Language:
switch to room list switch to menu My folders
Go to page: First ... 11 12 13 14 [15] 16 17 18
[#] Thu Dec 23 2021 11:42:50 EST from IGnatius T Foobar

Subject: Re: Log4j

[Reply] [ReplyQuoted] [Headers] [Print]

Subject: Log4j
Great. Another long weekend for a lot of people.

As is tradition, we have to point out that a logging program being so complex that it could even be capable of getting exploited like this is ridiculous -- and it's another example of what we call ... "progress".

[#] Thu Dec 23 2021 11:48:16 EST from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

Im sure ill have stones tossed at me, but i would imagine that
google's is 'good enough' if you are going that route. 

It *is* good enough for someone who doesn't care about de-googleing their computers. I actually wish I had a password manager right now, because I'm doing my bookmark syncing with a third party program (xBrowserSync) which is *really* nice because it works across not only multiple devices but multiple browsers -- but it doesn't sync passwords.

[#] Thu Dec 23 2021 12:48:56 EST from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

its sort of a trade-off.  Noting comes free..  

So far, the trade-off to be a google captive works out, for me at least.  Next month, next year? Who knows. But today, its ok.  And i do have that netxcloud install out on my farm ( even got SSL to work so it can do video chat ) and it works well, its tempting, to switch. But, ya, you lose some things that are convenient. 



[#] Sun Jan 02 2022 07:35:23 EST from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

I have not been keeping up, i assume that tor v2 addresses are now dead? 



[#] Sun Jan 02 2022 17:16:17 EST from darknetuser

[Reply] [ReplyQuoted] [Headers] [Print]

2022-01-02 07:35 from Nurb432
I have not been keeping up, i assume that tor v2 addresses are now
dead? 


I don't follow Tor closely, but so do I think. Now you have to use these monster URLs if you want to access .onion services :)

[#] Sun Jan 02 2022 17:30:44 EST from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

Several of my bookmarks gave me errors ( i dont get on often so it might have been a while, or last night.. who knows ) but a couple i 're-found' ( like proton mail ) and they were different links, but now worked. 

I know that was on the horizon, so i figured that is what happened.



[#] Tue Jan 11 2022 14:48:12 EST from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

So that network compromise i talked about a month ago. I guess our security team has just announced " no, we will not be answering any questions and you must cancel the requests from our customers for explanations. " 

WTF. we are a freaking public entity. 



[#] Tue Jan 11 2022 18:15:52 EST from ParanoidDelusions

[Reply] [ReplyQuoted] [Headers] [Print]

You got hit by that ransomware - and if you're a Windows shop, it came in through a print spooler exploit. 


Tue Jan 11 2022 14:48:12 EST from Nurb432

So that network compromise i talked about a month ago. I guess our security team has just announced " no, we will not be answering any questions and you must cancel the requests from our customers for explanations. " 

WTF. we are a freaking public entity. 



 



[#] Tue Jan 11 2022 18:47:43 EST from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

No, not even close. 

What i can say it was vulnerabilities built into an application several entities like us were using.  It was inserted by the developing company, they had an insider from china who did it, so it wasn't 'planned' by the company.

It used several general exploits to spread, which were patched by everyone else that got hit. 

 

Tue Jan 11 2022 06:15:52 PM EST from ParanoidDelusions

You got hit by that ransomware - and if you're a Windows shop, it came in through a print spooler exploit. 


Tue Jan 11 2022 14:48:12 EST from Nurb432

So that network compromise i talked about a month ago. I guess our security team has just announced " no, we will not be answering any questions and you must cancel the requests from our customers for explanations. " 

WTF. we are a freaking public entity. 



 



 



[#] Fri Jan 14 2022 13:06:31 EST from ParanoidDelusions

[Reply] [ReplyQuoted] [Headers] [Print]

Interesting. 

 

Tue Jan 11 2022 18:47:43 EST from Nurb432

No, not even close. 

What i can say it was vulnerabilities built into an application several entities like us were using.  It was inserted by the developing company, they had an insider from china who did it, so it wasn't 'planned' by the company.

It used several general exploits to spread, which were patched by everyone else that got hit. 

 

Tue Jan 11 2022 06:15:52 PM EST from ParanoidDelusions

You got hit by that ransomware - and if you're a Windows shop, it came in through a print spooler exploit. 


Tue Jan 11 2022 14:48:12 EST from Nurb432

So that network compromise i talked about a month ago. I guess our security team has just announced " no, we will not be answering any questions and you must cancel the requests from our customers for explanations. " 

WTF. we are a freaking public entity. 



 



 



 



[#] Fri Jan 14 2022 17:59:53 EST from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

oh and the print spooler thing, we took care of that the day it was known. ( it was rather painful.  You had to call a field tech out to add a printer.. )



[#] Mon Jan 24 2022 11:31:49 EST from ParanoidDelusions

[Reply] [ReplyQuoted] [Headers] [Print]

Ig is wrong about Exchange. 5.5 was an awesome platform... 

But Microsoft's print services have sucked all the way back to NT 4. Roaming profiles and remote printers has always been an absolute disaster, and the Spooler causes probably 85% of Desktop support problems industry wide. 

 

Fri Jan 14 2022 17:59:53 EST from Nurb432

oh and the print spooler thing, we took care of that the day it was known. ( it was rather painful.  You had to call a field tech out to add a printer.. )



 



[#] Mon Jan 24 2022 16:03:36 EST from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

In principle Roaming Profiles is a good idea.  In practice, not so much.

Mon Jan 24 2022 11:31:49 AM EST from ParanoidDelusions

Ig is wrong about Exchange. 5.5 was an awesome platform... 

But Microsoft's print services have sucked all the way back to NT 4. Roaming profiles and remote printers has always been an absolute disaster, and the Spooler causes probably 85% of Desktop support problems industry wide. 

 

 


[#] Wed Jan 26 2022 14:57:32 EST from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

PD is wrong about Exchange. 5.5 is the worst of them all. The one after that was also the worst. After that it went into a bit of a decline.

Roaming Profiles was a good idea but they never quite got it right. On a real computer you just remotely mount /home and everything just sort of works the way you expect on every computer involved.

[#] Wed Jan 26 2022 18:16:51 EST from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

One drive auto sync is trying to do the same thing. Cant comment much about it yet however. We just started doing that at the office.

Wed Jan 26 2022 02:57:32 PM EST from IGnatius T Foobar
PD is wrong about Exchange. 5.5 is the worst of them all. The one after that was also the worst. After that it went into a bit of a decline.

Roaming Profiles was a good idea but they never quite got it right. On a real computer you just remotely mount /home and everything just sort of works the way you expect on every computer involved.

 



[#] Fri Apr 08 2022 09:37:37 EDT from zelgomer

[Reply] [ReplyQuoted] [Headers] [Print]

Updated Firefox recently and noticed they now enable DNS-over-HTTPS by default. Do I want to leave this enabled? Could you please share your opinions of it? I'm on the fence. On the one hand, my ISP can spy on my DNS queries. On the other hand, now Cloudflare can spy on my DNS queries. Who is the lesser of the two evils here? Is this a further move toward total web centralization?


I need to read some good conversation on the subject, preferably both sides. I haven't been able to turn up anything helpful yet in my own searches.

[#] Fri Apr 08 2022 11:19:55 EDT from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

My personal opinion is that its a wash. Unless you are running on a semi-anonymous vpn, someone knows, somewhere.

BUT, i suppose cloud-flare is more disconnected from you than your local isp.

Fri Apr 08 2022 09:37:37 AM EDT from zelgomer
Updated Firefox recently and noticed they now enable DNS-over-HTTPS by default. Do I want to leave this enabled? Could you please share your opinions of it? I'm on the fence. On the one hand, my ISP can spy on my DNS queries. On the other hand, now Cloudflare can spy on my DNS queries. Who is the lesser of the two evils here? Is this a further move toward total web centralization?


I need to read some good conversation on the subject, preferably both sides. I haven't been able to turn up anything helpful yet in my own searches.

 



[#] Thu Apr 14 2022 18:25:59 EDT from darknetuser

[Reply] [ReplyQuoted] [Headers] [Print]

2022-04-08 09:37 from zelgomer
Updated Firefox recently and noticed they now enable DNS-over-HTTPS by

default. Do I want to leave this enabled? Could you please share your

opinions of it? I'm on the fence. On the one hand, my ISP can spy on my

DNS queries. On the other hand, now Cloudflare can spy on my DNS
queries. Who is the lesser of the two evils here? Is this a further

move toward total web centralization?


I need to read some good conversation on the subject, preferably both

sides. I haven't been able to turn up anything helpful yet in my own

searches.



Cloudflare is a Google-grade threat to privacy at this point. If your ISP is not a very, VERY big one, Cloudflare is more dangerous.

They get to see more traffic than anybody else with few exceptions.

I personally tunnel my DNS queries to a server I actually own. If you are concerned you can use an encrypted tunnel to an Opennic server, so neither Cloudflare nor your ISP can see what you are doing. Reaching that point you may as well be using Tor, but for the regular Internet it may suffice.

[#] Thu Apr 14 2022 18:28:10 EDT from darknetuser

[Reply] [ReplyQuoted] [Headers] [Print]

2022-04-08 11:19 from Nurb432
My personal opinion is that its a wash. Unless you are running on a
semi-anonymous vpn, someone knows, somewhere.

BUT, i suppose cloud-flare is more disconnected from you than your
local isp.
Fri Apr 08 2022 09:37:37 AM EDT from zelgomer

Updated Firefox recently and noticed they now enable
DNS-over-HTTPS by default. Do I want to leave this enabled? Could you

please share your opinions of it? I'm on the fence. On the one hand,

my ISP can spy on my DNS queries. On the other hand, now Cloudflare

can spy on my DNS queries. Who is the lesser of the two evils here?

Is this a further move toward total web centralization?


I need to read some good conversation on the subject, preferably
both sides. I haven't been able to turn up anything helpful
yet in my
own searches.





In the case of DNS you may also run an iterative server and access the Root DNS services directly with no middle man.

You know, what bothers me in all of this is that Firefox is cooperating so much with the tracking crap.

[#] Thu Apr 14 2022 18:30:37 EDT from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

I cant give you details ( and even if i could, i probably should not say too much ), but i guess CF offers some sort of service to 'secure' external facing web apps. We are migrating one of our largest.  I guess once the switch is flipped you access it thru their 'stuff' which tunnels back to our internal network, i assume via VPN.

ya, pretty vague, but i'm not part of the teams involved, nor in testing..   BUT it seems like a bad plan to me. 

 

Thu Apr 14 2022 06:25:59 PM EDT from darknetuser
Cloudflare is a Google-grade threat to privacy at this point. If your ISP is not a very, VERY big one, Cloudflare is more dangerous.

They get to see more traffic than anybody else with few exceptions.

I personally tunnel my DNS queries to a server I actually own. If you are concerned you can use an encrypted tunnel to an Opennic server, so neither Cloudflare nor your ISP can see what you are doing. Reaching that point you may as well be using Tor, but for the regular Internet it may suffice.

 



Go to page: First ... 11 12 13 14 [15] 16 17 18