 Tom here from Lawrence systems welcome to vlog Thursday 328 I like saying Azure Bing bang because it's fun. So it's a topic. We'll talk about in a moment I wanted to start the vlog out though with where I'm gonna be in when so the where and whens are still MSP geek on so I'll be at that on the 23 days from now may 21st through the 23rd and then I'm actually this happened Jason Slagle who's been on this channel before we did the video about hacking along with cyber Matt Lee and We're going to be speaking at it nation secure He submitted a talk So if you're looking if you're gonna be at it nation secure or MSP geek on those are two places that I will physically be during certain dates at Certain times that you are more than welcome to come say hi to me So I will throw those out there I have a guest today because this question has come up a few times about hey Tom Can you bring other staff members on night? I have no requirements to my staff It is completely up to them if they would like to come on some people like to be on camera Some people absolutely do not like to be on camera I'm gonna say that Jeremy's somewhere in between and so let me bring him up. How's it going Jeremy? Howdy, how's everybody doing today? It's uh, it is actually a nice day here in Michigan. So that's like it's to go outside I can see some sunlight. We have like a week of really nice weather and then I got cold again. Hopefully it evens out Yeah, is Let me know I see Travis Travis is also a staff member here. Travis is among the people that do not want to be on there Let audience let me know if Jeremy's quiet because you actually sound a little bit quiet. I don't We can I can fiddle with my levels if need be yeah, Jeremy's actually quite into audio stuff But I figured I'd bring them on why not come hang out with us a little bit And there's more people than just a few people you've seen so Eric and Steve have been on here several times I don't know if Kyle's been on I Miles was in Miles is a 3d printer video with me once He's Miles is a resident 3d printer guy. Okay. They said you sound great perfect So it's the easiest ways I just ask the audience like you know, we're doing it live and then But the question people have for me a lot they'll start throwing windows questions at me and I am Bad at windows. I can muddle my way through things in windows I understand conceptually how everything works in windows this guy knows exactly how things works in windows So what would you describe some of your tasks are here at Lawrence systems? Well generally if somebody calls in with general windows issues I try to help them if they have any Misconceptions or major misconceptions. I try my best to correct them or you know more often than not sometimes someone will go Hey, I have this really neat idea that is just going to blow a huge hole in my foot Will you do it for me and then I go well hold on let's point that gun away from the foot and let's talk about this Yeah, so generally I just try to prevent people from making you know Misconfiguration issues and generally the default issues that seem to cause problems And you also help do the domain migrations and stuff. Oh, yeah domain migrations exchange migrations M365 setups Azure setups a little bit AWS if it ever comes up, so you know, I don't want to undersell it But generally if it touches Microsoft, it's in my lap at one point or another If not, we're throwing it to him Right along and if I have to figure it out as I go along then so be it I'm good at googling Yeah, well, you know, and that's a lot I think that's one of those things that you you have to be good at googling to be a technician You just can't know it all and with Microsoft especially it's a moving target because what worked in last version They may have moved or changed parameters around in current version. So Yeah, we still come across issues where there are things set like in Microsoft 365 They have the legacy interface, which is this old depreciated interface that they do ever they used to do everything through And there are sometimes settings in the legacy interface that impact the current interface But are not replicated into the current interface So sometimes you'll have to diagnose issues by going back into the legacy configurations that technically should have replicated over But in a lot of instances don't so you're sort of going back through settings in menus that are years old That should be somewhere what they're not so, you know, sometimes you have to hunt things down And and as coincidence would have it so I do feedback by telling people to email me vlog Thursday at learn systems calm The quiet there is a question that came in today and it's a windows question. So Well, it's something actually I think you talked about working on today or getting prep work for It says I was hoping you can have some time to do a tutorial to make ad work with pf Sense an open vpm with the certificates. Isn't that what you guys were looking at is setting up a radius server? Yeah, I actually set up the radius server yesterday and we were going to try to get the integration working Or at least get it started this afternoon. So good timing. Yeah, kind of what we do internally here is I like these staff to have time to test things Jeremy is not a pf at sense expert, but Dear Eric is and so is Steve. So the two of them all kind of work together sometimes to sort out some of the problems and Come up with ways to do it. I also want to make some tutorials on it And I'm not particularly good at it. So when you guys are done, some of this will be more data that we have a tutorial Hey, I see Jason Jason Slegal has Joined the chat He's not wrong radius is fairly simple. Yeah, so the Me and Jason worked it we're work together on projects. He was just respond to me We have we actually pass between Jason's company CNWR my company we passed projects back and forth So that's been it's been fun doing doing all of that That's what in me and Jason if I don't Jason join the beginning or not But he's the Jason that I'm doing the talk with it it nation secure Jason did the submission Roped me and Matt Lee into it. So we're along for the ride, but I guess that means we have to stand up on stage and do stuff Fun so what else is I think the other project we're working on to is and I just haven't gotten around to it myself but we have that extra true nas server and we're gonna tie together the true nas 80 to make a 2023 version I've got an old tutorial on my channel for 80 integration with it but I think there's a lot that's changed and it's a But it's a lot of change and I think that's something I want to dive into and I'll probably bring Jeremy along For that one too like to help me document it I don't mind being to want to present it, but there's if you want to know what goes on behind the scenes and Don't make the assumption that Tom's super smart I just hired some really smart people and I look at what they do and then I talk about it on my channel That's There's those would you would you say that sounds about accurate for me? I mean there are some things where I won't even dare to try to keep up with you And there are other things where I'm just like this time wrong. Yeah, Tom's wrong. Okay So, you know, just like everybody there's certain things I'm good with but I mean clearly, you know, it's me versus you you win I see Jason just got here. He's got a bail soon as she's got a smoldering dumpster for it. Yes I know he's been dealing with a dumpster fire all morning. That's a whole nother chat thread we have Cool that I there I didn't turn off my slack so I got these slack noses coming from Jason So we gotta prove to Bill and a client for a bunch of stuff. So Let's see. Oh My voice went up and down One of the other things I'm gonna talk about though and let's bring this up because that did you get a chance to read this This is a biz bang. Yeah. Yeah Now this is wild and this is something you may not know So the people over at whiz security, they know where the bodies are buried because they're former Microsoft people They're the former cloud engineers. They left informed the company So what better company to poke at than your ex-employer? Because you know what wasn't fixed is I think the so they went through and This is just Crazy, I don't know why this is not a more popular article I got popular when I shared it on LinkedIn, but I'm like, you know Let's go ahead and dive a little deeper into this because this is one of those things I know the cloud is scary, but guess what it's not going anywhere The Azure AD integrations are going to continue to happen This is just where Microsoft is pushing it if you're dependent on Microsoft This is and if you work in the enterprise space at all, this is what you're gonna have to deal with But what's crazy is these people were able to find some flaws that allowed them to take over being it's just That's scary to me. They're basically able to inject because they're from my understanding there is There's a UI that basically is like the Bing backend for your user account and it can take a reference to particular search queries The default Bing search page things like that and basically injects that into your session And what there was allowing them to do is basically take that and inject data into searches And it allowed them to do a whole lot more than that. That was just the example. They came up with Yeah, essentially they got into what you could call Microsoft's management dashboard And I like that they chose this as a big target, but this is the part that's interesting is like hey We got your attention. We took over your Bing thing you're doing over here So let's talk a little bit more about how that works and essentially it's a way that they're breaking the boundaries What should be locked down tenants? I think what is that one Microsoft? It's is it the Cosmo DB system that they have is that what it's called I think it's called Microsoft Cosmos. That was listed in a Big security flaw they patched like just a couple years ago and it's the same thing Someone was able to prove you can get into other tenants They they broke some of the boundaries and Microsoft had a flaw in this and this is where things get really Aggravating and we're gonna need in a better way to handle this. Did you know Jeremy? There's no CVEs for cloud flaws No, I didn't Yeah Yeah, so it's kind of interesting when you find a flaw in there You can report it and they may have you know different bug binary programs and reporting methodologies Which they did Microsoft fixed all this by the way But what I didn't realize was there's not a CVE sign to it because they don't have a normal system as of yet that will Assign CVEs to cloud so when you find these egregiously bad Misconfigured problems of things and you're able to take over a power automate blog and Cosmo Cosmo a file management system for Managing over four exabytes of Microsoft internal data Yeah, what you're able to take over these things you'd like. Oh, so You know, what's the CVE for this and we can let people know this is actually the cloud people don't want it Because there would be a CVE that we could track in the news and that would be a problem for them publicity wise anyways because every company You know takes the hit when there's a big CVE with their name on it because then it's a very it's a Very SEO targeted number CVE blah blah blah. Yeah, that was us. We did that thing. You can't do that with a Cloud system. So this kind of gets swept under the rug, which I think is really gonna be a problem in the future for security. So Absolutely Generally accountability keeps everybody accountable, you know visibility makes, you know Was it everything comes out in the sunlight or all the dirt comes out in the light or something like that? Yeah, no visibility No accountability Yeah, and I think it's if I point at for example, someone asked me what I thought about like sell and like sell it's not about that a company has CVE's to bigger the company is the more popular company is You're gonna find stuff broke. That's just an acceptance like hey, if you write complicated code, you're gonna find broke But what did they find was it a buffer overflow? Was it some type of unsanitized input? Those are you know those happen or were they hard coding credentials? And I like that I can point at my reason for not liking Zike sell and several other companies was they've hard coded credentials Inside their devices and thought no one would notice and I actually don't think it was for nefarious reasons I think it was for stupidity reasons because when I read the write-up of why they did it They just thought it was easier to put a password in so they could get into update things and they're like You didn't think anyone to find it That was the dumb answer for the hard coded back door But there's a CVE I could point to where people can find it There's people who did write-ups on it I can tangibly and by the way they have a history of doing this not just once but several times and when a company has a history of Yeah, we keep putting credentials in our system. You just have bad coding practices at this point Yes, see what's funny is in this case It's sort of a similar thing because it is sort of a code problem But quite literally there's there's a field in there. That's the your sign-in audience it's just literally a piece of code and it determines whether it's single-tenant multi-tenant all that sorts of stuff and I mean, it's not quite as relevant because that's infected single-tenant multi-tenant everything and all it was doing was saying Oh, if you don't exist in my list of 80 users I'll just generate a token for you and let you in and it was doing that for anyone So you could log in just with any username you'd make up and then you could just start injecting data pulling tokens And then use tokens you could generate from users to read emails access secure information. It got really messy I was surprised and it's one of these things where had they had It's obviously just bad practice from the people who Who sent out the the applications? Yeah, just just some little bad practice Corey Thompson asks how big of a headache will unbundling teams from Office 365 cause I don't think there's any way to easily unbundle it Hmm. I mean what I know more many many companies do hey including my friend Jason Segel There's a reason slack messages are going off. It's because we're not using teams We're doing by the way same hate same hate for Google chat or whatever. They're calling it today or Yesterday or tomorrow or whatever is gonna be called next week because we know Google likes to rename their G-suite stuff. There's a reason a lot of us use slack is because we just know it's bad So I don't know that you can really un unbundle any of it Yeah, and everything that you have in your teams accounts actually are Locked to the profile that you're on so even if you were to unbind things Everything that you have in teams once it's removed from the account or connected to separate accounts We'll just you'll lose everything that you have anyways So teams is one of those, you know, it can be messy if you're trying to use it in any other way other than intended Yeah, and there was also I don't know if this I don't think this got assigned to CVE There was interesting report and it goes back down to session token stealing and I don't know where I fall on this because it's so fuzzy So teams which is now not done this anymore because it doesn't work this way now It was built with electron So the app was basically an electron web wrapper for teams, which is also why it was so slow I believe they moved on from that but someone had found and I don't know if this is still possible after they Moved down from electron, but they found it Trivial to grab the session tokens out, but where I find this is a flaw I did a video on how easy it is to steal session tokens out of a browser to impersonate someone The reality is once someone gets on your computer and they grab your session tokens Whether they're in an app or they're in your browser. They're accessible. They're on your computer You're gonna have a bad day so Them unveiling will be an issue if they cause you to have to buy it. Yeah Oh Let's see Reading the blog seems like a common misconception about what a ad odc and what ms is not helping have a clear distinction But ad is mostly authentication not authorization. Oh, yeah Teams is just built on SharePoint. I don't like SharePoint at all SharePoint has its uses Yeah, it's just it just makes you go through pain to use it. Oh, it's incredibly process intensive I know their um customers that I've dealt with where they've gone from just a basic file share to SharePoint And while SharePoint does add a lot of functionality that functionality comes at a time investment cost So if you got the time and you got the engineering, you know time for it great But if you don't it can you know drag your resources thin real quick Teams windows live messenger edition 2023 From bronica explains It's also pretty easy to get to teams up there to bring your own arbitrary exes that are their own. Yeah Better than sysco jabber. I remember that That's that's I don't know if you ever had to use any of that There was a time when we had xmmpp protocol. Matter of fact, google originally was going to be standard stuff So we could all interoperably communicate using x is xmpp xmpp Yes, we're gonna share this Tell me if you're old enough to know the universal messaging standard of xmpp google summer code 2023 It's an open standard for messaging and presence, but it's just It's supported but not everybody used it. I'm funny that google still sponsors I don't think you can connect google to it anymore Originally the idea was we're just going to be carrying the same open standard protocol And you connect whatever client you want those were the days when people had vision and the companies go wait a minute No, this isn't gonna work So we were talking about this jason slago lakes a lot of the in so do I the I think there's something about when you reach a high level of tech you then go retro You start just wanting to watch retro tech channels and vronic explains is a retro check Well, not only but she does cover some really cool stuff. She has a camera where she put online So that's it's a fun video to watch Ah So we got WebEx spark which was another thing. All right. Yeah, that was two Well Did you were you an icq user jeremy? Oh briefly once upon a time now. I'm just like trying to remember So long ago Speaking of teams seeing as our teams is getting brought up I think they're gonna start really putting the energy behind microsoft loop next. That's their next big thing It's basically like their their platform that everything connects to and everything ties to and everything can essentially You can create like static links to dynamic documents and all sorts of fun stuff So that's what they're really pushing hard for next. It looks like Yeah Tom any chance of a video detailing multi path i scuzzy and sure to us including networks separate subnets host design setup You know there is because um, I actually set it up because we I had a client that wanted it done So I built it all out in the lab because they I had not in I've not seen anybody in production using it with Um xcp and g this was like two three years ago in earlier days of xcp and g They wanted to confirm a couple of the design changes So I built it out and did it. I you know, I never really did a video on it. Um, but it's gotten better It's not hard to set up. You just build two subnets for storage and You set up the i scuzzy targets with different ip's uh for well different ip's you bind it to and then it works And then you just click the on button for multi pathing inside of there I'm just I use nfs. Uh, most of our production clients even uh, we have a client They have a good resting count. They have 4 000 hard drives spinning. So It's uh out of you if you look at my calendar, you know who they were because I was I was consulting with them on Monday Um, I was helping them with some other uh topics, but they actually they're xcp and g clusters I think all have 512 gigs of ram on each one of their servers They have like 300 you should be looking at the calendar. Yeah, I am you'd be like, who's that company? They're big But uh, I forget how many VMs they have like two or three hundred of them or something like that. It was kind of cool Um, they I always like consulting with them because they all their interconnects are 25 gig between all the servers and everything else So, uh, definitely Lots of stuff. That's weird brett was calling you He should know I'm on I'm doing things But yeah, I will I'll work on a video for that because I want I have a lot of tuna stuff uh the bbs days It's it's a company with cloud in her name Okay, I see who it is now. Yeah, we helped them move off of vmware. So And we solved uh, he he was actually happy because I talked about his kubernetes problem He had um that turned out to be a broadcom network problem and that so Yeah, don't use broadcom network cards. That's that's like the answer That's funny because I learned that years ago when I tried to make this switch from microsoft to linux And I was like, oh, I'm gonna try to set up my own little custom linux distro because I'll be a cool kid And I'm why am I having all these stupid networking issues? That's oh, well your networking card I'm like, ha ha ha very funny. Like no, no, it's your networking card like oh crap Well, there's some trivia. I didn't know what jason he he Ran an amiga bbs. Okay That's awesome Here play with amigas. Those are pretty cool Not really. No, I I never owned one. Um, I knew a guy who did I remember his name because it was billy the kid and uh, he had a computer store not far from me and uh He had an amiga shop. Like I don't know. This would have been like late 90s Which was kind of weird because that's when they were getting faced out Well, he was a computer store, but he had like a section of amiga. I should say but that was really cool Talking about this actually made me go. Hey, I wonder if they have the flipper zero in stock and they do So, yeah, I'm just like, oh, I better get one before they disappear I've been trying to get one of these things for like a year and they just disappear immediately Um, you know, this is one of the weird topics that I thought about covering. I still use, um I've I've been using just standard pixel phones with the google os on here, but it's really targeted at my business I'm just not worried about the phone privacy thing. Like I'm not I it's a topic that comes up a lot graphene. It's kind of neat. I think it's cool I if I want to be private, I'll be very honest my Privacy, I know What can or can't be seen on my phone and therefore I am where my phone is and I may or may not go offline But when I say offline because if you go offline and turn your phone off You now have created a gap of where are you if someone were to be watching you? By the way, read a lot of cori doctorals books to get nervous on this stuff But one of those things because no signal is also signal But if you want to be somewhere where you don't want people to track you leave your phone at home Um, you turns out you don't really need it And I like going offline occasionally and I can just leave my phone somewhere I usually don't because I usually want to take pictures with it But I don't worry about it as much so I don't think it was much about privacy But I I'm extremely context aware of anything I share in my phone Um, and if it's something that I do not think belongs on potentially the internet It will not be put on my phone. I will actually use a normal camera if there was a photo or a thing Um, I I always think about privacy as it would be controlling the narrative in coming at it from that perspective Uh, so it's just I've I've been on as a discussion me of Um, notice here, I've been online since the bbs days So I've always thought about it. I'm controlling what you know about me Uh, and that's how I started bbs like I didn't give people my real name I had the persona I had for it So I always think about even with social media where I even maybe myself I'm always controlling the narrative to tell you you don't know anything more than I want to know you to know about me So that's why I don't think as much about some of the privacy Uh phone os things as much or I don't spend a lot of time dwelling on it I do use signal messenger though. I really like it a lot We all use signal. That's how we we we have our meme chat that we That's there's a secret meme chat if you were a member of lauren systems You are slowly initiated into our dumpster fire of memes Oh, yeah now Not for the easily offended Yeah, that's a good way to put it and there's a reason it's on signal so everything can be yes Because all the other tools are for business and you should always put all your Um business talk and you should always read it as if it's being read aloud in court Oh fun stuff Even if your phone is off it's still trackable Yes, no, they know the last position was when your phone is off It is not trackable anymore because it is not sending out signals You can get hey probably some type of signal monitoring device like a flip of zero and see what type of emitting signals are coming from it I just ordered that by the way. I was like if I wait 10 minutes. It's going to be out of stock. So I just ordered it Because quite literally I there's one time in the past where I've noticed it was in stock I walked to my desk and grabbed my card and then picked my phone back up and it was out of stock So i'm just like now or never Yeah, no, they don't stock very often So if you're watching this live you can also get one too now that Jeremy had his I can say it Then you guys can drive it out of stock for whoever else comes after Exactly. Well, that was sort of why I wanted to mention it. I'm like, I'll just share it with everybody So we're in the know. We'll be the cool kids Yeah Hide in the crowd make your device not unique as possible. You know years ago I don't know if you've read this Jeremy. Did you ever read any of cori doctorals books? I've looked at some of the people who read his books and make videos You know being lazy like I am I really I have um, they're all free by the way you can download them right from a site So there's you know, anyone can go download cori doctorals books. I highly recommend them So they're definitely will make you think differently about privacy and security and that includes his fiction books I'm so excited about his picks and shovels series And red team blues Those are I got to hear a preview Will Wheaton is doing the audiobook for that. So i'm super excited about it. Nice. He did a kickstarter on it So um, I don't read much fiction, but cori doctoral fiction It's so technical and right, but he talks a lot about this whole hide in the crowd Um making your device non-unique. There's there's lots of things you can do to blend in and cori doctoral It's funny because the book he wrote was before someone the the first versions were before we had so much technology So now the question it's like the matrix. Would you have broke the vase if I told if I hadn't told you about it? You know, I mean did he predict the future or did governments read his book and go? Hey Those are crappy things we can do Krypton amicon is a pretty good book too. It's been around for quite a while. Okay It's actually let me go. I think it's on my bookshelf somewhere, but I'll pull it out later Fun stuff And if anyone's curious gonna see people commenting that your phone is never really off if you want to know if your phone's off it literally it can't Send any signal without causing some electromagnetic interference So this is something you can test yourself is Turn your phone off and determine how much electrical magnet electrical interference comes out of it How much signal is coming out of it? That is something tangible with None too expensive equipment. You could do and measure this. I know a lot of people Uh What do you call it a lot of people get really Tin foil ahead if you will like they're obsessed over it But it's often because they have a gap in how they think some things work So they fill it in with assumptions and that's often where that's the rabbit hole that gets you in trouble You you also have made someone's day. I ordered my flipper also Nice I'm glad I could help Now I'm just like wait. Hopefully I didn't get the wi-fi deaf board. I'm like, no wait. I just ordered. Okay. We're good We're good. You got it. So Uh, oh, let me pull up the um, hold on. I'll pull up the core doctor. I'll think so people can actually be His latest one Just like emp testing equipment Mary serves, aren't you able to make an emp with a microwave like the part Yeah, that might just be something from one spot at a time. I don't remember you can you can okay, so Got it. I know you used to be able to I know you can still you can make an arc welder from a microwave But I wasn't sure about an emp but then again Generally you A disclaimer do not open up your microwaves and fiddle with the inside of them. Do not do that. Yeah We're not recommending it But there's at least plenty of youtubers that are doing something stupid like that Oh, yeah, absolutely And by the way, you cannot charge your phone with a microwave, but that was so fun when someone said that I don't have you seen those videos You can put your phone in a microwave and rapidly charge it and people were destroying your phones Yeah was um the iphone's rapid charging feature from like years ago. They're like, yeah throw to the microwave That's that's like how everyone I don't know anything clever to say. So I will tell you Oh, here's the command that you use in linux rm rf. Just do that um But uh red team blues and another audiobook amazon won't sell this was his um His cori doctoral won't sell his books on amazon because he only does books that are drm free By the way, you can get them for free Uh, but this is the dm free audiobook the first marty hench novel read by the amazing will weaton I've listened to uh samples. You can find it on cori doctoral's podcast where he has will on there to do the reading It's solid. Uh, this is 152 thousand dollars uh Kickstarter campaign on this which I thought was great I've been such a cori doctoral fan for a very long time Just love all the stuff he does and he has such a strong technical background that he writes things that are Very technically plausible and a lot of interesting, uh topics. He's always fun to listen to Did someone put a uh Yeah, did did someone put a phone or microwave? Oh too many someone's I mean it was on many many people Yeah, I think you can just youtube There are just compilations of people who did it and who are very sad because of it One thing though if you're not certain if your phone is completely off do the microwave trick That'll make sure it's off forever You know, I don't think you know this Jeremy is I we play with the other day at the shop Which I I don't even I don't even know if I post I don't think I posted a video anywhere I should though. Uh, we have we have um, I think it's a 30 or 40 000 volt um neon transformer that we blow things up with once in a while That just sounds like good fun Yeah, so many times when you're down at the office for lunch because Jeremy usually works remotely. Um, so We you know, it's a little bit chevious is we uh, I showed a video last week because we actually if you search around on my youtube channel We did destroy some printers. We filled them with fireworks. We haven't done that in a while So maybe we should do something like that again too I'm always up for some explosives Well, you know, you take the mortars, um, you buy like those mortars that you can buy here in michigan But you don't put them in the tubes. You just pack three of them inside of a printer Turns out it's way more fun than going up because the printer not just comes apart But like red sparkles and purple sparkles go everywhere. It's just it's a beautiful thing And you don't have to worry about the pc load letter messages Nope, not at all Although we were talking about printer hacking and uh, jason slayville killed me with this one Says we used to love you could reprogram what it said And you know, you'd put something dumb in there once you figured out how to do that because they always had the default passers You could tell that into the thing because yes, it was telling that back in the days But you know how there's that like the old issue printers have like slots on the side of it Jay jay would hack them uh and put insert coin There's just there's I just had this vision of a printer broken and someone's like why are there so many pennies in this thing And they're like, why does this say insert coin? I don't know someone left the pastor at the fault and like, you know, someone logged in and now it says insert coin Uh radiation leak. Yeah radiation leaks a good one too Oh fun stuff Well, I'm gonna wind this down. I just figured I'd bring Jeremy on. Let me know if uh, well, if the other staff want to come on They always they're always welcome to it um Jeremy said he was getting over a little bit of the stage fright and stuff like that says first time you've been on camera He's like, is it nervous? I'm like, don't need to be nervous. It's just a conversation Uh, but I don't mind opening up for people who want to know about the business want to talk about things Uh, I will kind of continue on this. Maybe we'll get a jason slagle back on here We me and jason slagle I should need to do an updated video on uh the hacking stuff Because that video where is that one at? Um, I can throw it out there. We did this before and I'm gonna Share the link real quick again this is um Let me put this in here in a chat. This is the how I would hack you video. Um, and I might uh Do some tutorials after that video because we talked about all the different things you need to do to secure things Uh conditional access tokens and stuff like that And uh, it's probably a good topic because setting all those conditional access tokens in azure is tricky But I know a guy and uh, maybe me and you will just do a video on that topic Because what we want to do is We want to do a video like how I want to hack you which we did that one already But maybe we'll do an updated one But we want to do a defense video to talk about what we do as a blue team As as the company does uh designated for securing other companies. What are those steps that need to be taken? Um, I I want to get more of that content out there It doesn't get a lot of clicks, but there's a lot of value in it because it's it's Everyone gets excited the you know the hacker side of things, but the reality is the defense side of things Is hugely important. It's actually what a lot of people Including my people at my company and jason slagals company are employed to do is keep the defenses up and sort out People from as jamie said in the beginning keep people shoot themselves in the foot with their settings Because honestly what we've been dealing with with microsoft don't I see we I mean like the royal we basically everybody is like Back in the day when windows first rolled out, you know the new version like server 2008 or something You know they have default settings that are in place and they assume the technically competent users Know how to configure it before rolling it out But in most instances there's a tech guy who ends up being i'm the windows guy because my brother owns the business And he saw me turn a printer on and off once so now i'm the windows guy rolls out all these settings by default assumes They're good and then you know five years later. There's a data breach Yeah, and that's that's just a whole thing is you know we come in we assess Do audits and things like that you try to establish baselines we onboard stuff because jeremy does a lot of the msp work as well going through and What what do I call it is why why are these servers yellow because they turn yellow in ninja one? Why are these why is this one red? Why did this person do this? I need to do an updated video because um, I realized when I was discussing with someone Uh, the ui changes we've made as I think some of them You've probably even seen from where ninja one was a year ago when I did the video to It's been a little it's been a little over a year since I did the video and uh all the ui elements have changed They keep making it better. So I mean honestly from day one to now Ninja is almost a different a whole different animal and it honestly They're all I can't think of anything that's gotten worse Which you know I hate to say it but most products there's always one or two things you can complain about This one. I'm just like I don't have any complaints Golf clap. Good job. Yeah absolutely the They they just keep making it all the policy systems gotten better the breadcrumbs. So um, that's that's worth me visiting again part of the problem is I'm on their um I don't it's it's not called the advisory board But basically I have an in with them if you will I talked to I talked to people at high levels there But what they've done is they've turned on everything beta so we can actually give them feedback So I they said they do this to me I want to set up a separate instance where anything I can talk about because sometimes we'll We're sometimes like a slight version ahead on arbor on our instance For features that may not be rolled out to general public yet so they can ask us about them but especially they've done a lot of work with the The backup system is much different now than it was before when I talked about it So and they made a lot of improvements there and we're not full disclosure because of some of the problems we bring into it We don't fully use it as much. We're using other backup systems But you know, it's something we'll readdress and revisit But you know, it's fun fun stuff to talk about. I like to let people know what we're doing behind the scenes I don't think any of this should be mysterious. I don't like companies that Are too obscure about it. I know it's not going to be the the fastest or Highest viewed content on the channel, but I think there's still some good value in it Like I said earlier visibility creates accountability and there's no business I can think of that's just like oh, we're we're too accountable. We need less accountability Yeah In well, maybe the cloud business because you know that no cve problem All right, well send emails to Vlog Thursday at larsystems.com that any more emails come in before this is over Sometimes people email in real time. I keep it up over here. Just look look over to my left. I don't see anything new But I see more stuff to do. I always peer at my wall of monitors to make sure anything's going on Yep Oh, and I got a can we do this from Brett? So that's what he called Um Oh, this is actually gonna be this is what it all right. This is for you So when we're done with this, I'll message this one to you because someone needs help setting up an is server Okay, sounds good. Uh So are you in later? Thanks Thanks. Have a good one everybody