* Posts by Blade918rr

22 publicly visible posts • joined 26 Apr 2019

Software patching must work like car safety recalls, says US cyber boss

Blade918rr

At last. been saying this for years

Zero-day proof-of-concept exploit lands for Windows make-me-admin vulnerability

Blade918rr

Have said this before and I'll say it again

We should be able to Bill Microsoft for fixing their errors

Its not about the exploit. Some AV will detect it. Its the huge resourcing needed to do OoB patching for large estates

Someone needs to be made accountable !

It's time to track people's smartphones to ensure they self-isolate during this global pandemic, says WHO boffin

Blade918rr

"Those Staff" should have the right to fair working environment, and not treated like fodder to push and push until they break!!!!!!

6 years to train yes. That should be a factor in the design of the service.

Azure admins' cold sweat likely caused by a 'isolated' power problems that browned out West Central USA region

Blade918rr

We could see a bit of a meltdown if we all have to stay at home (including children) for isolation. All the additional internet usage from bored kids and remote working.

BOFH: Here he comes, all wide-eyed with the boundless optimism of youth. He is me, 30 years ago... what to do?

Blade918rr

I read the responses with interest

In most instances I have learned that stress is caused by trying to change something that we are not empowered to change. leading to frustration. Simply inform in writing / e-mail to the management team.

Then its a case of Bean counters vs Auditors/Share holders.

When we get promoted to executives then we can take on the stress, accompanied by an appropriate level of pay

Thanks

Blade918rr

A familiar story.

But, 50% of the job is not IT related, IT knowledge just allows us to better understand the business problems and monitor for risk.

50% of the job is critical thinking and providing information and guidance to the business to allow it to make decisions that hopefully result in business successes

Yes, we often feel that the business is not doing the right thing (from our view) but the business is much bigger that one department (IT).

New starters in the industry will consider they have a full knowledge base. unfortunately their knowledge base will be 90% theory based on generic academic views of how things should be done (different between best endeavour and reasonable business endeavour based on risk analysis)

Us "time served" IT pro's need to enhance and shape new starters knowledge. So as to avoid the pain and business losses experienced by time served IT pro's

Over the years I try to detach from the emotional aspects and just try to provide information and guidance based on facts, if the business chooses not to act upon the information, I assume there is a good reason.

Flaws punched holes in Azure cloud, Apple patches pretty much everything, Eurocops cuff Maltese hackers, etc

Blade918rr

What was the point of this post? A vulnerability was found and patched before public disclosure, A daily process for all platforms!

If your org hasn't had a security incident in the last year: Good for you, you're in the minority

Blade918rr

Maybe would be of more value if the percentage of incidents that resulted in high business loss was presented. Its all about risk, does a hack equal a large loss to business or just and acceptable level of risk attributed to working in a highly connected world ?

As said previously, if you have limited visibility into abnormal activity you are unlikely to see a breach. I suspect in many instances, organised crime and nation states have better visibility of an organisations posture than a the C level of the org.

Why do cloud leaks keep happening? Because no one has a clue how their instances are configured

Blade918rr

The cloud does offer access controls to prevent "rogue" developers. All production changes should go through change management established through a governance framework informed by risk.

I see many on-prem / hosted datacentres where they think they have good visibility. This tends to be limited to the O/S and net, with minimal understanding of app versioning or ownership.

Really need to have full visibility.

I guess the visibility is proportional to the size and complexity, just as risk is.

I unfortunately recognise your comments around "Throw it over the fence" I still have the mental scars :)

Blade918rr

I suspect most of the orgs have limited visibility (major factor in risk management) on premise as well, all we are seeing is an extension of poor risk management practices into cloud.

Maybe we should focus on fixing broken business processes and actually implement a robust risk framework to cover all assets regardless of which piece of wire or "serverless" CPU they are attached to.

Remember: Cloud provider only provides security if you pay extra for it. Cloud is a business and unlike the datacentre hosting providers of old they have no real incentive to do stuff for free.

Your business = Your Risk.

Service call centres to become wasteland and tumbleweed by 2024

Blade918rr

Of course, AI can also replace end users, so we all be out of a job. Only people in work would be process architects feeding AI developers.

No system user/operator end points just a shared customer interface.

Hope governments have a plan to replace all the work options for people, many people find purpose in work.

I see a very depressing future ahead.

need to revisit the questions: Can we? AND should we ?

2001: Linux is cancer, says Microsoft. 2019: Hey friends, ah, can we join the official linux-distros mailing list, plz?

Blade918rr

Maybe MS can introduce some discipline.

Patching Microsoft products is simple, patching anything else is a nightmare (especially open source)

MS just want to provide assurance to clients. What's wrong with that?

Sad SACK: Linux PCs, servers, gadgets may be crashed by 'Ping of Death' network packets

Blade918rr

always makes me smile when these vulnerabilities that have obviously been around for years are suddenly a problem :) or are we expecting another list of leaks from certain intelligence agencies. As far as i cam remember TCP flow control and network protocols/file systems have always had these features.

thanks reg for keep us informed.

Microsoft: Yo dawg, we heard you liked Windows password expiry policies. So we expired your expiry policy

Blade918rr

The point is that the attacker would need to take an additional action to generate the correct password, disrupting the process. Significant if the attacker has purchased the passwords / hashes and therefore would need to go back to point of extraction. Changing one character anywhere in the password would not be as easy to guess.

Blade918rr

Re: Words of Satan

Maybe he pretends to be Nasty so that you remember what he says. Normally being nasty is the only way any one takes anything seriously (until the business is on its knees then everyone want to know what the security officer has to say). Security Pro's do not expect to be liked but are expected to secure the business.

Blade918rr

Seems odd that we think of passwords and not the resulting hash. Change one character of the password and the hash will change significantly. I thought we wanted to disrupt the attacker and not give the attacker longer to replay or crack passwords from hashes.