SwiftOnSecurityWe have this system at work where you have to manually read and type out the estimated number of impacted systems before it lets you issue a command.
Ultimate pucker factor when it starts hitting tens of thousands, then you go back and rethink this deployment strategy a bit.
Jonathan Polley@SwiftOnSecurity I wish our IT group had that.
Dave Wilburn 
Iranian Handala Hack operator sweating bullets before he launches the InTune command to wipe all those Stryker systems thanks to you guilt tripping him.
Zimmie@SwiftOnSecurity Is there not a way to run some innocuous command (get the hostname, or uptime, or something) to get the exact number of affected systems ahead of time?
@bob_zim absolutely there is but still you know you will be held accountable to this
Glyph@SwiftOnSecurity it will be so much faster once AI is doing all your ops. it will breeze right through this prompt in fractions of a second, saving so much time!
J.P. Stewart@SwiftOnSecurity I know this feeling. I was nearly ill from anxiety.
In January 2024, I “pressed a button” (someone else technically did, but at my direction) that ran a program that we had written just a few weeks earlier against XXXX (let’s just say many) machines.
We had several vp reviews & even one with the president of the division during holiday vacation time just to get approvals.
(There were many tests, flights, & data reviews leading up to this and daily during as well.)
@SwiftOnSecurity Oh. I missed a point, which is that yes, almost always, our bug templates and remediation requests require detailed (more than an estimate) numbers on who is impacted and how many. That’s pretty standard.
Rob Russell@SwiftOnSecurity At 3 different global banks, I've written a /usr/local/bin/sudo script as a wrapper for /usr/bin/sudo
It would take an incident or change number as justification, validate that incidents were open and matched the prod status of the machine, validate that changes were approved and the current time was within the window.
It updated the tickets with $USER did a sudo on $MACHINE at $TIME and stuff.
If you just type "emergency" it let you right in and also paged your boss.
Pete Keen@SwiftOnSecurity one time at my very first professional job I wrote a (dangerous) command that defaulted to dry-run and had a flag like "--i-really-mean-it".
A coworker flipped it to default run with a "--dry-run" flag. The commit message was "remove whimsey" and I've never really forgiven them.
@SwiftOnSecurity (that was almost twenty years ago for the record)
Epic Null@zrail @SwiftOnSecurity That sounds like safety, not whimsy?
Sharif Naas@zrail @SwiftOnSecurity "Oh, hey, you dropped your footgun."
Brian@SwiftOnSecurity I always type One because everything runs in one virtual environment...🤔
Infoseepage@SwiftOnSecurity Needs amendment to "Are you sure you want to do X to Y number if system at Z o'clock on a Friday? If Yes, press Y. If no, press any other key and may god have mercy on your soul."
ROTOPE~1 ⭐️@SwiftOnSecurity fortunately, the AI that generated my command is also perfectly capable of solving such a challenge.
Virginicus@SwiftOnSecurity It’s the descendant of the line of JCL I had to put on a punch card at the top of my deck, saying how much time my program would need to run.