NotPetya coverage is missing the point. The crucial point is the ease of lateral movement in Windows AD network, not NSA exploit.https://twitter.com/thegrugq/status/880398358866780160 …
-
-
Replying to @zeynep
Point about exploits: the focus should be on the structural conditions that produce them. If the OS is prone to them, exploits are endless.
1 reply 3 retweets 7 likes -
Replying to @zeynep
If we don't shift to systems that structurally embed security, focusing on who found what exploit is pointless... So many exploits to find.
2 replies 10 retweets 13 likes -
Replying to @zeynep
Much to say about NSA but "oh, they find exploits" is .. not it because most *everyone* is finding exploits in Windows. Not a finite pool.
1 reply 2 retweets 3 likes -
Replying to @zeynep
"Switch to Linux" is not a solution either because there is no shortage of exploits there either--if anything, patches seem to be slower.
3 replies 8 retweets 11 likes -
Replying to @zeynep
And there is the thorny problem of set-up, implementation and patching embedded systems. We are not on solid ground; much work to be done.
1 reply 1 retweet 5 likes
With Windows 10 + patching security on Windows XP for everyone, Microsoft is moving in right direction. But long long road, complex problem.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
day hysteria
How about: flat network, local admin, domain admin, unrestricted accounts hysteria
Latter is an forever-day