• 0 Posts
  • 147 Comments
Joined 1 year ago
cake
Cake day: June 23rd, 2023

help-circle
  • Wary why? I work remotely in IT and manage a ton of Linux systems with it. Because my company has a large number of remote employees they limit us to Windows or Macs only, and have pretty robust MDM, security, etc. installed on them. Since MacOS is built on top of a unix kernel it’s much more intuitive to manage other unix & linux systems with it.

    Personally I haven’t used Windows really since before Windows 10 came out, and as the family tech support department I managed to switch my wife, parents, brother, and mother in-law all to Mac’s years ago as well.


  • IphtashuFitz@lemmy.worldtoPrivacy@lemmy.mlfixed
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    1 month ago

    I doubt it would help. My employer uses Akamai as a CDN & security provider for our websites. Their bot analysis tools regularly flag distributed bot activity that can come from a handful or a few thousand IPs. They do a range of browser fingerprinting, TLS fingerprinting, etc. to uniquely identify traffic across ranges of IP’s. I’m sure Google/Youtube has the ability to do this as well.

    Any given client would need to regularly randomize the order of headers in requests, randomly include/exclude optional headers, and also randomize TLS negotiation to try to circumvent all the fingerprinting these big corporations perform.







  • ANI and CallerID serve two very different purposes. Suppose you managed the telephones for something like an insurance company, where you have lots of customers calling in, but also have lots of employees calling out. You want the Caller ID on your customers phones to show the main # for your company whenever you call them, so it would show something like 1-212-555-1000.

    Because the company has a lot of employees, it has 100 individual phone lines, so 100 agents can be on calls at the same time. The phone company actually allocates 100 numbers in that case, and those numbers could be very different than the above -1000 number. So the numbers 1-212-555-7000 through 1-212-555-7099 all belong to the company. Each time an employee makes a call their telephone system finds any one of those numbers between -7000 and -7099 that isnt in use and uses it. The call is billed to that specific number, and the bills for all 100 lines are combined & billed to the company at the end of the month.

    If the company couldn’t configure its phones to display 1-212-555-1000 as the Caller ID then customers would see random numbers in the range of -7000 to -7099 any time the company called them.







  • My employer had an EV cert for years on our primary domain. The C-suites, etc. thought it was important. Then one of our engineers who focuses on SEO demonstrated how the EV cert slowed down page loads enough that search engines like Google might take notice. Apparently EV certs trigger an additional lookup by the browser to confirm the extended validity.

    Once the powers-that-be understood that the EV cert wasn’t offering any additional usefulness, and might be impacting our SEO performance (however small) they had us get rid of it and use a good old OV cert instead.


  • IphtashuFitz@lemmy.worldtoLinux@lemmy.ml*Permanently Deleted*
    link
    fedilink
    English
    arrow-up
    26
    ·
    2 months ago

    Back in the 90’s before the days of Windows 3.0 I had to debug a memory manager written by a brilliant but somewhat odd guy. Among other thing I stumbled across:

    • A temporary variable called “handy” because it was useful in a number of situations.
    • Another one called son_of_handy, used in conjunction with handy.
    • Blocks of memory were referred to as cookies.
    • Cookies had a flag called shit_cookie_corrupt that would get set if the block of memory was suspected of being corrupt.
    • Each time a cookie was found to be corrupt then the function OhShit() was called.
    • If too many cookies were corrupt then the function OhShitOhShitOhShit() was called, which would terminate everything.


  • Port 22 is the default SSH port and it receives a TON of malicious traffic any time it’s open to the whole internet. 20 years ago I saw a newly installed server with a weak root password get infected by an IP address in China less than an hour after being connected to the open internet.

    With all the bots out there these days it would probably take a lot less time if we ran the same experiment again.


  • Depends on the content. My employers sites are a good mix of images, static, and dynamic content, and we rely heavily on Akamai. Their caching of our images offloads a huge amount of work from our origins. We also use their Image Manager tool to optimize a lot of the images seamlessly, which adds further optimization. Their WAF and other security tools are also very impressive.


  • Well OPSEC is the stated cause. Who knows how the person was initially identified and tracked. For all we know he was quickly identified through some sort of Tor backdoor that the feds have figured out, but they used that to watch for an unrelated OPSEC mistake they could take advantage of. That way the Tor backdoor remains protected.


  • IphtashuFitz@lemmy.worldtoPrivacy@lemmy.mlIs TOR compromised?
    link
    fedilink
    English
    arrow-up
    10
    ·
    3 months ago

    Exactly. Tor was originally created so that people in repressive countries could access otherwise blocked content in a way it couldn’t be easily traced back to them.

    It wasn’t designed to protect the illegal activities of people in first world countries that have teams of computer forensics experts at dozens of law enforcement agencies that have demonstrated experience in tracking down users of services like Tor, bitcoin, etc.