Oh, lol, looks like Azure DNS is busted right now. That's... gotta hurt.
How’d I notice? I didn’t receive an email to my @FollowStevens address, because my mail server doesn’t talk to MTAs that it can’t reverse the IP address for, which is a great lesson for my students, since we _just_ discussed SMTP and spam protections. 😂
So yeah, “there is no cloud, only other people’s computers” once again.
Also: rule #1 of outage pages: make sure your outage page doesn’t rely on the things it’s reporting outages for.
10 Software Engineering Laws Everybody Loves to Ignore
A Twitter 🧵
1. Conway's Law
Also known as: "You will ship your org chart."
"Any organization that designs a system will produce a design whose structure is a copy of the organization's communication structure."
You may _think_ you can avoid it via cross-functional standup meetings and stakeholder updates and decision matrices, but eventually and inevitably conflicting or diverging priorities will lead to equally conflicting or divergent processes and outcomes.
7 battles #infosec has lost but we keep wasting efforts on trying to fight again and again nonetheless:
1) Users will always click on links in emails.
Stop trying to teach them to distinguish "bad" and "good" links. Instead, focus on ensuring their computer cannot be compromised by visiting a website and phished credentials are time-limited or otherwise useless to the attacker.
2) Users will pick bad passwords that they then reuse.
You can get _some_ users to use a password manager, but you can't enforce good passwords and practices. The only real solution is multi-factor auth, preferably via FIDO U2F and/or biometrics.
A brief Twitter r̶a̶n̶t̶ 🧵 on responsible ticket management, born out of years of frustration:
There's few things as frustrating in a large organization as diligently filing a ticket or reporting a problem only for it to sit there without anybody looking at it until it's closed by some automated job marking it as stale because it hasn't seen any updates in a year.
If you have a product that warrants a ticket queue, then you owe it to your users to manage it just as you owe it to your team to manage their workload.
Proper ticket management helps you set expectations, drive metrics, gain insights, and allow others to rely on you.