this post was submitted on 15 Dec 2024
140 points (98.6% liked)

Technology

59974 readers
3693 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 2 years ago
MODERATORS
L3s
[email protected]
[email protected]
L4s
enu
140
Snapdragon X Elite laptops have high return rates, claims Intel co-CEO (www.notebookcheck.net)
submitted 3 days ago by [email protected] to c/technology
51 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 1 day ago (1 children)

None of this has anything to do with root on my machine though.

But it does. If your machine is compromised, and they have root permissions to run whatever they want, it doesn't matter how segmented everything is, you said yourself you jump between them (though rare).

Security Configuration Assessment

SCA is for payment services, no? I’m in the US, and this seems to be an EU thing I’m not very familiar with, but regardless, we don’t touch ecommerce at all, we’re B2B and all payments go through invoices.

No, it's just a term for a defined check that configurations meet a standard. An SCA can be configured to check on any particular configuration change.

Also, that should be painfully obvious because you wouldn’t get reporting updates, no?

Not necessarily? Hard to tell if something is disabled vs just off.

If you’re worried someone will disable your tools, why would you hire them in the first place?

I don't hire people... especially people in other departments.

But while I found this discussion fun, I have to get back to work at this point. Shit just came up with a vendor we used for our old archaic code that might accelerate a rust-rewrite... and logically related to the conversation I might be in the market for some rust devs.

[–] [email protected] 2 points 1 day ago

you said yourself you jump between them

Sure, but I need MFA to do so. So both my phone and my laptop would need to be compromised to jump between networks, unless we're talking about a long-lived, opportunistic trojan or something, which smells a lot like a targeted attack.

might accelerate a rust-rewrite… and logically related to the conversation I might be in the market for some rust devs.

Sounds fun, and stressful. Good luck!