The Power Of Opposition

by Robert Wildauer

One piece of received wisdom in business is that managers should get “the right people on the bus” (an analogy from Jim Collins’s book Good to Great: Why Some Companies Make the Leap…And Others Don’t). By surrounding oneself with the right people, strategy and direction should follow organically.

Per Collins, good employees with the right motivations will basically manage themselves via their own self-drive or dedication to a team with a similar mindset. Conversely, great strategy executed with the wrong people may never come to fruition.

I won’t quibble with that line of argument. It is common, however, for managers to confuse the “right people” on a team with those who all think the same. People who disagree, dissent, or oppose ideas and objectives are the “wrong people.” They get kicked off, or never let on to, the proverbial bus.

Degrees Of Disagreement

The modern workplace is moving to an increasingly collaborative and team-based model. Strong teams can pool disparate skill sets, engage with tasks more creatively, and operate more productively than individual performances. With a shared mission and tight culture, teams can mitigate self-serving behaviors that can undermine a group’s broader strategy. So group consensus must be an unequivocally good thing, right?

Not exactly. If an entire group is saying “yes, and…” until they hit a dead end, the benefits of consensus and conformity diminish. Despite positive outcomes of collectivist team cultures, individualism and disagreement can promote creativity.

You can look at disagreement in a couple of ways. One is a general antipathy toward others; the second is a tendency to swim against the mainstream and defy group consensus. Sometimes these attitudes are bundled and other times they manifest separately. I won’t venture to defend the first, but the second is an underrated component of a team. How else can we improve without being open to possible flaws or drawbacks in our plans or processes?

The process of dissent can be challenging for the group and for the dissenter. Upsetting what a group perceives to be a settled question or strategy can be annoying. Worse still, the disagreeable opinion could be a bad one and lead to wasted time and effort. However, legitimate dissent can lead to more rigorous debates and fuller thinking about a problem or solution.

Team members and leaders have to discern valid and useful dissent from mudslinging. Is the disagreement based on ideas and principles, or driven by personal conflict? Has this person or people produced valid criticism before? Have you let them express it? Did you take it seriously? If not, why not? Do you relabel or categorize this person as not being a good fit?

If your first instinct is to reject critical or dissenting voices in your team, then your behavior is a mirror image of the bad faith critic. Instead of knee-jerk dismissal, take a breath and hear someone out. If the dissent seems genuine, let it inform your priors. In other words, that disagreeable colleague may be exactly the “right” person to ride the bus.

________________

Robert Wildauer is a network technician and staff supervisor for an MSP in central Pennsylvania. He has worked in the IT industry for over twelve years with a focus in Cisco networking.

THIS WEEK’S MUST-READ BLOGS 🤓

DHCP Server Eventually Responding - Major Network
Markku focuses on the secs field in DHCP clients. This field can be very useful in a failure scenario in which a client doesn’t get a response from either of two DHCP servers due to a misconfiguration. It could also be a help to troubleshooters when trying to understand why it’s taking a client repeated attempts to get an address from a set of DHCP servers. Markku walks through a lab setup to show how the secs field works, and shares packet captures if you want all the gory details. - Drew

Understanding DNS query composition at B-Root - APNIC
This APNIC blog is a summary of a large study conducted by researchers at USC and Northeastern University that aims to better understand how DNS is used in the wild. The research “analysed 28 billion DNS query traces at a root server, B-Root.” Among the big takeaways are that Amazon/AWS leads the pack for B-Root queries, accounting for 14% of the global total from 2022. Another is that the growing popularity of Chromium is driving up the number of malformed DNS queries due to a Chromium feature called Omnibox.

Among the curious takeaways is that in 2014, slightly more than 1% of queries sent to B-Root were for an invalid TLD “.com/wawa.” Folks in the Philly region, of which I am a transplant, know Wawa is a popular convenience store that makes pretty good sandwiches (hoagies). The researchers speculate that the invalid TLD must’ve been a server misconfiguration, but it’s nice to see Wawa get on the board. - Drew

Ancient Internet - SubNet Zero
This is a look back at the early days of commercial network connectivity using ISDN lines and T1 connections, including a nifty hack to get around the fact that ISDN lines, as a dial-up metered service, could disconnect periodically to save costs. There’s some good history in here, as well as this observation: “We take for granted instant connectivity from every location on portable devices.  Once upon a time,  connectivity was only available at certain locations, often requiring dialing a service provider.  There was a real excitement as new technologies emerged for making connectivity faster and easier.  Now, of course, we just expect things to work and get angry when they don’t.” - Drew

Forwarding BUM Frames in VXLAN Network With Static Ingress Replication - Daniel’s Networking Blog
Daniel compares the resource impact of using multicast vs. unicast with ingress replication when sending an ARP request in a leaf-spine network with 32 leaves and 2 spines. Multicast is more efficient, so why use ingress replication? Daniel writes “Ingress replication is not as elegant as multicast and it does consume more bandwidth but the advantage is that the configuration is really simple and that there is no state required in the other switches. It uses unicast so forwarding is straightforward. Ingress replication can also be used with EVPN for discovery of the NVEs.” Daniel shares the config snippet (this is for a Cisco Nexus 9Kv lab). - Drew

Revolutionize Your Web Performance with Gcore CDN: A New Paradigm in Speed, Scalability, and Security

In today’s fast-paced technology landscape, settling for a run-of-the-mill CDN simply isn’t an option. Enter Gcore CDN: an exceptional global edge network solution that pushes the limits of what you can expect from content delivery.

Why Choose Gcore CDN?

• Truly global reach: 150+ edge locations and 11,000+ peering partners worldwide

• Dynamic content acceleration: Speed up dynamically generated assets

• Smart image optimization: Compress, resize, and convert images into AVIF or WebP on the fly

• Developer-friendly tools: Extended API; Terraform and Grafana support

Experience Gcore CDN risk-free. Start with our free-forever plan that includes 1TB of monthly traffic and key CDN features.

TECH NEWS 📣

Meta sued by 42 attorneys general alleging Facebook, Instagram features are addictive and target kids - CNBC
Solar Winds isn’t the only tech company coming under government scrutiny. Forty-two Attorneys General in the United States are suing Facebook’s parent company Meta. The AGs allege Meta’s Facebook and Instagram products were specifically designed to addict children and teenagers. The AGs also allege that Meta knew its products were having negative impacts on the mental health of teenagers. Those allegations originally surfaced from a Meta whistleblower who released a trove of internal documents know as The Facebook Papers. Here’s the  link to the suit. This link goes to a Washington Post story about the Facebook Papers. “Move fast and break stuff” should not include people’s mental well being. - Drew

BackBox integrates automated network configuration management capabilities with network vulnerability management into common workflows. NVM is purpose-built for network teams to easily discover and score vulnerabilities in their network, then prioritize and automate updates based on actual risk.

Without entering a credit card you can use it now on a variety of sample network devices in a private sandbox environment here.

FOR THE LULZ 🤣

Shared on X by @KevTechSupport

RESEARCH & RESOURCES 📒

2022 Cost Of Insider Threats Global Report - Ponemon Institute
The Ponemon Institute has released the 2022 Insider Threats report. Like most vendor research you should have your bollocks filter active, but I found some interesting data points in here. 35% of cyber professionals believe that the economic downturn is causing more internal employees to turn to cybercrime. 73% across US CNI have seen some reduction or a significant reduction in their organization’s cyber security budgets and 81% are worried now about the threat of cyber warfare against US critical infrastructure, with 33% ‘extremely worried’.  Here is a direct link to the PDF. No regwall on this. - Greg

INDUSTRY BLOGS & VENDOR ANNOUNCEMENTS 💬 

Introducing HAR Sanitizer: secure HAR sharing - Cloudflare 
Companies including Cloudflare and 1Password had to fight off intrusion attempts after an authentication token credential was stolen from identity management provider Okta, of which Cloudflare and 1Password are (were?) users. This is the second time Cloudflare has been attacked due to a mishap at Okta. Cloudflare writes “The bad actor in the Okta breach compromised user sessions by capturing session tokens from administrators at Cloudflare and other impacted organizations. They did this by infiltrating Okta’s customer support system and stealing one of the most common mechanisms for troubleshooting — an HTTP Response Archive (HAR) file.”

Now Cloudflare has released a new open-source tool, HAR Sanitizer, to maybe help folks not put Cloudflare so much at risk. The tool, freely available to anyone, aims to remove sensitive credentials from HAR files that get shared by administrators and support teams. You can almost hear the gritting of teeth in the Cloudflare blog that summarizes the incident and describes the new tool. - Drew

ESI-LAG Made Easier with EZ-LAG - Juniper Networks 
From the document: “A detailed configuration example that shows how to dual-home data center servers to Juniper leaf switches by using EZ-LAG, a simplified version on ESI-LAG made for customers looking for a smooth transition from Multi-Chassis LAG without having to immediately learn all the features and complexities of EVPN-VXLAN technology.” - Drew

EnGenius Releases SecuPoint to Simplify VPN Client Challenges for IT Professionals - PR Newswire 
Remote access these days is all about zero trust and SASE and ZTNA, but sometimes all you need is a straightforward VPN. That’s what this release sounds like to me. - Drew

/

LAST LAUGH 😆

Originally posted on Reddit. Seen by us via X from @gabsmashh