Show threadKevin Karhan Aug 20, 2025

@dalias nodds in agreement...

I can see why they want to push for #2FA and have #business customers mandate that for accounts cuz "#CheckboxSecurity" and stuff...

  • But even then corporate security and supply chain security should not rely on those solely...

Worst when #2FA doesn't allow #privacy-friendly options like TANs and/or #TOTP / #HOTP but demand #PII like a #PhoneNumber!

  • Mandating #eMail and using that for 2FA is also a shit idea...
Kevin Karhan Nov 28, 2024

@vvelox @SecurityWriter +9001%

Also the fact that #Windows gave birth to an entire cottage industry of #Scareware producers is already an indictment to it's shortcomings for any serious #IT.

Cuz unlike #Apple's #MDM, #InTune is a joke!

Show threadKevin Karhan Jul 3, 2024

@lestrrat TBH, lack of updates ≠ unmaintained or insecure.

  • Some stuff like #VMS / #OpenVMS doesn't get a shitton of updates but runs like clockwork...

Same with a lot of modern #FLOSS: I'm pretty shure @landley doesn't bother to change any of the code of cat within #toybox unless there's some actual issue with it...

  • Just looking up "last changes" is a form of "#CheckboxSecurity" that is flawed at best if not dangerously wrong (i.e. changing passwords regularly!)...
IAintShootinMisDec 19, 2022

Once worked for a company that in the name of sEcUrItY, deleted Notepad Calc Paint SnippingTool from the Win10 image. All the useful functionality relegated to the Windows Store for Business. But then, they didn't allow VPN access, so no one could get the GPOs to configure the winstore for business.

That company refused to put EDR on their Domain Controllers b/c the 3rd Party Polish company managing them said it violated their contract.

#InfoSec #CheckBoxSecurity #IHatedThatJob