Not so sure that's a good idea. This would prevent users to programmatically compare hashes, and it would be hard to display one next to the other to facilitate comparison. Keep in mind that it is relatively easy to…
I totally agree with you, except that asking users multiple times for their password will increase password fatigue. It may be argued that we could prefer the users to mindlessly click on Yes when a popup arises,…
Listening for these hotkeys is kind of pointless. The whole idea of pressing Ctrl + Alt + Del is that, while you can detect the keys being pressed, you cannot prevent Windows to display its interface on top of yours.…
Don't cry man, at least I feel quite confident that these backdoors are efficiently NOBUS
And yet here we are, unable to properly deactivate "features" such as Intel ME.
I get your point, but most does not mean all, and hardening is all about adding layers. https://insights.sei.cmu.edu/cert/2016/11/windows-10-cannot-... is a complete review of the mitigations we are loosing.
Sure, it does sound interesting. Now what about all EMET mitigations that Microsoft is deprecating by saying Windows 10 is "secure enough" as is?
I so you are very lucky. 99% of people have to put up with things like this without saying a thing.
From my experience it works actually pretty well, and OPNSense does indeed address the issues the parent posted
I get your point, but I meant that the open source community works because it can leverage on the work from each other. The achievements would be multiplied by the potential reach.
tl;dr: a CVSS 7.8 Windows vulnerability in the SMB service can allow an attacker to DoS any machine with the filesharing service exposed; the possibility of RCE seems to have been discarded; exploits are freely…
Now imagine what a Linux distribution could achieve with the same budget...
Algo looks good if you stick to IPSEC but WireGuard is years ahead, and much sounder. Considering WireGuard's promising start, imo it's OK if platform support isn't broad yet. You don't need Solaris support to start…
Thank you for your great work. For me, security is by far the most important selling point. Firefox is a bit late to the party but not that far behind Chrome, as we can see on the competitions and bug bounties (a Chrome…
Yeah, and that's even more stupid if your threat model considers your country and ISP as an adversary. We don't all live in nice countries, and in this case not having a VPN is far worse in terms of traffic interception…
Yes, it still is especially since 4.0, and this new update does not seem to do anything to improve it. BT sux.
Not so sure that's a good idea. This would prevent users to programmatically compare hashes, and it would be hard to display one next to the other to facilitate comparison. Keep in mind that it is relatively easy to…
I totally agree with you, except that asking users multiple times for their password will increase password fatigue. It may be argued that we could prefer the users to mindlessly click on Yes when a popup arises,…
Listening for these hotkeys is kind of pointless. The whole idea of pressing Ctrl + Alt + Del is that, while you can detect the keys being pressed, you cannot prevent Windows to display its interface on top of yours.…
Don't cry man, at least I feel quite confident that these backdoors are efficiently NOBUS
And yet here we are, unable to properly deactivate "features" such as Intel ME.
I get your point, but most does not mean all, and hardening is all about adding layers. https://insights.sei.cmu.edu/cert/2016/11/windows-10-cannot-... is a complete review of the mitigations we are loosing.
Sure, it does sound interesting. Now what about all EMET mitigations that Microsoft is deprecating by saying Windows 10 is "secure enough" as is?
I so you are very lucky. 99% of people have to put up with things like this without saying a thing.
From my experience it works actually pretty well, and OPNSense does indeed address the issues the parent posted
I get your point, but I meant that the open source community works because it can leverage on the work from each other. The achievements would be multiplied by the potential reach.
tl;dr: a CVSS 7.8 Windows vulnerability in the SMB service can allow an attacker to DoS any machine with the filesharing service exposed; the possibility of RCE seems to have been discarded; exploits are freely…
Now imagine what a Linux distribution could achieve with the same budget...
Algo looks good if you stick to IPSEC but WireGuard is years ahead, and much sounder. Considering WireGuard's promising start, imo it's OK if platform support isn't broad yet. You don't need Solaris support to start…
Thank you for your great work. For me, security is by far the most important selling point. Firefox is a bit late to the party but not that far behind Chrome, as we can see on the competitions and bug bounties (a Chrome…
Yeah, and that's even more stupid if your threat model considers your country and ISP as an adversary. We don't all live in nice countries, and in this case not having a VPN is far worse in terms of traffic interception…
Yes, it still is especially since 4.0, and this new update does not seem to do anything to improve it. BT sux.