Wiki Idea Shot Down
-
PHP ranked one of the more secure languages for web development: https://gcn.com/articles/2014/04/24/programming-language-security.aspx?s=gcntech_250414
-
@scottalanmiller Well that is interesting. So any idea what these vulnerability scans were he said he ran that kept giving up php as the culprit?
-
@jmoore said in Wiki Idea Shot Down:
@scottalanmiller Well that is interesting. So any idea what these vulnerability scans were he said he ran that kept giving up php as the culprit?
Probably old versions of PHP that needed to be updated 10 years ago. Another example of "keep your shit up to date."
-
I didn't read every post here, but your boss is wrong. An internal wiki is a fantastic way to document and i have no idea what he's talking about. It sounds like you're in a similar position as I am where all logic is discarded for seemingly no real reason.
-
@jmoore said in Wiki Idea Shot Down:
@scottalanmiller Well that is interesting. So any idea what these vulnerability scans were he said he ran that kept giving up php as the culprit?
Given everything else described, it is pretty safe to assume he's either just making it up or is not properly maintaining his system and the results are actually telling you that you have a security problem in your IT management.
-
@scottalanmiller said in Wiki Idea Shot Down:
@jmoore said in Wiki Idea Shot Down:
@scottalanmiller Well that is interesting. So any idea what these vulnerability scans were he said he ran that kept giving up php as the culprit?
Given everything else described, it is pretty safe to assume he's either just making it up or is not properly maintaining his system and the results are actually telling you that you have a security problem in your IT management.
I'm guessing something like Nessus. We have a couple appliances with web interfaces that we can't update and they show up on scans. It's nothing you can change and means nothing about PHP. Anything is a vulnerability if you don't maintain it.
-
@stacksofplates said in Wiki Idea Shot Down:
I'm guessing something like Nessus. We have a couple appliances with web interfaces that we can't update and they show up on scans. It's nothing you can change and means nothing about PHP. Anything is a vulnerability if you don't maintain it.
Purely Windows here too btw
-
@scottalanmiller said in Wiki Idea Shot Down:
Given everything else described, it is pretty safe to assume he's either just making it up or is not properly maintaining his system and the results are actually telling you that you have a security problem in your IT management.
Ok well thought id ask just in case you know
-
@wirestyle22 said in Wiki Idea Shot Down:
I didn't read every post here, but your boss is wrong. An internal wiki is a fantastic way to document and i have no idea what he's talking about. It sounds like you're in a similar position as I am where all logic is discarded for seemingly no real reason.
Yeah thanks, I thought it was a good idea too. I have one at home and like mine so maybe there is some disconnect somewhere that he thinks it does something else
-
@stacksofplates said in Wiki Idea Shot Down:
@scottalanmiller said in Wiki Idea Shot Down:
@jmoore said in Wiki Idea Shot Down:
@scottalanmiller Well that is interesting. So any idea what these vulnerability scans were he said he ran that kept giving up php as the culprit?
Given everything else described, it is pretty safe to assume he's either just making it up or is not properly maintaining his system and the results are actually telling you that you have a security problem in your IT management.
I'm guessing something like Nessus. We have a couple appliances with web interfaces that we can't update and they show up on scans. It's nothing you can change and means nothing about PHP. Anything is a vulnerability if you don't maintain it.
AnyONE is a vulnerability if they don't maintain their systems. The risk is the person.
-
@jmoore said in Wiki Idea Shot Down:
@wirestyle22 said in Wiki Idea Shot Down:
I didn't read every post here, but your boss is wrong. An internal wiki is a fantastic way to document and i have no idea what he's talking about. It sounds like you're in a similar position as I am where all logic is discarded for seemingly no real reason.
Yeah thanks, I thought it was a good idea too. I have one at home and like mine so maybe there is some disconnect somewhere that he thinks it does something else
Yeah, that kind of makes it worse if he doesn't know what a wiki is, right?
-
@scottalanmiller said in Wiki Idea Shot Down:
Yeah, that kind of makes it worse if he doesn't know what a wiki is, right?
Lol well I'm sure he knows, he is a smart guy. i just meant that he might not be aware of the capabilities with all of the extensions and things. Wikimedia is quite nice software.
-
@scottalanmiller said in Wiki Idea Shot Down:
AnyONE is a vulnerability if they don't maintain their systems. The risk is the person.
You remember my post about doing Windows updates right? Where I asked departments to put in work orders so I could keep their systems up to day on a regular schedule and have documentation in the ticket system that it was done. This is the same person that said no to that. I have learned from dealing with Wordpress and everything else on my websites how important to stay as updated as possible. I carry this thinking with me to my work too
-
@jmoore said in Wiki Idea Shot Down:
@scottalanmiller said in Wiki Idea Shot Down:
Yeah, that kind of makes it worse if he doesn't know what a wiki is, right?
Lol well I'm sure he knows, he is a smart guy. i just meant that he might not be aware of the capabilities with all of the extensions and things. Wikimedia is quite nice software.
He's a smart guy and yet makes the wild claims he's been making? While everyone is an "idiot about something", these are pretty basic and weird thinks he things he can get away with saying. It's not a good indicator.
-
@scottalanmiller said in Wiki Idea Shot Down:
While everyone is an "idiot about something"
That's comforting
-
@jmoore said in Wiki Idea Shot Down:
@scottalanmiller said in Wiki Idea Shot Down:
AnyONE is a vulnerability if they don't maintain their systems. The risk is the person.
You remember my post about doing Windows updates right? Where I asked departments to put in work orders so I could keep their systems up to day on a regular schedule and have documentation in the ticket system that it was done. This is the same person that said no to that. I have learned from dealing with Wordpress and everything else on my websites how important to stay as updated as possible. I carry this thinking with me to my work too
Right, if that's the case, that definitely eliminates the possibility of being a smart guy. Unless it's intentional sabotage, in this case I think "not smart" is the lesser of the available options. If he is actually smart yet making this obviously false claims and intentionally putting the organization at risk... you've got some major problems.
-
I'd really ask yourself if there is actually evidence that he is smart, or is it not more likely that he's just good at playing the political game and has a position of authority for possibly less than ethical reasons? None of us know him, we only know him through your descriptions. But basically every thing said about him sounds like "holy cow, this guy is clueless and I'd not keep him as an intern" then suddenly "he's a smart guy" kind of sticks out as not matching the description we've been getting thus far. A well meaning blundering buffoon, sure. That's how he sounded until then. Now it sounds like maybe he's setting up a heist or a network hostage situation.
