HackerTrans
TopNewTrendsCommentsPastAskShowJobs

Titan2189

507 karmajoined 8 лет назад

Submissions

I tracked down the thief who stole $200k of Lego [video]

youtube.com
3 points·by Titan2189·2 месяца назад·2 comments

GRC Tool Vanta Forces Insecure CAA Configuration

help.vanta.com
2 points·by Titan2189·9 месяцев назад·1 comments

comments

Titan2189
·6 дней назад·discuss
*no one
Titan2189
·11 дней назад·discuss
Whenever the article mentions 'pause', it means 'parse', right?!
Titan2189
·2 месяца назад·discuss
It's a pretty great documentary, currently still ongoing story.

I've really enjoyed watching it - quite captivating :)
Titan2189
·2 месяца назад·discuss
> [...] that root was just my unprivileged podman user on the host

Couldn't you then simply re-run the exploit again as unprivileged podman user and gain root on the host?
Titan2189
·2 месяца назад·discuss
I've only heard of the Red Pill in reference to the Matrix. Does it have that idea from "The Prince"?
Titan2189
·3 месяца назад·discuss
Same. I thought 'Conputer' was quite a smart title in today's AI world
Titan2189
·4 месяца назад·discuss
More historical photos of Selfridge

https://digitalcollections.museumofflight.org/nodes/search?k...
Titan2189
·5 месяцев назад·discuss
It's like JetLag the Game, but without ever leaving your house!
Titan2189
·5 месяцев назад·discuss
We use it in production. Workloads with unpredictable memory usage (32Mb to 4Gb per process), but we also want to start enough processes to saturate the CPU. Before we configured & enabled swap we were either sitting at low CPU utilisation or OOM
Titan2189
·6 месяцев назад·discuss
What's interesting about it? Wifi Mesh networks have been around for ... more than a decade?
Titan2189
·7 месяцев назад·discuss
The original report says

> The incorrect state persisted for approximately seven days before detection

However you're saying you've reached out "within a few minutes" ?
Titan2189
·7 месяцев назад·discuss
> Those other countries have much simpler tax codes than we do

All German readers spew out their drink in disbelief - Pardon what?
Titan2189
·7 месяцев назад·discuss
Probably just forgot the /s at the end
Titan2189
·7 месяцев назад·discuss
They're back online it seems
Titan2189
·8 месяцев назад·discuss
Then there's the 3rd option: Neither

Just keep everything in your inbox, find recent things by scrolling down, and anything beyond that is basically inaccessible, since the search is so bad

(I'm in camp archive everything, delete nothing; but see the Neither camp frequently in colleagues)
Titan2189
·8 месяцев назад·discuss
If you check the manual you might find that you can hook the single inlet pipe up to the hot water tap.
Titan2189
·9 месяцев назад·discuss
To configure the Vanta Trust Center (a publicly available page listing a client's Certifications and Controls, usually hosted at trust.client.tld), Vanta requires customers to compromise on their DNS CAA configuration.

As their screenshots show, they ask you setup a CNAME from e.g. trust.customer.com to their abc123.cname.vantatrust.com.

However, if you are using CAA [1] on your root domain (to limit which Certificate Authorities are allowed to issue certificates for your domain), they _require_ you to add 4 (FOUR) new CAA records to your root domain. (shown at the bottom of the linked page)

The correct solution would be to simply publish CAA records at the destination that the CNAME is pointing to (abc123.cname.vantatrust.com)

I've brought this up with their support multiple times; but they're refusing to even acknowledge that this is a problem. They're claiming I am the first customer to ever bring this up; and that I should just add the records on my root domain - completely missing that fact that thereby I'm basically undermining what CAA is for.

I would understand it, if this was some random tool, but this specifically is a GRC Tool.

If you are another Vanta customer or have any other idea what I can do to approach this, please let me know. I want to use their tool. It's a good system and helping us out - I'm just refusing to actively downgrade our Security - for our SECURITY TOOL!

1) https://en.wikipedia.org/wiki/DNS_Certification_Authority_Au...
Titan2189
·9 месяцев назад·discuss
Yup

> We have identified the underlying issue with one of our cloud service providers.
Titan2189
·9 месяцев назад·discuss
[flagged]
Titan2189
·9 месяцев назад·discuss
I don't get it. Can you please explain the reference?