David HoWhat is common knowledge in your field but shocks outsiders?
More than half the CO₂ emissions of the industrial age have been dumped into the atmosphere since 1990.
Restless Lip Syndrome@davidho (IT Professional); Hackers don't typically succeed because they have insane technical skills and expensive equipment. They succeed because Linda in Accounting has a lack of critical-thinking skills and/or is careless.
cognitively accessible math@RestlessLipSyndrome @davidho Right!!! Which is why the Robin HOods of the world should be exploring that stuff. THis morning I was imagining the Rockford Files for this decade b/c the main character was always quietly conning his way into places (as opposed to burglary).
@pineywoozle ‘s #3WordNote@geonz @RestlessLipSyndrome @davidho I got a bank to open up after hours… lucky for them I’m not a thief lol their internal security was off and just the safe & door locks were active. They told me this as they were cashing my check. (Tiny bank in hell knows where in Tx.) Hacking people is surprisingly easy.
Karl Voit 
@RestlessLipSyndrome @davidho I very much dislike the spin of mapping the stupid decisions of Bob the CEO of giving Linda an IT environment where simply opening up #email attachments or URLs - which is part if her job - may cause the whole company get hacked.
We #IT #security professionals need to fix that spin that clearly supports the megacorps selling insecure crap instead of investing in real-world security.
#Malware #Ransomware #Microsoft #Exchange #Outlook #Sharepoint #ActiveDirectory
@publicvoit @davidho
No doubt, investment in robust security features is absolutely necessary. I am constantly annoyed though with private businesses both small and large that see IT infrastructure and security features as an expensive nuisance. It's just a dumb upsell until their environment is crippled by ransomware and then we the IT professionals have to step in and mitigate these dumb and greedy decisions.
No doubt, investment in robust security features is absolutely necessary. I am constantly annoyed though with private businesses both small and large that see IT infrastructure and security features as an expensive nuisance. It's just a dumb upsell until their environment is crippled by ransomware and then we the IT professionals have to step in and mitigate these dumb and greedy decisions.
Lee Fife - old account@RestlessLipSyndrome @davidho some interesting choices in this diagnosis of the problem.
From the lack of critical thinking in assigning culpability to a presumably low paid individual rather than seeing it as a systemic problem
To carelessly assuming gender of the person whose personal failings you appear to be seeing as causing the problem.
We IT Professionals need to do better than this. And if we don't, we shouldn't be surprised when Linda in accounting ignores us ...
@colo_lee @davidho
Would you rather me use a real-life example of a lawyer who is a partner at a top LA entertainment firm who refuses to use 2FA (and puts not only the entire firm but their celebrity clients at risk) because they find it annoying?
Any IT pro knows this runs the gamut from the lowest paid intern to the top person in the food chain at a company and gender is not a factor in who ultimately makes a critical mistake. Mastodon doesn't let me write thorough dissertations in one go.
@RestlessLipSyndrome @davidho That would be a less offensive example, yes.
Gssy
Nat@RestlessLipSyndrome @davidho @seawall
Mmmmm. Yeah I’m gonna disagree with your blame-culture assertion there. Linda in accounting doesn’t lack critical thinking skills. Linda is busy trying to make sure the bills get paid and that sneaky dude who always fudges his expenses doesn’t get away with it. Linda is tired because she’s doing most of the housework and parenting whilst working full-time, and her kid is sick. Linda also has a boss who keeps making gross jokes. Linda makes human mistakes.
@RestlessLipSyndrome @davidho @seawall I agree that many (most) security breeches are human error, of course. But let’s not frame it as people being careless or stupid :-) nobody will ever catch 100% of tricks. We have to design systems with a level of error tolerance in mind.
Buy nothing new
Adrien Plazas@RestlessLipSyndrome @davidho Why did you specificaly use a feminine-associated name to depict someone as incompetent and/or stupid?
@KekunPlazas @davidho Because the majority of offices I have worked in or with had women in these style of positions? It's my lived experience.
@KekunPlazas @davidho It is also to say that non-technical office staff usually need the most training to prevent security breaches. This is just the reality of office IT.
Tom Ritchford
DeterioratedStucco@RestlessLipSyndrome @davidho
Exactly.
When I did my IT course on networks and security (15 years ago now), the lecturer asked us how we'd go about gaining hostile access to a company.
I went last (being old and grizzled). I said "Get a job there. As a temp is fine. Make them *give* you access."
Jaw drop.
By the end of the course it was in his notes.
JR
hamish campbell