this post was submitted on 02 Sep 2024
39 points (100.0% liked)
Cybersecurity
5686 readers
32 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]
Notable mention to [email protected]
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
No lie. Unless it's in a dedicated corporate parking lot, just fucking plug it in. Everybody here acting like they're gonna get Stuxnetted. Yeah guys, we know the possibilities.
Yeah. If you work for the Men in Black, and you're a regular employee the policy is going to be something like "never under any circumstances plug anything into your PC that hasn't been given to you by MiB IT staff".
If you work for the Men in Black in cybersecurity and your job might involve investigating strange USB drives handed to you by aliens, agents, spies or employees who found one in the parking lot, you probably already have a rigidly documented procedure involving a special air-gapped, locked down computer in a bomb-proof, EM-shielded, dimension-shifted room, and you don't need to ask for advice on Lemmy.
If you work for the Men in Black in cybersecurity and there isn't yet a procedure for investigating strange USB drives handed to you by aliens, agents, spies or employees who found one in the parking lot, and you're somehow in charge of creating such a procedure, you're again probably not going to be posting on Lemmy asking for tips. You're probably going to be doing deep research on various USB and USB-look-alike threat vectors. Then, write a report, have it reviewed and in a decade you'll have an ultra-safe procedure that nobody follows.
For everybody who doesn't work for the Men in Black, just plug it in and take a look, and don't do anything dumb like double clicking on "Really Just A Word.doc.exe".
There are exceptions, like if you have a psycho jealous ex who also happens to be a ruthless hacker. But, that isn't most people, thankfully.
But, this is a cybersecurity forum, and so you're going to get praised for coming up with the most outlandish possible threat vector, and the most complex and inconvenient way to counter it. Suggesting normal levels of precaution is going to get shouted down because it implies that that person isn't knowledgeable about the vaguely possible incredible threat vectors that you can prove your worth by showing you know all about.