HackerTrans
TopNewTrendsCommentsPastAskShowJobs

whoknew1122

no profile record

comments

whoknew1122
·9 bulan yang lalu·discuss
The AWS issue related to DNS entries. And IAM doesn't use Dynamo DB. It wasn't related, other than an outage gives a good way to obfuscate TTPs.
whoknew1122
·4 tahun yang lalu·discuss
Disks are wiped immediately before they are made available as a new volume. If your policies require a certain level of wipe, you should wipe the disk before releasing it.
whoknew1122
·4 tahun yang lalu·discuss
> Delete the key and your data is gone

This is partially true with respect to EBS (i.e. virtual disks). When you boot up an EC2 instance, the a plaintext data encryption key is loaded into hypervisor memory. As long as the EC2 instance is still running, you can add an additional EBS volume to the instance and then copy data from the disk that has the orphaned key. Even if the underlying KMS key was deleted.

The rest of this stuff feels like FUD me. Yes, IAM has identity-based policies and KMS has resource-based policies. And yes, default service KMS keys are unique per account (why would you expect otherwise?).

Implementing an encryption program takes forethought. This is true if you're hosting your own data, too. I really don't miss manually rotating drives, fighting with LUKS, and then putting drives in a fireproof safe (which was never locked anyway, so I'm not sure if it would've actually protected anything in an actual fire).
whoknew1122
·5 tahun yang lalu·discuss
I grew up in Austin and had to move due to some family obligations. Every time I get back, I recognize less and less of my city and its culture. I used to want to move back, but now I'm not sure what I'd be returning to.

Oh, and for the unnamed woman worried about drug distribution, it's not local Black or Latino gangs that run drug distribution in Austin.
whoknew1122
·5 tahun yang lalu·discuss
> "I would like to see most electronic monitoring made illegal."

What does this even mean? Does it mean no logging of anything you do online?

If you go to a website, it creates an HTTP log. The administrators of those sites usually review HTTP logs for valid, not-scary, security related issues.

If I have see a spike in error codes, then there might be an availability issue on my website. I can also look for indicators of SQL injection attacks and other malfeasance. These are all valid reasons to review logs you, the person visiting my website, generate.

What about CCTV cameras? Can I not put one in my business? You're entering my business.

> "All public, police electronic, license plate scanners, including ankle brackets, and alcohol monitors should be illegal."

This is silly. If we ban things like radar guns, police are just going to fall back to the less-accurate eyeball test. Ankle bracelets and alcohol monitors are ways to keep people out of jail. You're not typically forced to wear one unless it's a condition of your probation or parole. Don't like them? Stay in jail.
whoknew1122
·5 tahun yang lalu·discuss
> "Bringing in consultants is, among other ways, a way to bring in people who can get shit done, moving bricks at lower levels of the org with the political mandate of the top."

Or, to put it another way: You hire a consultant so you can avoid responsibility for your decisions.

"I didn't just fire thousands of people, possibly putting some out on the streets. Nope. We're just right-sizing the company based on the advice of this well-respected consultant with a nice haircut."

Hire a consultant and get a fall guy and the ability to shirk responsibility for the detrimental impact your decisions have on your workforce.