Ben SluskyAug 23, 2023
SwiftOnSecurity
Describe the symptom, not the conclusion:
"The firewall is blocking my app"
No, your application has triggered a pop up box with a pre-written string saying it is unable to communicate with a specified server. We do not know anything else about why that happened or what is potentially wrong in the chain of dependencies for that error to appear. The error could be a completely incorrect catch-all. You do not know anything until you start investigating.
Aug 23, 2023 at 1:47amWeb
Show threadChester Wisniewski 🇨🇦Aug 23, 2023
@SwiftOnSecurity Sophos Anti-Virus of 2000s era used to throw the error "Cannot connect to server, server unavailable" when you had the password wrong. Great example of even the error message itself, while not incorrect, isn't always helpful. What was happening? I'm not getting updates. Start there.
Show threadRule 2 Racing OfficialAug 23, 2023
@SwiftOnSecurity This is why the firewall guy has to debug network applications and why the unix guy has to troubleshoot windows networking problems. People fixate upon a simple (to them) explanation, and the only way to prove my innocence is to prove some(one/thing) else's guilt.
Show threadSaromelAug 23, 2023

@SwiftOnSecurity No joke happened to me:

“The windows firewall is blocking Audacity from picking up the microphone” No, you just accidentally pushed the mute button

Show threadSoonerMedic Aug 23, 2023
@saromel @SwiftOnSecurity had a user tell us she had a bad wired headset because no one could hear her. Sent a Helpdesk tech out with a new headset. Found out she was sitting at a training station that had headsets on a Y cable. She was using the “trainer” side which didn’t have a mic. 🤦‍♂️
Show threadDaniel SidlerAug 23, 2023
@SoonerMedic @saromel @SwiftOnSecurity Had a similar case with a user in home office. Tried to figure why no one could hear them in meetings. Accidental mute? Wrong audio device? Broken USB driver? Defective connector? After 15 mins they casually mention their kid cut the cable of the headset the other day and it was cobbled together with tape. NOW YOU'RE TELLING ME?
Show threadSaromelAug 23, 2023
I feel the need to specify that the person who blamed the windows firewall was not the end user but a member of the IT support team
Show threadocdtrekkieAug 23, 2023
@SwiftOnSecurity Please tell all of my users this. Every day. It's stunning how many tickets I get claiming I'm doing things we don't or can't do, and I have to ask them why they believe it's the case before they explain what actually led them to that conclusion.
Show threadAllan ChowAug 23, 2023
@SwiftOnSecurity https://fosstodon.org/@grumpasaurus/110912718989627893
Allan Chow (@[email protected])

@[email protected] when investigating any issue. Think of the dumbest thing you could possibly think of. Think to yourself nah really? Then investigate that.

Fosstodon
Show threadMike [SEC=OFFICIAL]Aug 23, 2023
@SwiftOnSecurity I learned a long time ago to start conversations with users by asking "what is it that you're trying to do?" instead of "what is the problem you're having?" and it's saved me so much time over the years. 😁
Show threadjust_one_bearAug 23, 2023

@mike @SwiftOnSecurity This is my question 1 of the big 3 (phrased compactly): What are you trying to accomplish? What are you doing to get there? What are you getting when you do that?

So much time saved if answer 2 is misaligned from answer 1. And if answer 2 lines up, then answer 3 is providing direction for troubleshooting.

Show threadGaborAug 23, 2023
@just_one_bear @mike @SwiftOnSecurity I also ask "What do you expect to happen?" on top of those
Show threadKelly GuimontAug 23, 2023
@javorszky @just_one_bear @mike @SwiftOnSecurity yes to all this. Starting with "what are you trying to do?" gets me pertinent information. Adding "what did you expect to happen?" helps even more if it's not a clear error message.
Show threadGétur FránssonAug 23, 2023
@mike @SwiftOnSecurity I've been doing exactly this for ages with family and friends free tech support. super useful.
Show threadHugo Slabbert ⚠️Aug 23, 2023
@mike
Show threadNebyoolaeAug 23, 2023
@mike @SwiftOnSecurity That seems like a good way to defuse the XY problem, actually.
Show threadBenjaminAug 23, 2023
@mike @SwiftOnSecurity I try to get.out maker space staff to ask the same question. Instead of "what 3d printer so you want this on" or "what resolution" ask "what is the purpose" and "what is the size"
Show threadGeoff 🏴󠁧󠁢󠁳󠁣󠁴󠁿Aug 23, 2023
@mike @SwiftOnSecurity Teaching (not even formally, I'm a technician):
Don't say "Any questions?"
Do say "Somebody ask me a question."
Show threadstoeyAug 23, 2023

@SwiftOnSecurity always good to remember that the error message you're seeing was written by the very same developer whose code just failed to handle whatever happened and gave up.

They're rarely an expert witness for your investigation.

Show threadZimmieAug 23, 2023
@SwiftOnSecurity I got one of those once. Turned out the problem was the application was running out of memory because it was built 32-bit. That dastardly firewall just refused to reach into the developer’s build pipeline and update his flags for him!
Show threadJohnleyAug 23, 2023

@SwiftOnSecurity I always ask this of my service desk techs when they hit me with the “has anything changed about the network at (location)?”

Whatcha trying to do?

Show threadJohnleyAug 23, 2023
@SwiftOnSecurity I’m also pushing management to let the service desk have access to our logs and read only access to our management tools, so I can start replying with where to find their answers instead of doing it for them.
Show threadSamAug 23, 2023
@SwiftOnSecurity no no no, the rules are clear! If the error message mentions 'connection' you blame it on the network team, if it mentions 'authentication' you blame it on the Active Directory team.
Show threadNoratriebAug 23, 2023

@SwiftOnSecurity I recently had an install script that did a try-catch around Invoke-WebRequest and in the catch just printed "network error".

After quickly modifying it to remove the try catch I saw the actual error: -UseBasicParsing wasn't passed and Internet Explorer was blocked on my device.

Don't swallow errors like that.

Show threadAlesandro Ortiz 🇵🇷🏳️‍🌈Aug 23, 2023

@SwiftOnSecurity In parallel, my pet peeve is software saying there's an issue with the user's Internet connection when the issue is server-side (downtime, expired access token, logic error, DNS). 🙃

Developers can and should do better to handle this common scenario.

Show threadRandy OrrisonAug 23, 2023
@SwiftOnSecurity I’m trying to use Scalefusion MDM to manage a remote Windows 10 PC.
Me: Scalefusion, reboot the PC
PC: reboots
Me: Scalefusion, show Thunderbird on the start menu
PC:
Scalefusion:
Scalefusion logs: (just kidding, there are no logs)
Scalefusion support: it’s the firewall
Scalefusion firewall requirements document: 10 sections most of which refer to Android or link to Microsoft documentation
Network admin: yes, I’ve done all that. What’s not working?