Meltdown & Spectre change nothing for me. I can’t just push patches if/when they’re available. I love seeing all the remediation tips, but I can’t really use any of them yet - not even on my own work system. My point is, don’t say “should’ve patched” when we get popped in 6 mos.https://twitter.com/mzbat/status/863138674694918148 …
-
-
You’d think so, but the number of times I’ve busted people browsing the web on critical prod servers is astounding.
-
yeah but critical prod servers should not be able to browse the web. Proxies and outbound ACL's and all that.
-
Ah yes, but when certain engineering application require root by design, engineers will pull drivers down themselves via browser. Life finds a way.
-
Admin privs are a larger issue in gov’t and I just don’t want to fall down that rabbit hole today. Pls just believe that if there were simple solutions to these probs (patching, root, cpu) that didn’t cripple (or destroy) workflows, I’d use them.
-
-
Let’s be honest, the Infosec space (in all the places) is dark and full of terrors
-
Every industry has their own shades of black and different terrors to deal with. Each with their unique set of challenges.
-
I mean, you're not wrong but I wanted to be silly about it. Cuuuuuuurse yooooou, etc.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.