A story about what happened when I let go of control while facilitating at a conference.
Administered by:
#lessonslearned
3 posts3 participants0 posts today
Replied in thread
The #LessonsLearned here is probably more around fragility of “just in time” supply chains as it is the corrupt “free market”.
Lessons learned from three of my association leadership transitions: closing down an association, departing, and passing on leadership
Some improv and mindfulness lessons from a five-day improv and mindfulness workshop I attended in Maine in 2016.
Here is my summary of some interesting lessons learned from organizing six scientific online meetings during the COVID-19 pandemic.
https://www.conferencesthatwork.com/index.php/event-design/2021/08/lessons-online-meetings-covid-19
‘I Lost Millions Because I Lost Myself’: Startup Founder Morgan Alexandra Hewett Opens Up About Hard Lessons Learned https://shinemycrown.com/i-lost-millions-because-i-lost-myself-startup-founder-morgan-alexandra-hewett-opens-up-about-hard-lessons-learned/?utm_source=dlvr.it&utm_medium=mastodon #StartupLife #Entrepreneur #LessonsLearned #Investing #StartupFounder
Sara Ford on Learning Agile at Microsoft | by J.D. Meier.
JD Meier · Sara Ford on Learning Agile at Microsoft | JD MeierDiscover how Sara Ford transitioned from traditional waterfall to Agile at Microsoft through mindset shifts and real lessons learned.
Current #Warhammer40K #LessonsLearned
(Pinned post that will be updated)
1. Do not go/deploy too offensive
2. Watch order of units (Immo => Castigator => Paragons/Rest)
3. Don't forget special rules of units (e.g Litanies of Faith)
4. Focus fire more on heavy units like Terminators
5. Don't forget to gain miracle dice
Continued thread
1. Do not go/deploy too offensive
2. Watch order of units (Immo => Castigator => Paragons/Rest)
3. Don't forget special rules of units (e.g Litanies of Faith)
4. Focus fire more on heavy units like Terminators
5. Don't forget to gain miracle dice
6. Surprisingly: Celestians can be worth something, but only with a Hospitaler. They blocked DW Knights, one of the most dangerous melee units. They're more durable than Mortifiers according to Unitcrunch simulations.
My and others' experiences and lessons learned when I facilitated an online workshop using the Gatherly meeting platform.
https://www.conferencesthatwork.com/index.php/event-design/2022/03/online-workshop-in-gatherly
How can you support a community online? Here's what I've learned from the many online meetings I've designed & facilitated.
https://www.conferencesthatwork.com/index.php/event-design/2020/03/support-community-online-covid-19
Customers locked out, transactions missing, and a month of chaos. 
BNF Bank's recent system update in Malta turned into a nightmare. Article analyzes the critical missteps, from potential inadequate preparation to poor communication, offering vital lessons for anyone in tech or finance.
Find out what happened: https://medium.com/@chribonn/bnf-banks-gone-wrong-system-update-3d9b57e5aa29
Medium · BNF Bank’s Gone Wrong System Update - Alan C. Bonnici - Medium
In Los Angeles, creepy weirdos are speedrunning #LessonsLearned from Charlottesville.
In 2022, I ran a workshop on the design of participation-rich events. Here are some lessons learned from this online workshop.
https://www.conferencesthatwork.com/index.php/event-design/2022/05/lessons-learned-online-workshop
Omg, turns out, suggesting things at work comes with a hidden clause: 'You break it, you buy it'. In this case, 'You suggest it, you build it' 
Okay, so I wanted to share a little incident from a few months back that really hammered home the power of knowing your Linux internals when things go sideways. I got a frantic call, "something weird is going on with our build server, it's acting sluggish and our monitoring is throwing odd network alerts." No fancy EDR on this particular box, just the usual ssh and bash. My heart always sinks a little when it's a Linux box with vague symptoms, because you know it's time to get your hands dirty.
First thing I did, even before reaching for any specific logs, was to get a quick snapshot of the network. Instead of netstat, which honestly feels a bit dated now, I immediately hit ss -tunap. That p is crucial cause it shows you the process and user ID for each connection. What immediately jumped out was an outbound TCP connection on a high port to a sketchy-looking IP, and it was tied to a process that definitely shouldn't have been making external calls. My gut tightened. I quickly followed up with lsof -i just to be super sure no deleted binaries were clinging on to network connections.
With that IP and PID in hand, I moved to process investigation. pstree -ap was my next stop. It showed the suspicious process, and more importantly, its parent. It wasn't a child of systemd or a normal service. It was spawned by a build script that shouldn't have been executing anything like this. That hierarchical view was key. Then, to really understand what this thing was doing, I dared to strace -p <PID>. Watching the system calls unfurl was like watching a movie of its malicious intent: it was reading from /etc/passwd, making connect() calls, and trying to write to some odd /tmp directories. Simultaneously, I checked ls -l /proc/<PID>/exe to confirm the actual binary path (it was indeed in /tmp) and /proc/<PID>/cwd to see its working directory. No doubt, this was a rogue process.
Knowing it was a fresh infection, I immediately shifted to the filesystem. My go-to is always find / -type f -newermt '2 days ago' -print0 | xargs -0 ls -latr. This quickly pulls up any files modified in the last 48 hours, sorted by modification time. It's often where you find dropped payloads, modified configuration files, or suspicious scripts. Sure enough, there were a few more binaries in /tmp and even a suspicious .sh script in a developer's home directory. I also scanned for SUID/SGID binaries with find / -perm /6000 just in case they'd dropped something for privilege escalation. And while stat's timestamps can be tampered with, I always glance at atime, mtime, and ctime on suspicious files; sometimes, a subtle mismatch offers a tiny clue if the attacker wasn't meticulous.
The final piece of the puzzle, and often the trickiest, is persistence. I checked the usual suspects: crontab -l for root and every other user account I could find. Then I cast a wider net with grep -r "suspect_domain_or_ip" /etc/cron.* /etc/systemd/system/ /etc/rc.d/ and similar common boot directories. Sure enough, a new systemd timer unit had been added that was scheduled to execute the /tmp binary periodically. Finally, I didn't forget the user dotfiles (~/.bashrc, ~/.profile, etc.). It’s surprising how often an attacker will drop a malicious alias or command in there, assuming you won't dig deep into a developer's setup.
Long story short, we quickly identified the ingress vector, isolated the compromise, and cleaned up the persistence. But what really stuck with me is how quickly you can triage and understand an incident if you're comfortable with these fundamental Linux commands. There's no substitute for getting your hands dirty and really understanding what strace is showing you or why ss is superior to netstat in a high-pressure situation. These tools are your best friends in a firefight.
How do you see today’s world learning from the Abbasid Golden Age? Are we embracing mistakes as catalysts for progress, or do we still treat them as ends in themselves? Share your thoughts below and let’s spark a conversation on the power of knowledge. #SurrealReflections #HouseOfWisdom #IslamicGoldenAge #AncientWisdom #Philosophy #History #Science #Mathematics #Astronomy #CulturalExchange #Enlightenment #Inspiration #LessonsLearned #Discussion
https://medium.com/@sanjay.mohindroo66/illuminating-the-shadows-the-legendary-assembly-that-shaped-a-golden-age-b781cef72e99
Medium · Illuminating the Shadows: The Legendary Assembly That Shaped a Golden Age.
If the #American revolution was the first, the #CivilWar its second, and the #CivilRights the third transgenerational founding, We the People™ are overdue a rekindling of #republicanism, the humanities, pro-social #history, and #LessonsLearned.
I had a bit of an IT meltdown in the last couple of weeks.
I upgraded my home NAS with 2 12Tb drives. Didn't take a backup of the config - just the data. Spent a few weeks rebuilding that and restoring accounts.
My home network, driven by a Ubiquiti DM, shat itself for no reason I can see. My son helped me re-cable, reset and reconfigure everything - including all the IoT devices in the house! It's incredible how many devices are connected!
Finally, I gave up LastPass and tried...something else. Now I'm back to LastPass and manually adding in all of hundreds of unique pwds. I've forgiven them the hack and want to come back.
Overall, the three problems haven't been a lot of fun and, as the house IT admin, it's been good to have my son's skills and advice.
Note to self: backup up settings as well as data.