Selling, no. Buying, definitely. And names don't influence my decisions. A rose by any other name...
procurement, management, finance, and others you need to appeal to They don't need to appeal to any of these suits. Just the technical decision-makers, whose express job it is to choose solutions on their technical…
My point was that the job of a technology decision-maker is to make decisions on the actual technical merits of various options, the costs and tradeoffs thereof. If you are in that role, and you permit the name of a…
If you make technology stack decisions based on your feelings rather than what the product actually does, then you shouldn't be employed as a decision-maker.
I see it as technical people on HN who appreciate the metaphor, versus marketing/business people who can only think of "image". It's to expected with the massive infestation of HN by suits and khakis in the last few…
Another, and better, alternative to slack: IRC.
Why exactly is HackerOne drawing a distinction with this software producer? The truth is: because a H1 rep went on Risky Business and did not deliver a very good performance. Patrick, who is absolutely okay with H1…
While I applaud this move, I suspect H1 will continue servicing government and law enforcement clients of all kinds. A consistently applied policy would see ties with ALL surveillance entities severed.
The unfounded hostility that the mere existence of Soylent brings out of otherwise level-headed people is always a great source of amusement.
[warning, mild politicking] Don't worry; now that Trump has turned out to be just another shill for Globalism, Facebook will have no problem with him or anybody who continues to support him.
As larger proportions of the infosec community get hired or contracted by law enforcement, intelligence, and other government agencies, you'll find that the respect for liberty that the hacker manifesto espoused is…
i2p, freenet, or forgoing websites altogether. for asynchronous messaging, agl had something really promising with pond, but for "reasons" decided to abandon it, and nobody bothered to continue its development.
Is there any reason KVM/IP is not a viable solution for remote management? Remote access to DMA capability is just batshit insanity.
IME is likely not a case of Intel "not taking security seriously". It's almost certainly a case of doing what FiveEyes demanded of them.
This is an unpopular position, but approaches like BrickerBot are likely to be effective.
Thanks for your response. I'm peripherally interested in application security, so I've followed SwiftOnSecurity, the grugq, HN's very own tqbf, 0x00string, xntrik, matt blaze, etc. I also listen to Risky Business,…
It's not just Schneier. Seems that nearly everybody in infosec is convinced of Russia's complicity in everything from the DNC leaks, to Vault7, to ShadowBrokers, and now allegedly the Macron campaign. Listening to the…
Can you elaborate on what constitutes "broken" ?
Primary reason would be finally being rid of the Intel ME. For the truly paranoid.
DNS by PiHole and uBlock Origin combine to do a damn fine job of preventing the behavior you describe.
Conventional legal mechanisms against your home server cabinet can be handled via full disk encryption and a reed switch on your cabinet door connected to your power strip.
The article you linked only has a single citation for the Russian attribution, which is a Snowden quote: “circumstantial evidence and conventional wisdom indicates Russian responsibility” Is there any evidence other…
I use Tahoe-LAFS for all of my distributed FS stuff, and I really do love it. One minor downside is that the introducer server is a SPOF, but they can be backed up/spun up and distributed introducers are on the roadmap…
The point is that simply clicking a dodgy link can, in some cases, own you. No credential acquisition required.
Crafted-content UAF vulns are still occasionally being found in browsers. To say nothing of unpatched/non-updated browsers.
Selling, no. Buying, definitely. And names don't influence my decisions. A rose by any other name...
procurement, management, finance, and others you need to appeal to They don't need to appeal to any of these suits. Just the technical decision-makers, whose express job it is to choose solutions on their technical…
My point was that the job of a technology decision-maker is to make decisions on the actual technical merits of various options, the costs and tradeoffs thereof. If you are in that role, and you permit the name of a…
If you make technology stack decisions based on your feelings rather than what the product actually does, then you shouldn't be employed as a decision-maker.
I see it as technical people on HN who appreciate the metaphor, versus marketing/business people who can only think of "image". It's to expected with the massive infestation of HN by suits and khakis in the last few…
Another, and better, alternative to slack: IRC.
Why exactly is HackerOne drawing a distinction with this software producer? The truth is: because a H1 rep went on Risky Business and did not deliver a very good performance. Patrick, who is absolutely okay with H1…
While I applaud this move, I suspect H1 will continue servicing government and law enforcement clients of all kinds. A consistently applied policy would see ties with ALL surveillance entities severed.
The unfounded hostility that the mere existence of Soylent brings out of otherwise level-headed people is always a great source of amusement.
[warning, mild politicking] Don't worry; now that Trump has turned out to be just another shill for Globalism, Facebook will have no problem with him or anybody who continues to support him.
As larger proportions of the infosec community get hired or contracted by law enforcement, intelligence, and other government agencies, you'll find that the respect for liberty that the hacker manifesto espoused is…
i2p, freenet, or forgoing websites altogether. for asynchronous messaging, agl had something really promising with pond, but for "reasons" decided to abandon it, and nobody bothered to continue its development.
Is there any reason KVM/IP is not a viable solution for remote management? Remote access to DMA capability is just batshit insanity.
IME is likely not a case of Intel "not taking security seriously". It's almost certainly a case of doing what FiveEyes demanded of them.
This is an unpopular position, but approaches like BrickerBot are likely to be effective.
Thanks for your response. I'm peripherally interested in application security, so I've followed SwiftOnSecurity, the grugq, HN's very own tqbf, 0x00string, xntrik, matt blaze, etc. I also listen to Risky Business,…
It's not just Schneier. Seems that nearly everybody in infosec is convinced of Russia's complicity in everything from the DNC leaks, to Vault7, to ShadowBrokers, and now allegedly the Macron campaign. Listening to the…
Can you elaborate on what constitutes "broken" ?
Primary reason would be finally being rid of the Intel ME. For the truly paranoid.
DNS by PiHole and uBlock Origin combine to do a damn fine job of preventing the behavior you describe.
Conventional legal mechanisms against your home server cabinet can be handled via full disk encryption and a reed switch on your cabinet door connected to your power strip.
The article you linked only has a single citation for the Russian attribution, which is a Snowden quote: “circumstantial evidence and conventional wisdom indicates Russian responsibility” Is there any evidence other…
I use Tahoe-LAFS for all of my distributed FS stuff, and I really do love it. One minor downside is that the introducer server is a SPOF, but they can be backed up/spun up and distributed introducers are on the roadmap…
The point is that simply clicking a dodgy link can, in some cases, own you. No credential acquisition required.
Crafted-content UAF vulns are still occasionally being found in browsers. To say nothing of unpatched/non-updated browsers.