The new forums will be named Coin Return (based on the most recent
vote)! You can check on the status and timeline of the transition to the new forums
here.
The Guiding Principles and New Rules
document is now in effect.
[Computer Security Thread] CVEs, or "Crap! Vulnerabilities! Eughhhhh..."
Posts
The issue with connecting to any untrusted network is it is a Man In The Middle. Which by definition potentially exposes you to all manner of man-in-the-middle attacks, which is what this is. This is not a novel discovery, it's just a PSA reminder that VPNs can't protect you from all MitM attacks and never did.
Stuff like firesheep was pretty prevalent for awhile.
This is why redundant backups are so necessary. For quite possibly the first time in world history IT managed to convince upper management to not only have storage at two different locations, but to have further redundancy with an entirely separate service. The vague wording makes it clear no one is trying to lay blame directly which makes me think it was a fuck up on Google's end.
PSN:Furlion
I don't know about that. Since starting my current job our local datacenter only caught on fire once, but the Azure one has twice.
A good habit because tech comes up with new acronyms faster than new ideas.
Haha, yeah. Sometimes I wonder if I was born like, maybe 10 or 20 years earlier if it would have been easier to understand before things skyrocketed up.
If anything it's gotten easier because the foundations have been laid, there's just a lot of noise. Plus developers are often narrowly focused because companies are more interested in cheap and fast over good and secure. Security is a lot of telling people to stop touching the hot stove just because it looks slightly different than the last stove.
For a while I recall the sentiment being Microsoft Defender is good now and quite adequate without needing a 3rd party. Is that still the case?
Default Windows is fine. You should just straight up uninstall Kaspersky and make sure it hasn't installed something else in its place: https://www.cnet.com/tech/services-and-software/kaspersky-antivirus-software-is-automatically-transitioning-to-ultraav/
I use Bitdefender but that's just because I like some of the features it has to help me manage my mother's computer. Otherwise I'd be fine with just default Windows protection.
The biggest thing you can do to protect yourself is to use Firefox + Ublock Origin on your PC, and then just avoiding shady stuff in general. You have a bigger risk of getting your authentication credentials stolen or getting socially engineered than by downloading a virus, and both of those things are managed best by getting something like 1Password and managing your own behavior.
Also I saw articles like that and didn’t let Kaspersky do the update to start downloading the weird replacement, and just fully uninstalled Kaspersky itself.
PSN:Furlion
They're targeting servers, which makes sense, as servers have more hardware power to throw at crypto mining than grandma's windows 8 laptop. Servers are usually headless, and lots of companies have enough of them that they don't really closely monitor them unless something is breaking.
Yeah, the US government is already very much involved, so is going to be bad. And both sides are tearing each other apart:
10 million at that scale is a thinly-veiled insult. It doesn't matter if this is Delta trying to shift blame, if this is how Crowdstrike is going to deal with the pile of litigation against it, it only takes one judge to decide to just turn them into a smoking crater.
PSN:Furlion