|
Yeah tried that but now I'm explaining what an Evangelist is .
|
# ? Jul 4, 2016 14:46 |
|
|
# ? Jun 6, 2024 12:42 |
|
geonetix posted:Yeah tried that but now I'm explaining what an Evangelist is . Um. Please tell me that you're not in a native English speaking country.
|
# ? Jul 4, 2016 15:02 |
|
gonadic io posted:Um. Please tell me that you're not in a native English speaking country. Most people don't consider evangelist a job outside the ministry
|
# ? Jul 4, 2016 15:08 |
|
Security auditor maybe? Unless that's already a defined role in your org
|
# ? Jul 4, 2016 15:13 |
|
geonetix posted:How would you call somebody in an organisation that does code review and educates their colleagues? wizardsecurity engineer
|
# ? Jul 4, 2016 15:18 |
|
https://twitter.com/CthulhuSec/status/749952937493925888
|
# ? Jul 4, 2016 15:21 |
|
good thing R'lyeh didn't sign an extradition treaty
|
# ? Jul 4, 2016 15:31 |
|
a sensible decision. get em now whilst the litigation is good!
|
# ? Jul 4, 2016 15:38 |
|
geonetix posted:How would you call somebody in an organisation that does code review and educates their colleagues? it sounds a bit dumb but Security Delivery Engineer is the right combo of words that lets you sneak in and help coding teams without being That Guy From Security Who Fucks Deliverables
|
# ? Jul 4, 2016 15:45 |
|
security club promoter
|
# ? Jul 4, 2016 16:38 |
|
ahmeni posted:Fucks Deliverables lol it's me! literally because holy gently caress it isn't that hard to secure IIS and your app for fucks sake yes i'm going to casually namedrop your project to secops for the glory of pissing all over others.
|
# ? Jul 4, 2016 16:42 |
|
geonetix posted:How would you call somebody in an organisation that does code review and educates their colleagues? "Director of No", to match my average historical experience
|
# ? Jul 4, 2016 16:44 |
|
BattleMaster posted:good thing R'lyeh didn't sign an extradition treaty not dead which eternal lie but warrant servers will always try
|
# ? Jul 4, 2016 16:44 |
|
geonetix posted:How would you call somebody in an organisation that does code review and educates their colleagues? "top of the layoff list" is how that seems to work
|
# ? Jul 4, 2016 16:48 |
|
geonetix posted:How would you call somebody in an organisation that does code review and educates their colleagues?
|
# ? Jul 4, 2016 16:50 |
|
Trabisnikof posted:Most people don't consider evangelist a job outside the ministry Truth. Also we're Dutch so. A Man With A Plan posted:Security auditor maybe? Unless that's already a defined role in your org We have internal auditor and it seems to attract the wrong people. ahmeni posted:it sounds a bit dumb but Security Delivery Engineer is the right combo of words that lets you sneak in and help coding teams without being That Guy From Security Who Fucks Deliverables Heh. We went with Software Security Engineer. But it's a bit of a mixup anyway. Thanks everybody!
|
# ? Jul 4, 2016 17:24 |
|
quote:StartCom always try hard to provide best free SSL certificate service for worldwide customers, this is why we have released the StartEncrypt, but due to the time tight and lack strict test before release, there are many bugs in the current version of StartEncrypt, so we decide to stop this version and start to work for new version that based on ACME protocol, we think this is a best choice for more security and more transparency. Very thanks to all valuable feedback, we appreciate all help to improve our products. https://www.startssl.com/NewsDetails?date=20160606&acme
|
# ? Jul 4, 2016 17:34 |
|
I want to clone Eddy Nigg so I can beat him soundly with a copy of himself
|
# ? Jul 4, 2016 17:42 |
|
kalstrams posted:now i can blame you for touching poop *cartoonishly laughs into hidden nsa microphone* http://bits-please.blogspot.com/2016/06/extracting-qualcomms-keymaster-keys.html
|
# ? Jul 4, 2016 17:54 |
|
https://github.com/Cr4sh/ThinkPwnquote:This code exploits 0day privileges escalation vulnerability (or backdoor?) in SystemSmmRuntimeRt UEFI driver (GUID is 7C79AC8C-5E6C-4E3D-BA6F-C260EE7C172E) of Lenovo firmware. Vulnerability is present in all of the ThinkPad series laptops, the oldest one that I have checked is X220 and the neweset one is T450s (with latest firmware versions available at this moment). Running of arbitrary System Management Mode code allows attacker to disable flash write protection and infect platform firmware, disable Secure Boot, bypass Virtual Secure Mode (Credential Guard, etc.) on Windows 10 Enterprise and do others evil things. ... quote:
Lenovo, not the bastion of security that we want, but the one we truly deserve.
|
# ? Jul 4, 2016 17:59 |
Star War Sex Parrot posted:did you not read the article to go along with that github repo a few days ago?
|
|
# ? Jul 4, 2016 19:20 |
|
geonetix posted:How would you call somebody in an organisation that does code review and educates their colleagues?
|
# ? Jul 4, 2016 19:48 |
|
cylance and sophos are having a fist fight https://blog.cylance.com/sophos-yet-so-far quote:This conversation has gone on long enough and wastes everyone's time. We don't game tests and never will. We strongly urge customers to test any solutions on their own systems and networks. It is the only truly independent and “real world” metric that ever matters. https://blogs.sophos.com/2016/06/29/thoughts-on-comparative-testing/ quote:For months, Cylance has sought to dazzle audiences with its “Unbelievable” demonstration, staging well-choreographed battles against other IT security vendors, including Sophos. The exhibition ends with Cylance delivering near-perfect scores while everyone else (predictably) shows lackluster results. Yet when the playing field is leveled, and Cylance’s product comes under real scrutiny, the company cries foul, puts the fear of lawsuits into the minds of its partners, and accuses others of “smoke and mirrors” tactics.
|
# ? Jul 4, 2016 22:50 |
|
make that more of a slap fight
|
# ? Jul 4, 2016 22:53 |
|
hey but look at this shitshow http://www.theregister.co.uk/2016/07/03/mri_software_bugs_could_upend_years_of_research/?mt=1467666616578 quote:MRI software bugs could upend years of research
|
# ? Jul 4, 2016 22:53 |
|
OSI bean dip posted:cylance and sophos are having a fist fight
|
# ? Jul 4, 2016 23:00 |
|
My moneys on sophos because cylance are math nerds
|
# ? Jul 4, 2016 23:15 |
|
Jewel posted:hey but look at this shitshow lol
|
# ? Jul 4, 2016 23:33 |
|
Graff posted:lol verging on megalol
|
# ? Jul 4, 2016 23:36 |
|
Jewel posted:hey but look at this shitshow but literally not figuratively to people this affects.
|
# ? Jul 4, 2016 23:40 |
|
geonetix posted:How would you call somebody in an organisation that does code review and educates their colleagues? Principal engineer. If your senior engineers aren't doing code reviews and mentoring junior engineers, immediately and don't look back.
|
# ? Jul 4, 2016 23:41 |
|
https://www.wired.com/2016/06/symantecs-woes-expose-antivirus-software-security-gaps/quote:Wysopal suggests security researchers may overlook security software because they’re too close to the problem. Many in this line of work are employed by other security firms, he says, “and they’re not going to attack their own. Maybe it doesn’t look good for a Symantec researcher to be publishing a flaw in McAfee.” i have to keep my mouth shut about certain things i come across because i am affected by dumb ndas both past and present =/
|
# ? Jul 4, 2016 23:46 |
|
cheese-cube posted:lol it's me! literally because holy gently caress it isn't that hard to secure IIS and your app for fucks sake yes i'm going to casually namedrop your project to secops for the glory of pissing all over others. lol at security as gatekeepers instead of an integrated process in software development and deployment
|
# ? Jul 5, 2016 00:43 |
|
ahmeni posted:lol at security as gatekeepers instead of an integrated process in software development and deployment Lol at security as having any decision making power whatsoever in most software development and deployment.
|
# ? Jul 5, 2016 01:04 |
|
Volmarias posted:Lol at security as having any decision making power whatsoever in most software development and deployment. you gotta get in at the requirements stage. that does mean stating clear criteria for security characteristics though, which can be a more rigorous framing than security professionals usually undertake
|
# ? Jul 5, 2016 01:33 |
|
Subjunctive posted:you gotta get in at the requirements stage. that does mean stating clear criteria for security characteristics though, which can be a more rigorous framing than security professionals usually undertake
|
# ? Jul 5, 2016 02:07 |
|
hm has anyone posted this yet? new vpn thingie https://www.wireguard.io/ actually looks awesome, but what do i know
|
# ? Jul 5, 2016 15:05 |
|
Tankakern posted:hm has anyone posted this yet? new vpn thingie i think someone posted it, if not i somehow got linked it in the last week or so it seems like it was competently made but it's obviously super untested
|
# ? Jul 5, 2016 15:10 |
|
yes it was mentioned a few pages back ask me about making an 8 node full mesh network using openvpn
|
# ? Jul 5, 2016 15:13 |
|
|
# ? Jun 6, 2024 12:42 |
|
Perplx posted:yes it was mentioned a few pages back ok i will, cuz i tried once and failed
|
# ? Jul 5, 2016 15:47 |