|
|
That's berry nice of you to say.
"the debugger doesn't tell me anything because this code compiles just fine" - random QA comment
"Facebook is where you tell lies to your friends. Twitter is where you tell the truth to strangers." - chriselst
"I don't drink any more... then again, I don't drink any less." - Mike Mullikins uncle
|
|
|
|
|
Thank you, I'm grapeful for your comment.
/ravi
|
|
|
|
|
Perhaps a Rochet Melon then?
Sin tack
the any key okay
|
|
|
|
|
Productivity beats security when it comes to the modern business | ITProPortal[^]
I saw this post in CP Insider news today. It's 100% true with my case.
When I started in my first office, Security folks at the gate literally frisk you upside down when you come in & go out. It almost felt like clearing a high security airport check-in with metal detectors.
In my next company it was just a Guantanamo bay , it was virtually disconnected from the internet world. You wont be allowed in if you missed to bring your ID. They'll prepare a new ID with Photo and issue, until that you'll have to wait near the gates.
You cannot open any website other than the ones in companies domain. Those were the times Facebook was starting to evolve, people just die to find some hack through proxies and get to see the outer world.
(Even CP was blocked, and guess what? this is exactly the time I was put in a Mega project that beat Visual Studio 6's intellisense to death. I happened to work on a complex C++ project with no intellisense & Google help. It almost felt like a fish out of water. Terrible times)
Using any proxy was a big offence as per the company's rule book. If you want to connect to Internet, you'll have to walk 50 meters & make use of a system that is put in a corner, with all device ports , admin rights disabled and just with a single low speed internet connection connected to a modem (out of the LAN router, It's a direct separate line)
Poorest of all is one sick company that doesnt allow even a camera phone. camera. If you still happen to bring one, they'll put a hard sticker on it & you are not supposed to remove it till you come back to the security gate.
You cannot bring your laptop/device into office.
And now in successive companies, these walls have gradually been broken down. Or I'm really not sure, if I naturally chose companies that doesn't treat you like a prisoner.
But I'm also not sure if this totally good. I remember long back when I joined this company as softwar lead, I walked up to the boss and suggested to disable USB ports & cut of admin rights to developers. (Whatever was taught to me as "security" protocol) , The boss replied, "That's okay". lol
Starting to think people post kid pics in their profiles because that was the last time they were cute - Jeremy.
modified 25-Jul-17 10:59am.
|
|
|
|
|
Why would you want to work for someone who does not trust you? Paid work is a trade, and it is unwise to trade with people you can not trust.
Imagine not trusting a soldier with a rifle. Would be a very effective army, wouldn't it?
How many of those high-security places saved their users' password in clear text? How many machines were running without Windows Update?
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Eddy Vluggen wrote: How many of those high-security places saved their users' password in clear text? How many machines were running without Windows Update
Well if the keep the passwords in a safe place, like keeping the spare keys to the office it can work.
For the WU, there's always WSUS.
Not optimal, but for the anal types it's doable.
Sin tack
the any key okay
|
|
|
|
|
Eddy Vluggen wrote: How many machines were running without Windows Update? The best way to close Windows' vulnerabilities is not Windows Update. It's called Linux.
|
|
|
|
|
Most companies will demand the use of Windows.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
The problem is that lions always lurk where big tasty herds pass by. Stay away from the herd and your chances are good that you are uninteresting for the lions.
|
|
|
|
|
That's a lousy way to secure things. With that attitude, a lion will someday turn up where you did not expect it.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Nobody ever said that this is easy. That's exactly the reason why lions must be a little smarter than those they are after. So let's amend my statement: Stay away from the herd, join the lions instead.
modified 26-Jul-17 7:34am.
|
|
|
|
|
..most of the industry uses Windows. Also, once the lions become the default, they become the new prey.
Most breaches that have been reported on this site were not due to using the wrong OS; WannaCry would hit Ubuntu too. Most breaches were caused by humans being idiots; not updating their machines, ex-employees who dump unencrypted databases, that sort of thing.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
CodeWraith wrote: Stay away from the herd...
Is that a subtle way to say that Linux is unpopular and only used by animals that no other animals want anything to do with (skunks)?
|
|
|
|
|
That, or it's used by the lions, who obviously know how the other lions do things.
|
|
|
|
|
I have seen just as many Linux servers breached as Windows because it doesn't matter which you use they will have vulnerabilities that need constant vigilance. You are living in a fantasy world if you think the OS determines security the human idiots is always the lowest common factor.
Go on any linux server with a lot of users and I guarantee you one will have a stupid password like "password","123" etc and the worst offenders are always management.
In vino veritas
|
|
|
|
|
You're both right, a bit. Linux is a tad safer simply because it is less well known. Windows is a bigger target, and most companies will prefer a product that is widely known.
Better known means more (security) experts, and with MS being a commercial company, their product would fail quickly if Windows was as insecure as it is often perceived. As Linus pointed out, lots of eyes makes bugs easy to detect - and MS has a lot of (gold) customers, and a big sack of money to address critical issues.
Whilst WannaCry was available for Ubuntu, they did not go through the effort of making a decent version that works equally well on Raspberry Pi. It is simple economics at work; there aren't that much paranoid idiots, and it is not worth the effort. Even Mac-users are more interesting than Linux-users
It is harder to install something on Linux without knowing the sudo-password. And that is why companies prefer Windows over Linux - they need to get things done, not muck around with clearances.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
The reason Linux is not targeted is that it's not mainstream: it just doesn't have the user numbers to make it worthwhile, not that it's intrinsically more secure. In fact, since it's open source, it could easily be less secure since the flaws and vulnerabilities are in plain view for anyone who can read the code...
I wouldn't feel too safe just because I'm using an unpopular OS: Android is Linux based, and it has a good, long - and growing - list of malware these days. When it was niche, it was safe as well...
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
OriginalGriff wrote: he reason Linux is not targeted is that it's not mainstream: it just doesn't have the user numbers to make it worthwhile, not that it's intrinsically more secure. That's what I have been saying. Stay away from the herd and the lions will not go through the trouble of catching you alone. They stick with the herd.
OriginalGriff wrote: I wouldn't feel too safe just because I'm using an unpopular OS: Android is Linux based, and it has a good, long - and growing - list of malware these days. When it was niche, it was safe as well... I'm quite sure of that. My best protection has always been to stay away from websites were the dumb masses are 'served'. I can proudly say that the lions hardly know that I exist and never really got me.
|
|
|
|
|
If that's your "best protection" then one day you are in for a very nasty surprise.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
I think not. All I can lose are some savegames. Everything else is either not stored on my computer or backed up and I still have my older notebook ready to use. Pull the curent code from the repository and we are ready to go again.
|
|
|
|
|
Eddy Vluggen wrote: Imagine not trusting a soldier with a rifle. Would be a very effective army, wouldn't it
lol when the count gets huge, they fear the presence of the black sheeps. I think the companies fret mainly the loss of IPs. (intellectual properties). There were severe restrictions for source code access. & USB drives don't work. They were afraid of this fact, It was completely possible to steal the source code of a product and set up a shop on your own. This applies even today, but I think most industry has gone past this fear now.
The main reason for making so much of restriction network, firewall is the fact that they are running Windows! I guess they are so afraid it could be easily exploited.
Starting to think people post kid pics in their profiles because that was the last time they were cute - Jeremy.
|
|
|
|
|
Large companies back in the day had actual real firewalls most had cisco routers because they all had secure tunnels between there various sites. Most of what you quote is internet stories and trash that has no basis in fact.
What did get rolled over quite a bit was end users and as you had lots of novice users on Windows PC's they were the most hit. Which goes back to the most common weakness HUMANS.
In vino veritas
|
|
|
|
|
leon de boer wrote: Most of what you quote is internet stories and trash that has no basis in fact.
What do you mean? I have written about what was happening WITH ME & Other employees in the companies WE worked for. What part of it you found to be a "Trash" and have no basis? sounds funny
If we wanted an "exclusive" access to a site, there were applications & formal mails to send to the IT guys. Who would review and all the sites for a limited time.
Starting to think people post kid pics in their profiles because that was the last time they were cute - Jeremy.
|
|
|
|
|
Sorry I have trouble with TABS on the site when I have the Japanese codepage running. It was meant for the stupid linux myths of Codewraith.
In vino veritas
|
|
|
|