Posts by simkin

Re: Procured kit needs regulating too.

It probably is, because otherwise you have yet more hardware to maintain. And everyone can run Windows.

Re: Hijacked elections too

Or, you know, democracy.

Re: Time to Be Prepared

You should always have enough food, water, and a way to stay warm, for a couple of weeks at least. If there's a source of fresh water nearby having a Berkey in your emergency kit is advisable. Most of us are carrying enough body fat to live for weeks or even months without much food, but clean water is essential.

I guess being the only people on the planet who still buy pagers makes you susceptible to identifying your supply chain.

Re: Why did they change anyway?

Telling who? It's not like you signup for a mailing list when you write a whois client or otherwise query whois.

Re: Sounds about par for the course

Sounds right. I just had to fill in our cyberinsurance forms for this year.

q: How many endpoints are not protected? If any, why?

a: 100%. Reason, we don't employ anyone whose job it would be to manage them.

Re: The Great (Fire)Wall comes to Oz

It's Australia, this is probably the real purpose of the project. Any actual security benefit would be incidental.

Best practice

Well, if we all followed best practices we'd have a lot less need for cyber security people in the first place.

Re: "I am very smart"

Sounds like a typical timeshare presentation.

Re: DMARCrap

DMARC works fine for forwarded messages as long as you don't alter them in transit (assuming they were DKIM-signed, SPF obviously is not suitable for use).

Mailing lists can choose to either not modify the message or they should remove auth headers and replace From: with their own address to take responsibility for sending an altered message.

Re: MicroSerfdom

It's not pointless.

Your data - ie, the details of everything you do on or near your computer, is worth more to Microsoft and other big-tech companies than what you paid for Windows. Afaik Apple is the only big-tech company that hasn't completely embraced that model, at least on the PC front (mobile being another story of course).

Your TV does it. Even your effing car does it now. You and your behaviours are just products to be sold to advertisers, and who knows who else. Amazon is buying Roomba so they can get access to the maps and images of contents of everyone's homes (sad, I used to like my Roomba). So they can sell you more crap.

It's completely unreal.

Re: I do have legit servers on Linode

If you're not "in the industry" you probably shouldn't be running an email server on the modern Internet. Sorry, but it's no longer for amateurs.

Unless it's on Hunter Biden's laptop. Then it's Russian propaganda.

Re: So, you're not opening an email in Excel

What if your job is opening similar files from customers or vendors?

Re: So, 0.2% eh ?

Uh, huh. Sure they will. Right after the bureaucracy processes it. So never.

Re: Port scan results

Seriously. The fact that a database is exposed to the Internet at all is a critical vulnerability.

Re: Shouldn't I be hearing this first from T-Mobile?

It probably takes a while to decide to notify millions of people that you've kept 20 years of personal information online and accessible to hackers and have therefore lost it.

Re: Why not go Orwellian?

They already have everyone carrying the phone and microphone with them. Why annoy people with a mandate?

Does it scream "it's mine"?

If no, why even think about touching it?

Re: A social engineering attack

So imagine you're a customer service agent at Network Solutions.

100 times a day clueless domain owners phone you and tell you they forgot their password or for whatever other reason can't get into their accounts or change their information.

99.999% of the time it turns out they're real and just need help.

How do you as a customer service agent reliably identify the one time they aren't?

Re: most of the spam comes from gmail addresses.

Definitely. I auto-junk anything with a google API URL in it.

Re: Team America: World Police

The individual States extradite criminals to each other all the time, usually regarding criminals who have fled jurisdiction though.

Re: The only reason "everyone" runs Outlook is because "everyone" uses Exchange.

Samba 4+ can run as full AD directory servers or members. Windows administration tools work on them.

I wouldn't necessarily recommend it for an SMB, but if you have anyone in ops who actually knows how to run Linux it's quite possible to fully implement an AD server infrastructure using just Samba.

Re: Backups?

You figure it out. Data that isn't backed up might as well not exist.

Re: Anonymous coward

DOJ is infamous for always being able and willing to find something to indict someone for if they want. What exec is going to say no to the US government with that perpetual threat hanging over them? Not to mention national security considerations.