If I may present an alternative opinion on cloud outages:
Occasional short reminders of fragility in centralization and smoke-testing of our societal systems with effectively inconsequential events, is important.
There is going to be day gigaoutage culminates, due to lack of minoroutage warnings.
I have talked to an IT admin turned security Principal, who had a 0click 0day deployed on their network. I know the case and CVE, it is real.
What saved them was the attacker encountering a configuration they had just NO idea what to do with.
Attackers are not gods, even if they have the commands.
My coworkers are starting to COMPLETELY rely on ChatGPT for anything that requires troubleshooting And the results are as predictable as you think. On the easier stuff, sure, here's a quick fix. On anything that takes even the slightest bit of troubleshooting, "Hey LegOz, here's what ChatGPT says we should change!"...and it's something completely unrelated, plain wrong, or just made-up slop.
Oof, the sycophancy problem in LLM's + triggering on any irrelevant details you feed them, recently led a P2 problem call down the wrong pathing for hours.
The chatbot is never going to TELL you to step back and ask if this entire inquiry is irrelevant to larger goal.
This is your moat. It's mine.
Someone smarter than me described customer data as toxic waste. Whatever you can't destroy must be buried deep, with heavy security.
Part of the job as a cybersecurity professional is in fact arguing to purge and not log information about your customers.
Data is not oil. It's risk.
Grr, the problem was that we had enabled app instance property lock on all app registrations in our tenant a few months ago. Microsoft creates a P2P Server app reg in every tenant and add certs to the service principal instead of the app reg.
learn.microsoft.com/en-us/entra/...
Thanks! And would the signing key show up as a credential on the service principals in our tenant or is that something that wouldn't be visible to customers?
Support has escalated this to the product group so I'm hoping they get it figured out soon...
Has anyone ever seen this issue before? I have a support ticket open, but that hasn't made any progress yet. It really seems like it's some weird backend Entra cert/key issue.
@awakecoding.com or @syfuhs.net, do you have any ideas?
Having an issue with Windows 365/AVD Entra SSO to session hosts and web sign-in for RDP. All users receive this error when trying to connect.
Sign-in error code: 500032
Failure reason: Cannot find signing certificate/private key to issue a certificate.
If you want to work in security, just know up front it's a thankless job most of the time.
1. People do not understand why it's necessary
2. People will complain about it all the time
3. People will not see the value in your job, unless you get popped, then they will blame you anyway