I work in a high-tech, highly regulated environment. Our security posture is end-user visible through the various so-called ’endpoint security’ tools that are deployed en masse and kept rigidly up-to-date. These tools can do lots of things, like restrict apps from running, restrict installers from all manner of sources, prevent things like PowerShell from running, even lock down parts of Windows itself.

I don’t have a problem with these tools. When your base is the HMS LeakyWindows, you’ve got to patch those holes somehow. The problem I have is when I use approved apps to do legitimate things, that I get caught up in automated security dragnets that then get me a nastygram from our Security team. The latest one went something like this:

Security: Hey, I see you installed a program from the App Store on your mac call “Amphetamine”, why do you need an Idle Prevention tool?

Me: Because I was tired of having to crack open a useless terminal window to run caffeinate. You know, the tool built into all versions of macOS since time immemorial that allows for idle prevention? I also use the idle prevention software built into the unrestricted, signed and approved PowerToys on Windows, if these tools are so bad, why do you allow them?

I’m still waiting on their reply.

However, this is not the first time I’ve been bullied. I once had the audacity to use curl.exe on Windows. No, not one I downloaded from the Internet, the built-in one that’s been around for neigh on EIGHT YEARS¹. I didn’t even do anything ✨mAlIcIoUs✨ with it. I literally just curl’d google.com because I couldn’t tell if I could get out to the Internet just yet.

The email they sent me was hilarious. The software scanning tool they use had some ancient text about how curl.exe was included in some hacker toolset from the 1337 days of y0r3. I was so surprised something so obviously out of date and wrong was still in this kind of database, but that the technician didn’t just look at it and dismiss it as obviously a false positive.

HOW DO SECURITY PEOPLE HAVE JOBS? HOW DO YOU GET INTO A POSITION LIKE THIS WITH NO KNOWLEDGE OF YOUR FIELD, THE TOOLS AVAILABLE, AND NO SELF-REASONING SKILLS?? SERIOUSLY.

How does a desktop support guy know more about your job than you do?

Are all security folk a joke? No, I imagine not. However these desk jockeys they’ve got are little better than talking heads.