Based on a week of agony with customer projects that feel like a gasoline truck went off a bridge into a swamp filled with alligators gang-raping a pile of C-4 explosives.  Or something like that.  Whatever.  I need sleep. No, wait.  I need caffeine!  The great cure for all that needs curing.  Anyhow, where was I?  Oh yeah.

Suggestion 1 – Default Domain Policy needs an ass-whipping

The Default Domain is famous for two main reasons:

  1. It’s the core of the basic AD configuration invasion and occupation forces, and as such, is supposed to be treated delicately.
  2. Users mow it down like a roasted pig at a homeless shelter barbecue

So, if it’s considered bad to muck with it beyond basic user password and other security-focused settings, why even include any other settings?

Therefore, as your candidate, I would push for a new Default Domain policy that ONLY contains a handful of settings and nothing else.  You want other settings?  Go make them yourself.  The hard way.  Like your great great great great and not-so-great grandparents did, with their bare hands.  Sun-up to sun-down.  In the vast, frozen fields, fighting off bears and rabid squirrels and shit.

I need sleep.

Suggestion 2 – Turn File Extensions on By Default

Turn them off, and you should be punished.  Like, eyelids stitched back to your forehead, strapped to a chair and forced to watch The View re-runs for an entire week, without food or water, punished.

Hiding file extensions isn’t just dumber than the dumbest of dumb things, it’s also dumb.  It’s a security hole, and it confounds Help Desks the world over, with clueless users torturing their techs as follows:

“Yes maam, I know you can’t work without that Cantankerous Cats wallpaper, but if you could just please find the .JPG file and right-click on it….

“I don’t see any Jay Peg files on my machine.  I’m looking for Can Tank Are Us Cats, but I don’t see no Jay Peg files”

“It probably isn’t showing the J..P..G… extension, but…”

“The what?”

“The J-PEG extension”

“What’s an extension?”

“It’s a, hold on a second while I load my 9mm…. okay, I’m back.  Do you see a file in the Pictures folder that looks like a small picture?”

“I see a lot of picture files in my pictures folder.  Isn’t that what it’s for?”

“Yes…. (click click click)… Do you see one that has that stupid ass name, I’m sorry, I mean that cute kitty name in it?”

“I see one called ‘Spora – Cats are Ransomware Screensaver’, should I open that one?”

*** bang! ***



“I opened it, but now I’m getting a message about entering a credit card….”


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s