|
You mean an overpaid security geek conference talking about being l33t hackers, right?
|
# ? Aug 7, 2019 12:57 |
|
|
# ? May 25, 2024 05:05 |
|
hell yeah ride that corporate gravy train
|
# ? Aug 7, 2019 13:54 |
|
I didn't get my company requests in time for Black Hat this year, maybe next year. And couldn't do Defcon since school started.
|
# ? Aug 7, 2019 14:49 |
|
https://twitter.com/katelibc/status/1159355614704783360?s=21
|
# ? Aug 8, 2019 16:24 |
|
Honestly, Windows Defender is getting really good, I find it hard to need any other solution right now.
|
# ? Aug 8, 2019 19:39 |
|
CommieGIR posted:Honestly, Windows Defender is getting really good, I find it hard to need any other solution right now. There is pretty much no reason for anyone who doesn't need central management to use anything else. If Microsoft would just sell their corporate managed version as a standalone product it'd be loving amazing, but they only offer it bundled in with a bunch of other Office365 or subscription Windows poo poo I don't want.
|
# ? Aug 8, 2019 20:39 |
|
ATP is essentially just standard defender but it forwards a bunch of stuff to a centralized sandbox/analysis server to do the more advanced stuff. Not really anything else to sell in the consumer space unless you're going to host all that extra kit for them on the backend.
|
# ? Aug 8, 2019 20:57 |
|
CommieGIR posted:Honestly, Windows Defender is getting really good, I find it hard to need any other solution right now. You're talking to me. That said, my complaint is that Trend Micro's response was really loving lovely. There are countless women who have to deal with men who want to abuse and harass them via their mobile devices and computers. I've had too many women come to me telling me that their ex-partners are reading their e-mails and there has been at least two cases where it was due to these sort of stalking apps being installed. All this despite them running anti-virus.
|
# ? Aug 8, 2019 20:57 |
|
Are these apps things that get sideloaded onto devices or are they available in the Play store and designed for this purpose and to hide themselves?
|
# ? Aug 8, 2019 21:01 |
|
Lain Iwakura posted:You're talking to me. https://twitter.com/Cyber_Cox/status/1159286034229686272
|
# ? Aug 8, 2019 21:15 |
|
Lain Iwakura posted:That said, my complaint is that Trend Micro's response was really loving lovely. The pharma industry charges money for lifesaving drugs, ethics capitalism etc. Aside from that, is AV software really the right solution to the problem? Kapersky is doing more against the stalkerware problem, but how long before the stuff comes with instructions on disabling / removing AV as part of the install? They already rely on things like sideloading or jailbreaking phones, so it's not like the users can't follow a step-by-step. Plus the creep obviously has physical access to the PC. Another problem with putting stalkerware in the same basket as viruses and malware is that they aren't trying to spread far and wide. It's paid software that happens to be evil. If I start selling my new Abuser-tron 2000, Kapersky & Trend Micro & MS don't see a copy until much later unless they're super pro-active about it. I guess I just don't see it as a problem with a technical solution.
|
# ? Aug 8, 2019 21:29 |
|
There already was a technical solution (yes it might not have been 100% but it existed), it was just arbitrarily paywalled.
|
# ? Aug 8, 2019 21:30 |
|
Thanks Ants posted:Are these apps things that get sideloaded onto devices or are they available in the Play store and designed for this purpose and to hide themselves? Sideloaded on Android. On Apple devices, they used MDM profiles. Of course, all those apps totally aren't for stalking your partner but for making sure your kids are safe!! (stalking your kids)
|
# ? Aug 8, 2019 21:44 |
|
Lain Iwakura posted:You're talking to me. Yeah, it was a disgusting response "Well, pay up and we'll protect you" Its straight up mafioso style. BangersInMyKnickers posted:ATP is essentially just standard defender but it forwards a bunch of stuff to a centralized sandbox/analysis server to do the more advanced stuff. Not really anything else to sell in the consumer space unless you're going to host all that extra kit for them on the backend. The built in sandbox is supposed to be coming in the next major 10 release, which excites me. That plus WSL2 wolrah posted:There is pretty much no reason for anyone who doesn't need central management to use anything else. If Microsoft would just sell their corporate managed version as a standalone product it'd be loving amazing, but they only offer it bundled in with a bunch of other Office365 or subscription Windows poo poo I don't want. Agreed, they've tied it so much into their ATP via Azure/O365 platform, I'd love if they'd sell ATP as a standalone. CommieGIR fucked around with this message at 21:58 on Aug 8, 2019 |
# ? Aug 8, 2019 21:54 |
|
Klyith posted:The pharma industry charges money for lifesaving drugs, ethics capitalism etc. AV isn't the right solution; the issue is super complex and is beyond just dealing with someone's computer or device--as in you're right that it is more than a technical problem. I've written extensively about this elsewhere but the average person in an abusive situation isn't going to know what to do all the time and as much as I hate AV, it can be an appropriate solution when someone is trying to deal with things the best way they can. I have never found myself having to deal with an abusive adversary who has the means to control my devices, but I cannot discount any of the tools available when dealing with such if it were anyone else. It's easy for any of us to go and say "AV is bad" but TrendMicro going and saying that it isn't their job unless you pay them all the while offering a carrot on a stick with a free version is really scummy. That is where the "anti-virus is ransomware" remark came from. AV vendors offer this protection because there are companies that don't want to see this garbage software show up on their networks or they want to ensure that it is properly whitelisted. However, since it's often just companies that use it, Trend sees it fit to not bother with making it available to any free user who typically would be at home. Having worked in the industry, it is unsurprising that this has happened but again their response was loving garbage. I am glad that their social media team is atop of it but still. Evacide owns.
|
# ? Aug 8, 2019 22:12 |
|
Are there any opinions on IT/Infosec degrees from WGU (Western Governors University)? There aren’t any good programs that are local to me, so they seem like the best option for taking my education down this path.
|
# ? Aug 8, 2019 22:48 |
|
LtCol J. Krusinski posted:Are there any opinions on IT/Infosec degrees from WGU (Western Governors University)? Honest answer? There's not a lot of good "CyberSecurity/Infosec" programs, largely because they focus on governance. If that is what you want, its probably good. But, otherwise, Ethical Hacking courses tend to be a little more informative, but can be pricey. I'm mostly self-taught, so I have a little bit of a bias, but lab courses, youtube videos, and online guides are my classroom. Best way is a virtual lab, via Virtualbox, a couple VMs, and a Kali instance. CommieGIR fucked around with this message at 23:27 on Aug 8, 2019 |
# ? Aug 8, 2019 23:22 |
|
LtCol J. Krusinski posted:Are there any opinions on IT/Infosec degrees from WGU (Western Governors University)? DePaul has an online MS in InfoSec (one of the tracks is almost all governance stuff, another is sort of hybrid networking/governance, a third is mostly application security) and one in Network Engineering/Security but they're probably complete trash*. *: I'm complete garbage but they accepted me and let me enroll without (so far) revealing it was actually all an elaborate "candid camera" prank so .
|
# ? Aug 8, 2019 23:35 |
|
Lain Iwakura posted:AV isn't the right solution; the issue is super complex and is beyond just dealing with someone's computer or device--as in you're right that it is more than a technical problem. Premium features = ransomware is a new one to me. Characterizing the free version as a carrot on a stick is also a really weirdly malicious way to talk about a pricing model. Do you object to the idea of paid software altogether? Because otherwise I don't see the distinction between an AV with premium features from software demos, or really any form of tiered capability software sales model to begin with. but then again I'm not morally outraged that capitalism exists I'm also really unconvinced that anti-virus programs are an appropriate or effective response to stalking apps.
|
# ? Aug 8, 2019 23:35 |
|
The Iron Rose posted:I'm also really unconvinced that anti-virus programs are an appropriate or effective response to stalking apps. Best Antivirus is best practices, honestly. GPO controls in corporate environments, tight restrictions in home environments. UAC, disabling Powershell 2.0, etc. By the time most Antiviral/Antimalware's actually act, you've already made a mistake. They do a good job of stopping a beachhead, but that's all they are good for.
|
# ? Aug 8, 2019 23:40 |
|
I went through a university that had an IT degree with a Cybersecurity concentration, It felt a lot like the CS degree except you could elect to do Ethical Hacking 1/2, Network Defense 1/2, and Computer Forensics. Which may as well have boiled down to "Learn to use Kali, learn to use Wireshark, and Learn to use niche software that looks like it hasn't been updated since the mid 2000's and hopefully not cop some liability for accidentally destroying evidence". If it wasn't for the ability to check a box for HR, I don't think a Cyber security degree would give you more than what you could learn by trying to cram for the Security+ and doing a bunch of lab work.
|
# ? Aug 8, 2019 23:43 |
|
The Iron Rose posted:Premium features = ransomware is a new one to me. Characterizing the free version as a carrot on a stick is also a really weirdly malicious way to talk about a pricing model. Do you object to the idea of paid software altogether? Because otherwise I don't see the distinction between an AV with premium features from software demos, or really any form of tiered capability software sales model to begin with. I'm morally outraged that capitalism exists (also entropy), but I don't bother putting the culpability on individuals for existing within it. Because that would be dumb. I too engage in capitalism. But on the other hand going full twitter appears to have produced results in this case.
|
# ? Aug 9, 2019 00:06 |
|
Klyith posted:I'm morally outraged that capitalism exists (also entropy), but I don't bother putting the culpability on individuals for existing within it. Because that would be dumb. I too engage in capitalism. A good response.
|
# ? Aug 9, 2019 00:12 |
|
The Iron Rose posted:Premium features = ransomware is a new one to me. Characterizing the free version as a carrot on a stick is also a really weirdly malicious way to talk about a pricing model. Do you object to the idea of paid software altogether? Because otherwise I don't see the distinction between an AV with premium features from software demos, or really any form of tiered capability software sales model to begin with. It isn't an effective response but in the case of a person being abused it's the one case where I won't bat an eye to them attempting to do whatever they can under duress--a rag will suffice as gauze if you find yourself dealing with something that otherwise needs stitches and proper attention and have no other means to deal with things. You will never, ever hear me talking positive about anti-virus but this is one of these edge cases where I will not go after people for suggesting it. Also while I am not a capitalist (and let's not derail this thread), I understand that under our system that things need money in order to exist and as such things need to be paid for. However, it's a garbage response that the sales rep gave to what the free version covers and at the very least stalkerware and its ilk should be covered by the free version. I have zero issue with spending money myself on products that actually work, but we're dealing with a completely different issue here.
|
# ? Aug 9, 2019 00:30 |
|
CommieGIR posted:
The real fun for me, though, is using conditional access and a litany of rules and policies for user data accessed though Direct Connect, remote apps on azure rds, and old lovely LOBs gated behind big honkin' AzureAD app gateways and seeing all the integrated data just show up without any work yeah, response is taking some work and workflow understanding, but i mean drat this is easy
|
# ? Aug 9, 2019 01:05 |
|
The Iron Rose posted:but then again I'm not morally outraged that capitalism exists Why on earth not
|
# ? Aug 9, 2019 01:51 |
|
Cup Runneth Over posted:Why on earth not Capitalism's actual winners have convinced him that's he's also one (he almost certainly is not).
|
# ? Aug 9, 2019 01:57 |
|
Schadenboner posted:Capitalism's actual winners have convinced him that's he's also one (he almost certainly is not). We're both women.
|
# ? Aug 9, 2019 02:04 |
|
Lain Iwakura posted:We're both women. All the more reason to be outraged by capitalism
|
# ? Aug 9, 2019 02:07 |
|
Big zero-day EOP for Steam: https://amonitoring.ru/article/steamclient-0day/ Apparently, Registry symbolic links are a thing, and ordinary users can create them in Steam’s system-wide folder pointing to anywhere, causing the Steam Client Service to grant Users full control on the target of the link. I think the bigger problem here is ordinary users can create Registry symbolic links without SeCreateSymbolicLinkPrivilege set. Still bad programming in Steam, though.
|
# ? Aug 9, 2019 02:09 |
|
In which case she's even less likely to be one of capitalism's winners (as women constitute +/- 50% of the population but hold somewhere between a 1/3 and 2/5 of all wealth)? "Narratives of effort-based-success are a hell of a drug" (as the kids say these days).
|
# ? Aug 9, 2019 02:33 |
|
Well, capitalism does suck, comrade.
|
# ? Aug 9, 2019 02:49 |
|
Lain Iwakura posted:It isn't an effective response but in the case of a person being abused it's the one case where I won't bat an eye to them attempting to do whatever they can under duress--a rag will suffice as gauze if you find yourself dealing with something that otherwise needs stitches and proper attention and have no other means to deal with things. You will never, ever hear me talking positive about anti-virus but this is one of these edge cases where I will not go after people for suggesting it. I think they should suggest more effective things to someone being abused to install an antivirus program. I'm not sure the social obligation particular measures up against, idk, premium rootkit or web execution prevention, or scheduled scans or whatever. To what extent does a product designed to keep people from harm have a social obligation to provide protective services free of charge? And to what extent does it have when it largely doesn't work and there's hundreds of free and paid AV solutions that provide varying feature sets? I'm certainly not complaining when antivirus providers improve the quality of their free offerings, because however imperfect and flawed they are, millions of people use them and the more protected they are the better we all are - including from stalkerware. I'm glad that social pressure created positive change. But I see words from you and others like ransomware or mafioso style lol, and that's pretty extreme way of talking about it and I don't think it's deserved. The Iron Rose fucked around with this message at 04:09 on Aug 9, 2019 |
# ? Aug 9, 2019 04:07 |
|
The Iron Rose posted:I think they should suggest more effective things to someone being abused to install an antivirus program. I'm not sure the social obligation particular measures up against, idk, premium rootkit or web execution prevention, or scheduled scans or whatever. To what extent does a product designed to keep people from harm have a social obligation to provide protective services free of charge? I am horribly bitter about infosec products as a whole but anti-virus gets a special place in the depths of hate that I have within due to my time having worked for an AV company.
|
# ? Aug 9, 2019 04:09 |
|
CommieGIR posted:Honestly, Windows Defender is getting really good, I find it hard to need any other solution right now. That and an ad-blocker will keep you safe so long as you stay out of the danker corners of the web.
|
# ? Aug 9, 2019 04:21 |
|
I posted in here a while back, and got some good feedback. I've been promoted to a decision making level on the software dev side for an alternative to Splunk. If you're using Splunk and looking for something else, what are the 'killer features' in Splunk that keep you with them? If anyone is interested, I will go back through this thread and discuss any issues that came up the first time around.
|
# ? Aug 9, 2019 05:04 |
|
Lain Iwakura posted:I am horribly bitter about infosec products as a whole but anti-virus gets a special place in the depths of hate that I have within due to my time having worked for an AV company. I’ve just finished reading this entire thread, and I saved several of your posts into my keep for later.rtf file. If you wouldn’t mind, could you expand on your disdain for AV software? Is it all AV software or just certain companies? I’d really like to get your take, if your willing to share. Which AV company did you work for? What was your job there?
|
# ? Aug 9, 2019 05:04 |
|
My hard-drive came with some limited time Norton Antivirus license, and that thing`s repeated popups and taking over my browser and all that pissed me off so much I uninstalled it and turned on Windows Defender.
|
# ? Aug 9, 2019 05:10 |
|
Close down Infosec, we've got 5 Dimensional Crypto now https://twitter.com/veorq/status/1159559785068429312 And their extremely good site - https://timeai.io/ And their awesome science complete with album cover at the bottom - https://arxiv.org/ftp/arxiv/papers/1903/1903.08570.pdf Also featured: actual cryptographers dunking on them in real time and on twitter.
|
# ? Aug 9, 2019 05:40 |
|
|
# ? May 25, 2024 05:05 |
|
https://twitter.com/alfredwkng/status/1159190827190517760
|
# ? Aug 9, 2019 05:42 |