, extended illness, etc.

``` DeviceLogonEvents | where LogonType == "Interactive" | where ActionType contains "Success" | where AccountName !contains "$" and AccountName !contains "-" and AccountName != "" | where Timestamp >= ago(90d) | summarize count(ReportId) by AccountName | order by count_ReportId asc ```

Use yourself as a baseline; you'll probably have hundreds of logins while working a varied schedule with a reasonable amount of AFK time. If your own normal working behavior has a score of n, anybody <n provides probable cause for scrutiny.

Despite all this, none of the results are truly actionable in the context of OE, which I'm stating more to address anybody else that comes along since you seem to have a pretty good grip of the situation yourself. Any manager who starts running these queries and axing people based on the results will find themselves on the chopping block in short order.
jstarfish
·3 年前·議論
> I've also considered adding a threshold for payouts (i.e. $50 withdrawal minimum) to help with the reporting aspects.

Do this anyway. You don't want to be paying out every cent immediately to people reposting things that otherwise warrant moderation.
jstarfish
·3 年前·議論
> Promotes [...] speciesism

What the fuck?

> Apologizes for violence towards children.

What is this sub for?
jstarfish
·3 年前·議論
> this is a feature, not a bug...it keeps these people out of the real world and glued to their keyboards where their blast radius is limited to their own echo chamber

This is not preferable. Extremist bullshit is the only product of echo chambers. Eventually it breaches containment and becomes a real world problem.
jstarfish
·3 年前·議論
The person who erected the Georgia Guidestones had a similar philosophy, and engraved his own manifesto for peaceful and sustainable living on slabs of granite as a monument for all to enjoy.

It was recently bombed into rubble.
jstarfish
·3 年前·議論
[flagged]
jstarfish
·3 年前·議論
There was only one live bomb found and he did intend to use it.

> Kaczynski replied Penthouse was less "respectable" than The New York Times and The Washington Post, and said that, "to increase our chances of getting our stuff published in some 'respectable' periodical", he would "reserve the right to plant one (and only one) bomb intended to kill, after our manuscript has been published" if Penthouse published the document instead of The Times or The Post.

Don't do victims of terrorism a disservice by suggesting a mass murderer deserves the benefit of the doubt as to whether he has any qualms about reneging on "deals" made with a society he doesn't respect. His calculus for who got to live and die hinged on factors as arbitrary as nitpicking over which periodical was willing to publish his bullshit. He was a fucking Narcissist to the extreme, who would waste no time coming out of retirement at the next perceived slight.

"Innocent until proven guilty" doesn't apply to the fucking Unabomber. Bombing people is kind of his thing. He proved it, what, 16 times?
jstarfish
·4 年前·議論
He sounds more like a panhandler/grifter than anybody with an actual disorder.
jstarfish
·4 年前·議論
A counterpoint from my own experience:

For me it was like rediscovering caffeine for the first time, which lasted about six months altogether. Then the positive effects waned and it became a self-inflicted case of acid reflux.

Would never describe it as being similar to amphetamines. The most praise I can give it is as "an antidepressant that kinda sorta works."
jstarfish
·4 年前·議論
Brutal Doom was the most intense gaming experience I've ever had, next to playing Hotline Miami for the first time.
jstarfish
·7 年前·議論
That and the fact that Legos have become absurdly expensive.
jstarfish
·8 年前·議論
Mystic Quest came to mind for me too, but I was thinking one of the final bosses takes 9999 damage if you use a heal spell on him. You have to do it a few times to kill him.