Malicious script can (1) fingerprint and detect lab machines and therefore not do bad thing — this is arbitrarily easy if Google test lab is the first to ever execute their script, (2) over time build a graph of IPs,…
The API exists because zoom.com request microphone and camera through an iframe is a legit use case. As OP said below CSPs exist so that enterprises can lock down those vulnerabilities. But wouldn’t make sense to lock…
Yawn. How did this make it to the top? I thought programmers were supposed to be good at math.
You sound like you just took a stats 101 class and now are bragging to a bunch of adults about how much you learned in stats 101. Sincerely, someone working in the field for last 7 years.
Me replying to my boss in chat when I first started working: “Yes I agree, thank you for the feedback”. Me replying to my boss literally today: “lmao true”
What’s the p-value on this bad boy? Also I wonder if they controlled for confounding factors. Ones I can think of are: “Thanks” more likely on emails containing requests, which inherently requires response if from…
User count is fairly meaningless. How much was that in daily active / weekly active users? How many of those were bot / spammer accounts being “seasoned” to then sell to abusers?
As someone who worked on reputation at Microsoft, it sounds like a bad case of the right hand not talking to the left. Outlook SmartScreen judgment should be available to tier 3 support along with the IP block list…
Better than trusting the perimeter. A single breach in a “trustful” intranet still results in full network compromise. Best to assume breach and work from there. Hating on zero trust is non-sensical to me, feels like…
If I were to guess, conversion rate on phishing sites
Probably conversion rate on phishing sites
Malicious script can (1) fingerprint and detect lab machines and therefore not do bad thing — this is arbitrarily easy if Google test lab is the first to ever execute their script, (2) over time build a graph of IPs,…
The API exists because zoom.com request microphone and camera through an iframe is a legit use case. As OP said below CSPs exist so that enterprises can lock down those vulnerabilities. But wouldn’t make sense to lock…
Yawn. How did this make it to the top? I thought programmers were supposed to be good at math.
You sound like you just took a stats 101 class and now are bragging to a bunch of adults about how much you learned in stats 101. Sincerely, someone working in the field for last 7 years.
Me replying to my boss in chat when I first started working: “Yes I agree, thank you for the feedback”. Me replying to my boss literally today: “lmao true”
What’s the p-value on this bad boy? Also I wonder if they controlled for confounding factors. Ones I can think of are: “Thanks” more likely on emails containing requests, which inherently requires response if from…
User count is fairly meaningless. How much was that in daily active / weekly active users? How many of those were bot / spammer accounts being “seasoned” to then sell to abusers?
As someone who worked on reputation at Microsoft, it sounds like a bad case of the right hand not talking to the left. Outlook SmartScreen judgment should be available to tier 3 support along with the IP block list…
Better than trusting the perimeter. A single breach in a “trustful” intranet still results in full network compromise. Best to assume breach and work from there. Hating on zero trust is non-sensical to me, feels like…
If I were to guess, conversion rate on phishing sites
Probably conversion rate on phishing sites