• 0 Posts
  • 60 Comments
Joined 1 year ago
cake
Cake day: July 6th, 2023

help-circle








  • Mostly customer provided certs, high end clients make all kinds of stupid requests like the aforementioned man-in-the-middle chain sniffers, clients that refuse DNS validation, clients that require alternate domains to be updated regularly. Management is fine for mywebsite.com, but how are you solving an EV on the spoofed root prod domain, with an sso cert chain for lower environments on internal traffic that is originally provided by a client? And do you want the cs reps emailing each other your root cert and (mistakingly) the key? I’ve been given since SCARY keys by clueless support engineers. I don’t want to do this every 3 months.


  • As someone who creates custom domain name applications, FUCK THEM WITH A PINEAPPLE SPIKY SIDE FIRST. This problem is on par with timezones for needless complexity and communication disasters. Companys and advertisers are now adding man in the middle certs for additional data collection/visibility. If the ciphers not cracked, changing the certs exposes significantly more failure, than letting one get a little stale.
    Sysadmin used slam! It’s super effective!




  • thirteene@lemmy.worldtoTechnology@lemmy.worldWhat the hell Proton!
    link
    fedilink
    English
    arrow-up
    55
    arrow-down
    8
    ·
    2 months ago

    Hailey “Hawk Tuah” Welch is an influencer that gained a lot of popularity from her nickname (the sound of spitting, with HEAVY implications of performing fellacio). She used her platform to voice a very reasonable and intelligent opinion, which surprised a lot of people because her nickname is essentially blowjob queen.

    One of her opinions is that it’s important to spread cyber security and used her fame to try to educate the public (potentially a fake story from the image? Idk this drama). And some xit-head claiming to be a cyber security expert ate the onion and offered some shitty advice. Proton fact checked them, because there are a ton of fake news stories about her right now.


  • You can prevent downtime by mirroring your container repository and keeping a cold stack in a different cloud service. We wrote an loe, decided the extra maintenance wasn’t worth the effort to plan for provider failures. But then providers only sign contracts if you are in their cloud and you end up doing it anyways.

    Unfortunately most victims aren’t using best practices let alone industry standards. The author definitely learned the wrong lesson though.




  • I have yet to hear about bitwarden getting pwned

    Honestly this is the part that scares me the most. Well maybe it’s the fact we have multiple plausible scenarios… What happens when you get locked out of bitwarden? I imagine the 256 randomized salted hash passwords will be hard to call, some companies will likely be able to restore your password via phone support. During that time, informed attackers will potentially have the master keys to your entire life. Fighting ai chatbots trying to recall security questions. During that time your phone and Internet service could be shut off, secondary emails changed and validated, money transferred out of bank accounts, stocks and crypto sold. Crowdstrike was a valuable security company.



  • My rhcsa expired and I only have experience beyond that. Your task right now is to find a job and the easiest way to do that is to leverage your network. If you don’t have a network, you need to prove that you can commit to a long term plan and learn a skill. Most people do that with degrees. Unfortunately a lot of people have degrees and technology is getting more competitive. That’s where you see school competitions and certifications. If you don’t want to do that, you’ll need to be able to speak competently to the role.

    Unfortunately right now I do not recommend platform/devops/sre for anyone breaking into the field. If I create an application today, it’s server less or bring your own dockerfile on a provided machine image. So what are you administrating? Legacy shops will be around for decades, but the future here is layered architecture not os tasks.