My apologies for resurrecting a long dead thread, but I just collected the links today because I've had multiple places I wanted to reference them this week.

https://www.cnet.com/how-to/lenovo-superfish-adware-uninstall-fix/
https://www.pcmag.com/article2/0,2817,2477277,00.asp
http://www.zdnet.com/article/lenovo-reportedly-blocking-linux-on-windows-10-signature-edition-pcs/
https://arstechnica.com/information-technology/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/
https://mangolassi.it/topic/11320/pentagon-warns-against-using-lenovo-equipment
https://mangolassi.it/topic/7748/lenovo-screws-the-pooch-yet-again-on-the-security-front
https://mangolassi.it/topic/5751/lenovo-accused-of-using-rootkit-like-methods-to-sneak-software-onto-clean-windows-installs
https://threatpost.com/millions-of-pcs-affected-by-mysterious-computrace-backdoor-2/107700/
https://www.theregister.co.uk/2019/08/23/lenovo_solution_centre_cve_2019_6177/

https://mangolassi.it/topic/14538/lenovo-if-it-s-on-your-network-you-are-breached/50

And a few days later, yet another patched version to fix the broken fix. Isn't security so much fun?

https://community.ui.com/releases/UniFi-Network-Application-6-5-55/48c64137-4a4a-41f7-b7e4-3bee505ae16e

@dashrender said in Lenovo - if it's on your network, you ARE breached.:

@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

@dashrender said in Lenovo - if it's on your network, you ARE breached.:

@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

@gjacobse said in Lenovo - if it's on your network, you ARE breached.:

I'd like to see recent references; everything I have found hasn't been updated / linked to since 2019 about the 2014-2015 incident.

What has changed? Nothing.

Why should anyone keep reporting no news?

Exactly - There's nothing newer because they haven't been caught doing any dirty shit in the past 2-3 years. But at the same time - the same management is in charge, so why would we expect them to do things right?

I just confirmed Superfish is still around because of that laptop from last week that got sent back!

Not sure what you mean?

Of course - if you didn't uninstall the software and didn't update to the newer driver that removed Superfish, then it will still be around - just like the millions of machines that never get updated and have Melissa still running around the internet (ok maybe not millions today).

This was a laptop manufactured April 2021 from the factory. So I really don't care if there are alternatives available. Lenovo has proven to lie about it so often already that it's to much of a risk, and legal liability.

@dashrender said in Lenovo - if it's on your network, you ARE breached.:

@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

@gjacobse said in Lenovo - if it's on your network, you ARE breached.:

I'd like to see recent references; everything I have found hasn't been updated / linked to since 2019 about the 2014-2015 incident.

What has changed? Nothing.

Why should anyone keep reporting no news?

Exactly - There's nothing newer because they haven't been caught doing any dirty shit in the past 2-3 years. But at the same time - the same management is in charge, so why would we expect them to do things right?

I just confirmed Superfish is still around because of that laptop from last week that got sent back!

@pete-s said in Best practice MFP scanning to email for M365 shop?:

@dashrender said in Best practice MFP scanning to email for M365 shop?:

@gjacobse
what brand MFPs are those?

My Canon's do fine with 1.2 to MS.

Do you set up the MFP with credentials from a M365 user?

Yep, need a licensed account, and the lowest priced one doesn't work. I forget what it's called at the moment, but you need a license that includes the local apps.

@wrcombs said in Windows 11 auto upgrade?:

Has anyone noticed an uptick in Windows10 auto upgrading to Windows11 due to windows updates?
Seeing this with many Back office PC's where they "leave at the end of the night and it's windows10 and the come back and it's windows 11"

Just curious if were the only one's seeing this

I haven't seen this yet.

It's likely just a matter of time, weather through user ignorance, Microsoft behaving badly, or both.

@garak0410 Try going into each AP and disabling all un-needed features. We've had a lot of trouble in the past year with meshing getting turned on after a controller update. Causes the APs to attempt routing between each other instead of the wire they're plugged into. Creates a network loop that packets never escape from.

@jimmy9008 said in VDI Options - Modernization:

@travisdh1 said in VDI Options - Modernization:

@jimmy9008 said in VDI Options - Modernization:

@scottalanmiller

I get what ya'll are saying but thats just not how it is here. My options are replace what is there with new, or keep what is there and let it grow older.

I'll keep looking at options on my own, but thanks folks.

If you just want to buy a solution without doing your homework to figure out what's right for the business, just get new servers and keep paying the crazy license fees for VMWare/Citrix (I'm assuming you've got the HA VMWare license.)

Without knowing what apps are running in the VDI, all we can do is generalize.

Are you stuck with VMWare and/or Citrix because of management? Big cost savings in moving away from those, even if you keep paying for support IE: Scale or Starwind

More details would be needed to make any solid recommendations.

I am more than capable of being able to appraise solutions to meet our business needs. My question was asking for a list of solutions "What would you suggest we look at?", not to be told to not look at VDI as its wrong. I'll decide that. I was hoping the community could point me to solutions, vendors, resources which you have used and had experience of. I see the people on here as experienced so wanted to ask here, I should have just looked at g2.

Well, I think @scottalanmiller already explained much better than I ever could that VDI Modernization is a contradiction in terms. If you're stuck using VDI, then you by definition are not modernizing.

As to different platforms to run it on, that's why I suggested Scale or Starwind to run the Citrix solution.

@scotth said in Outage - Armstrong in N-Western PA:

Could easily be.
I'm not sure (maybe Windstream -- ugh) is the next hop up from one of our sites in NE Ohio and they were down all day Monday.
Some odd behavior with our cell service lately too. We have dead spots where we have never had issues before. Verizon, in this case.

The storms that came through earlier this week wrecked havock on infrastructure in NE Ohio. We still have roads closed and people we know are not due to get power restored till this weekend.

At work I've cleared a record number of tickets this week because we had so many outages.

@gjacobse said in ManageEngine: Desktop Central - MFA:

@scottalanmiller

It is a gas soaked bonfire waiting for a match.

Fixed that for you.

@Fredtx said in 2 disks or 1 disk with 2 partitions for new VM?:

@scottalanmiller It's amazing how different types of technology has been around for some time, and people act like some of this stuff is new. Like touch screens for example, everyone was so amazed at them, yet they had been around for years in grocery stores. lol.

We were using CRT touchscreens in the mid 90s in high school.... they've been around a long time for sure!

@openit said in SUSE Manager for managing CentOS and SUSE servers.:

Hi there,

Anyone of you ever came across SUSE Manager?

While it is saying open source and it is letting to download evaluation copy with subscription key on email?

I believe SUSE Manager kind product I'm looking, especially for patching CentOS and SUSE servers.

Any clue?

Why not use Ansible or Salt?

Have you looked at MicroSIP?

@scottalanmiller said in Eero Inquiry:

@stacksofplates said in Eero Inquiry:

@Dashrender said in Eero Inquiry:

@dbeato said in Eero Inquiry:

@WrCombs You cannot hide your SSIDs on Eero. You also have a limit of your Main SSID and Guest Network. It is geared for Home and really small environments.

https://support.eero.com/hc/en-us/articles/214588166-Why-can-t-I-hide-my-network-SSID-with-eero-

Why Eero over Ubiquiti? Business versus consumer. Does the pro version have APs with wired connections?

Prob because management is much easier. I ditched my APs and edgerouter for a single Amplifi which I can update and control from my phone. My mom has a Deco setup and it works very similarly and is great as well.

Easier if you do it yourself. But if you have a support company, I think the Unifi is easier. The Eeros always made for a lot of extra work when we had to deal with them.

At a former job, we had an Amplifi system that caused ~8 hours of un-needed billable time. If it would have been a UniFi system, we could have fixed it without the site visits.

@scottalanmiller

I've heard of them, but never actually had hands on one. That said, I'd jump at the opportunity to use anything other than a NUC.

The NUCs are just a pain. Too many warranty claims (like 8-10% of new units out of the ~150 I deployed over 2 years). To make matters even harder, the OEM only warranties RAM/storage. So you have two different companies you have to deal with warranty repair/replace issues with.

@Pete-S said in Any Experience with BeeLink Mini PCs?:

@travisdh1 said in Any Experience with BeeLink Mini PCs?:

The NUCs are just a pain. Too many warranty claims (like 8-10% of new units out of the ~150 I deployed over 2 years). To make matters even harder, the OEM only warranties RAM/storage. So you have two different companies you have to deal with warranty repair/replace issues with.

That's a lot. Intel usually know what they're doing when designing PCs.

I've never had to RMA any of them but I've not deployed as many as you have.

Is it just one kind of failure or is it different?

All types. Some storage/ram, some motherboard/cpu. What makes it such a pain is that Intel doesn't actually sell a complete system, which means playing vendor roulette whenever something does go wrong.

@Sawyer said in Raspberry Pi Zero W Bought for Testing:

I ordered Raspberry Pi zero W from https://robu.in/product/raspberry-pi-zero-w-with-raspberry-pi-zero-w-accessories-kit/.
What exactly does the NOOBS Software do?

NOOBS sets up your choice of OS for you. It's not needed, but is handy if you don't have another computer to setup an OS.

Also, if you have these sorts of questions in the future, just make a new thread.

DBAN covers just about any data wiping requirement, and it's free.

@scottalanmiller said in Running X11 - Ubuntu 22.10 - Should I care?:

@dafyre said in Running X11 - Ubuntu 22.10 - Should I care?:

AFAIK, Even VNC doesn't work on Wayland yet.

Nor does MeshCentral

Really? Now I need to go try that when I have a minute.

@travisdh1 said in Running X11 - Ubuntu 22.10 - Should I care?:

@scottalanmiller said in Running X11 - Ubuntu 22.10 - Should I care?:

@dafyre said in Running X11 - Ubuntu 22.10 - Should I care?:

AFAIK, Even VNC doesn't work on Wayland yet.

Nor does MeshCentral

Really? Now I need to go try that when I have a minute.

I just confirmed that mine is working on the default Fedora 37 desktop using both Firefox and Chromium.