Re: Who needs DNS anyway?
They probably already have by using a different machine. Sometimes you don't have to employ any meddling at all, just be smarter than the parent.
8 posts • joined 27 Sep 2018
"The thing is, one way or another, stuff has to be paid for. Since this generation has decided not to pay for anything, least of all for factual information investigated by salaried journalists, advertising and sponsorship is all we have left."
I'm so glad you used journalism as an example:
The actual thing is - it's not our damn responsibility to pay the bills of organizations that took a decade or more to finally admit that newspapers are dead and they should probably have a solid online presence. The overwhelming majority of Top Tier papers and news rooms simply refused to do this, then decided to play scramble and just hop on the ad-based revenue bandwagon. Fuck 'em. If they die they die, and you can pin it on our generation all you want, we will proudly take that smoke.
It isn't our fault that we leverage technology to disrupt industries that refused to do so.
Right, this was my point as well. Not to mention that having a device in DEP doesn't just magically allow you to enroll into all MDM configurations - many configs do not accept enrollments from unknown devices and users. Some require tokens to even be able to complete enrollment. And forcing authentication for DEP would break a lot of processes for a lot of enterprises. The only vulnerability here is having flunkie UEM/MDM engies and admins. If I was DUO, I'd be fairly embarrassed about "disclosing" a feature as a "critical security vulnerability".
Even if you've managed to generate a serial that exists in both Apple and the target's ABM/DEP database, you're surely going to be hit with compliance policies and further directory authentication for anything sensitive. That is of course assuming the MDM engies and admins aren't complete morons.
Biting the hand that feeds IT © 1998–2021