HackerTrans
トップ新着トレンドコメント過去質問紹介求人

itscrush

no profile record

コメント

itscrush
·4 か月前·議論
Usually through service accounts. Those are single factor.
itscrush
·10 か月前·議論
Monetize first is their strategy given this included statement:

> Our future plans include letting you save a secure backup archive to the location of your choosing
itscrush
·12 か月前·議論
Looks like AdGuard allows for same, thanks for mentioning dnsmasq support! I overlooked it on setup.
itscrush
·昨年·議論
Certainly doable, grapheneOS has it https://grapheneos.org/features#duress.
itscrush
·昨年·議論
Wrong. Their profile clearly states high school teacher. Why assume?
itscrush
·昨年·議論
Wiz is closer to the CNAPP field instead of the software composition analysis tools you mention, Snyk would fit here for SCA.

Sysdig, Palo Alto's Prisma Cloud, or a few others compete with Wiz's CNAPP offering. Wiz also strays into some SCA and SCA-alike tooling for containers, code or XDR with their CDR/XDR products log ingest and agents available for response/quarantine.
itscrush
·昨年·議論
Wiz uses various API's via read access in your accounts/orgs/subscriptions to assess risk of configuration.

They also snapshot your disks, cloning them to Wiz accounts to provide secrets scanning / vuln scanning / etc against your infra.

These resulting risks / findings are scored and provided in their SAAS Wiz console via dashboards / APIs / integrations with remediation guidance.
itscrush
·昨年·議論
Yes folks do and I can't understand it either. Have asked / talked through their rationale but frankly humans are irrational is my clear takeaway. I experience it mostly when folks are prompting search in family settings. These usually overlap with the no-earbuds watch-videos crowd while others are reading / napping, etc.
itscrush
·昨年·議論
Certainly not the UK, they're spearheading much of the privacy problem.
itscrush
·昨年·議論
Bitwarden for usability. Vaultwarden if you can and prefer to self host. Being on the internet you'll have to trust someone at some point. Can reduce risk by combining strong 2FA (not SMS/Email) alongside backing up your vault.

Ensure all your passwords get reset at some point after vaulting, long randomly generated from Bitwarden extension/app is easy enough. Ensure you enable strong 2FA at each service you have an account at too.

https://bitwarden.com/help/setup-two-step-login/ https://bitwarden.com/resources/guide-how-to-create-and-stor...
itscrush
·昨年·議論
> I am using CloudFlare for my DNS.

Based on this it sounds like you exposed your resource and advertised it for others. Reverse dns, get IP, scan IP.

Probably simpler, you exposed resource on IPV4 publicly, if it exists, it'll be scanned. There's probably 100s of companies scanning entire 0.0.0.0/0 space at all times.
itscrush
·昨年·議論
Why isn't your name in your profile here or why aren't you easily identified if that's the case? You're not all that identifiable here.
itscrush
·昨年·議論
1. Is github the best place to report bugs / issues for Waterfox?

2. When (not in your lifetime obviously) Waterfox is broken, what canaries do you have deployed that we can archive now, like Mozilla's tell here?

3. What keeps waterfox afloat? Where/how do you accept funds?

4. How do I find a sync alternative or provide my own? Such that, I'm not reliant on Mozilla sync/backend? ... If none exists, how much would it cost for you to embed one? Would you accept a serious bounty for it assuming the focus is self hosted / no Waterfox backend services?
itscrush
·昨年·議論
Veracrypt works just fine on M$ Windows 11 for FDE.
itscrush
·昨年·議論
Same play as the meat industry leveraging "data analytics" to fix and sort at https://www.agristats.com/.

[1]https://www.justice.gov/archives/opa/pr/four-states-join-jus...

[2]https://farmaction.us/2023/10/12/food-price-fixing-is-still-...
itscrush
·2 年前·議論
API based credentials are just username + password in this context, nothing else seems to be restricting access to data. So if your Snowflake tenant isn't enforcing IP restriction to limit source auth attempts, those creds can be used to pull the data from any source IP.

Even then, you'll still have an HTTP 403 response layer filtering those auth attempts based on IP... where we can assume these failed to implement it.

So far between TechCrunch, Wired, and other reporting it seems most claim creds get owned, sold, then used against under-restrictive Snowflake tenants which are exposed by default.

i.e; https://epa06486.snowflakecomputing.com/console/login#/ here's someone's tenant, if you were able to go buy some creds for it, should walk right in.

[edit] I have a more detailed Snowflake comment with references that might fill in better gaps here; https://news.ycombinator.com/item?id=40554753