this post was submitted on 02 Dec 2025
1766 points (98.6% liked)

Programmer Humor

27624 readers
1395 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
anzo@programming.dev
Feyter@programming.dev
BurningTurtle@programming.dev
pylapp@programming.dev
1766
Zero Trust Architecture (europe.pub)
submitted 1 day ago by cm0002@mander.xyz to c/programmer_humor@programming.dev
212 comments fedilink hide all child comments
top 50 comments
sorted by: hot top controversial new old
[–] tino@lemmy.world 19 points 12 hours ago

We're missing the most important rule here. Did the nephew open a ticket?

[–] Bosht@lemmy.world 18 points 15 hours ago (2 children)

I legitimately can't tell if this is a joke or some dude trying to do a humble brag post on LinkedIn. So many 'look what I can do' posts on that damn site.

[–] FunkFactory@lemmy.world 1 points 2 hours ago

No one that serious about network security wouldn't already have a network dedicated to untrusted devices relatives could use. Definite joke, still entertaining 😂

[–] Sunsofold@lemmings.world 1 points 7 hours ago

LinkedIn is Poe's Law for corporatism made into a lifestyle.

[–] Redredme@lemmy.world 54 points 19 hours ago (3 children)

Guest vlan? Smart.

Blocking 80/443 knowing all to well everything depends on those: evil.

Throttling to 56k: the original original poster just being a dick.

Took 45 minutes: Maybe find another job. You're not good at it.

Conclusion: The sister was right. Evil incompetent dick.

[–] Taleya@aussie.zone 1 points 7 hours ago

I mean fuck me, i can build an entire bespoke DDU from bare metal to cool down in less time than that.

[–] andioop@programming.dev 7 points 12 hours ago

I have a feeling this is satire, and I'm usually the type of person to miss the joke and think it's genuine

[–] tetris11@feddit.uk 22 points 19 hours ago* (last edited 18 hours ago) (1 children)

Took 45 minutes: Maybe find another job. You’re not good at it.

Bit harsh.

The OpenWRT guest wifi guide isn't a simple switch like you would get on your OEM router, but involves manually setting up a bridge device, a new firewall zone, and a new AP on one of your radios.

This can take some time if you want to do things the right way. 10 minutes to setup with no extra config steps. Add another 10 if you need to move around your firewall rules, and another 20 for random debugging.

https://openwrt.org/docs/guide-user/network/wifi/guestwifi/configuration_webinterface

Although, you set it up once. After that it's just a checkbox.

[–] nibbler@discuss.tchncs.de 18 points 18 hours ago (1 children)

and of course you need to tag the new network on all your switches, routers, APs... not to forget testing and integration in your monitoring system. 45 minutes is absolutely fine.

[–] tetris11@feddit.uk 3 points 16 hours ago

Oh true , hadn't thought about that - I just assumed it was a single device

[–] jj4211@lemmy.world 4 points 14 hours ago

I feel like when 'Zero Trust' first became a thing, the theme was 'you should have every endpoint under your control hardened so it need not feer untrusted peers being able to connect'. E.g. if you think you absolutely need VPN to a 'private network' for security, then you are failing to be hardened in a 'zero trust' way, because you implicitly fear that your systems would fall to untrusted peers.

I feel like it's evolved to 'don't let anything be able to connect to anything under your control unless you have admin privilege over it as well'. Which is particularly a nightmare when you try to collaborate between two companies, each balking at the other's hard requirement to have admin access to all network peers of interest.

[–] termaxima@slrpnk.net 237 points 1 day ago (2 children)

The real question is : Why did you invite anyone over, before having a guest VLAN set up ? Classic beginner mistake.

[–] squaresinger@lemmy.world 10 points 19 hours ago

Sounds like the network people at my company. They are asking us to spend more time in the office, but they don't provide enough desks, they don't provide working wired LAN and they only provide semi-working Wifi. All with proxies that don't work and filters that don't let me access the webapp I am supposed to maintain, which is blocked for "being a commercial website". Thanks, I know, I have to program that crap.

[–] Agent641@lemmy.world 70 points 1 day ago (5 children)

I have two seperate guest VLANs, one for my family, and one for the people I love.

load more comments (5 replies)
[–] blinfabian@feddit.nl 9 points 20 hours ago (1 children)

what a dick move tbh. i get ya wanna be secure, but why not just let him do his thing on that alternate network?

[–] nibbler@discuss.tchncs.de 16 points 18 hours ago

guess this is satire. zero trust and byod mix well, just isolate from your shit and you are done. block port 25 outgoing and known c2 IPs to not taint your IP.

[–] lorski@sopuli.xyz 24 points 1 day ago (1 children)

Kid should be learning social skills at a family party.

[–] luciferofastora@feddit.org 11 points 22 hours ago (1 children)

As a former kid struggling with social skills, I think that would've done me some good. It's easy and convenient to fall into avoidance behaviour, but overcoddling did me no favours.

[–] Notyou@sopuli.xyz 2 points 8 hours ago

I was told overcoddling reduces resiliency. Parents always coming in to fix things without letting their kids try to solve it on their own. The kid may fail but the act of trying and figuring out why it failed helps greatly. Most parents just "don't want to see their kids upset" though.

Take it with a grain of salt, as I don't have any kids.

[–] nonentity@sh.itjust.works 8 points 20 hours ago

This is just Uncle BOFH.

[–] northendtrooper@lemmy.ca 359 points 1 day ago

Guys a madman, didn't even ask for a ticket.

[–] Agent641@lemmy.world 66 points 1 day ago (1 children)

45 minutes setting up an alt vlan?

Was he getting paid by the hour?

[–] captain_aggravated@sh.itjust.works 39 points 1 day ago (4 children)

The experience of managing a consumer-grade LAN appliance:

Open web browser

Start typing 192.168.0.1

It auto-inserts 192.168.0.12 because that's the IP address of your NAS, and you've logged into it to adjust something at some point in the last six months. You register it has done this as you're releasing the Enter key.

click Back.

Type the IP address again, this time carefully deleting the 2 it oh so helpfully inserted.

Wait 3 to 5 business weeks while the 16-bit ARM microcontroller they put in these things serves a web page like old people fuck. It loads to a completely useless stats page that has no information that anyone has ever needed to know.

Click LAN Setup.

Wait 3 to 5 business weeks while the 16-bit ARM microcontroller they put in these things serves a web page like old people fuck.

Parse the wall of acronyms before you, click the link that says DHCP.

Wait 3 to 5 business weeks while the 16-bit ARM microcontroller they put in these things serves a web page like old people fuck.

It continues in that fashion until you get what you need done or your network stops working and you have to get a pen and press the Reset button on the back of the device.

[–] Taleya@aussie.zone 1 points 7 hours ago

It auto-inserts 192.168.0.12 because that's the IP address of your NAS, and you've logged into it to adjust something at some point in the last six months. You register it has done this as you're releasing the Enter key.

I avoid this by having my router interface on 1) a double digit IP. And 2) a non-standard port

[–] Ricaz@lemmy.dbzer0.com 4 points 20 hours ago

IT professional doesn't have local DNS? LOL

load more comments (2 replies)
[–] Lucidlethargy@sh.itjust.works 47 points 1 day ago (3 children)

Lol wtf? Why even spend 45 minutes doing that if you're going to completely block those ports?

Just tell him "no".

[–] Taleya@aussie.zone 1 points 7 hours ago

Throtting and port blocking is for housemates who pissed you off, not nephews.

[–] mojofrododojo@lemmy.world 25 points 1 day ago

"oh I'm trying to fix it just give me a few more minutes away from everyone" lights joint

load more comments (1 replies)
[–] mavu@discuss.tchncs.de 26 points 1 day ago

I'll admit it. I can feel that vibe and I don't totally disagree.

[–] apotheotic@beehaw.org 254 points 1 day ago (9 children)

Allowing children on roblox is negligence at this point so I think this is unironically in the right

[–] MisterFrog@aussie.zone 2 points 15 hours ago (2 children)

The American use "ironically" is probably the only difference between our dialects that I'll stand firm on.

My friends, we already have a use for the word, and it's not this!

I'm all about linguistic innovation, but using "unironically" in place of "seriously" and "ironically" in place of "sarcastically"/”not seriously" is not happy times for me.

Unless you give me a new word for irony.

I quite like y'all, I use that all the time, not against Americanisms in general, just this one.

[–] apotheotic@beehaw.org 3 points 12 hours ago

To me, the original post was riddled with literary irony - they were saying things whose words meant one thing but the overall post was actually making fun of the ideas the words were presenting.

My comment serves to state that I agree with the point the words are making and not the meaning through the lens of irony. Ie, unironically.

Cambridge dictionary 2nd definition of ironyirony noun [U] (TYPE OF SPEECH) the use of words that are the opposite of what you mean, as a way of being funny

I respect the pushback though. I have similar gripes with "sarcasm" being used when "irony" is correct and vice versa.

[–] Quill7513@slrpnk.net 1 points 15 hours ago (1 children)

hey don't blame us, we learned it from the brits

[–] MisterFrog@aussie.zone 1 points 15 hours ago

Oh interesting, I hadn't noticed that!

[–] UnderpantsWeevil@lemmy.world 165 points 1 day ago (9 children)

Deleting Roblox and installing Factorio

You'll thank me when you're older, kid.

load more comments (9 replies)
load more comments (7 replies)
[–] bizarroland@lemmy.world 66 points 1 day ago (2 children)

What idiot IT specialist does not run a segregated VLAN for guest wifi access? That is just rude.

load more comments (2 replies)
[–] ilinamorato@lemmy.world 173 points 1 day ago* (last edited 1 day ago) (35 children)

I've only ever met two types of IT professional. Either:

  • Their home network is immaculate and smooth as butter. It connects quickly and integrates with everything. They can manage it all from their phone, but they don't have to because it's all automated. Their server room (a) exists and (b) is cable managed. There's a wireless access point and connected smart speaker in every room, including the garage and the back patio, but they're carefully located for maximum sound coverage and to prevent signal interference. Their home theater is substantially better than a movie theater, and their media server is packed to the gills with content. Network security is hardened, with bespoke subnets for every user and tunneling for the media server and smart home functions. You feel a sense of calm and ease when connected to their network. "Everything I do at work, I try out at home first."

Or:

  • Their "home network" is a single Belkin router from 2011. They've had it since college, and it takes 9 minutes to reboot (which they have to do daily). It doesn't even have Tomato on it and still uses the default password. They still watch OTA TV and Blu-Rays, so the wifi is exclusively connected to the smart switch that their tea kettle is plugged into so they can start their hot water before they come downstairs. You feel guilty even asking for the wifi password. "Why would I do any network stuff here? I do IT all day at work, the last thing I want to do is even touch a Cat5 cable at home."
load more comments (35 replies)
[–] imetators@lemmy.dbzer0.com 6 points 21 hours ago

How about running guest WLAN?

[–] W3dd1e@lemmy.zip 119 points 1 day ago (26 children)

I’m very against Roblox. I know a kid who had a really hard time with online predators and a lot of it stated with Roblox. He’s 19 now. He and I were talking about it recently.

Parents think Roblox is like Minecraft bc of the aesthetics of the game. But, Roblox is not a game with a chat feature, it’s a chat room with some games. That’s a big difference.

They have 380 million users. Around 60% of the user base is under the age of 16. 40% is under the age of 12. That’s 152 million mostly unmonitored kids.

I’m sure Roblox has gotten better moderation during that time, but in our experience predators meet kids on Roblox and get them to exchange Discord or other contact info with them.

Discord is also a problem here, but that’s for another rant in another thread. If you are concerned about your kids and want to discuss it with me, feel free to message me.

TLDR: DO NOT LET YOUR KIDS PLAY ROBLOX unless you are actively monitoring the game.

[–] Darkassassin07@lemmy.ca 92 points 1 day ago (1 children)

I’m sure Roblox has gotten better moderation during that time

Quite the opposite.

https://en.wikipedia.org/wiki/Roblox%E2%80%93Schlep_controversy

load more comments (1 replies)
load more comments (25 replies)
[–] xxce2AAb@feddit.dk 167 points 1 day ago (4 children)

"Are you nuts kid? We don't use wifi around here. I unsoldered the antennas of my router, just in case."

load more comments (4 replies)
[–] pewpew@feddit.it 57 points 1 day ago (2 children)

Ok but 56kbps is just evil

load more comments (2 replies)
[–] Sergio@lemmy.world 109 points 1 day ago (17 children)

Simple solution: log the kid into your neighbor's wifi.

load more comments (17 replies)
load more comments
view more: next ›