HackerTrans
TopNewTrendsCommentsPastAskShowJobs

thinkst

no profile record

Submissions

[untitled]

1 points·by thinkst·há 2 anos·0 comments

[untitled]

1 points·by thinkst·há 2 anos·0 comments

Unfashionably secure: why we use isolated VMs

blog.thinkst.com
3 points·by thinkst·há 2 anos·0 comments

comments

thinkst
·há 2 anos·discuss
We've got several product features that have been driven by our offensive security background... thanks for the prod, we'll blog it.
thinkst
·há 2 anos·discuss
Product builders can learn loads from malware in terms of deployment and operational ease. Malware needs to operate without any assistance in unknown environments. Nobody is allowing outbound comms deliberately for malware, so tunnel methods were developed.

Networks have these capabilities, inherently they're part of the specs. But only malware seems to realise that and use it. We love reusing offensive techniques for defence (see our Canarytokens stuff), and DNS comms fits that perfectly. Our customers get an actual 2-minute install, not a 2-minute-and-then-wait-a-week-for-the-firewall-rules install.
thinkst
·há 2 anos·discuss
The updates in universe are definitely best effort.

We were paying for Ubuntu Pro through an AWS subscription on 2k EC2 instances, and could not get Canonical to update a package with a CVSS 7.8 in the 18.04 LTS.

We've moved off Ubuntu Pro as a result. Blogged it at https://blog.thinkst.com/2024/07/unobtrusively-upgrading-ubu...