SahwaMar 8

LibreOffice criticizes EU Commission over proprietary XLSX formats

https://reddthat.com/post/61544796

LibreOffice criticizes EU Commission over proprietary XLSX formats - Reddthat

>The Foundation sees this as a contradiction to the EU’s own interoperability goals. Although XLSX is standardized as OOXML according to ISO/IEC 29500, Microsoft’s implementations often deviate from the specifications. Furthermore, features often change undocumented, which complicates compatibility with open-source software such as LibreOffice.

Show threadtwinnieMar 8
I kinda get it though. I think every single time in my life I’ve sent a document in the non-Microsoft format I’ve got a reply saying they couldn’t open it. That’s from LibreOffice and from Mac.
Show threadSv443Mar 8
Trying to get tech illiterate people to use LibreOffice and to export their documents as PDF but they just keep sending the original files every single time… nightmare material
Show threadwonderingwandererMar 8

In college my professor wouldn’t accept pdfs for assignments because it guess he couldn’t check the metadata or make comments or something.

So I literally had to download MS office just to submit assignments in their format…

Show threadB-TR3EMar 8
There are some people who míght learn from a ransomware attack. Only if it personally hits them, of course.
Show threadwonderingwandererMar 8
I don’t know enough to understand the connection. Can you please explain?
Show threadB-TR3EMar 8
Ransomware attack are successful mostly against MS Active Directory and Ourlook based setups.
Show threadwonderingwandererMar 9

That’s hilarious. Big corporation apparently can’t afford basic cybersecurity. Always pinching pennies.

Anyway, any big organization should encrypt their core systems to prevent ransomware attacks. Individuals should too. It’s just good practice.

Show threadB-TR3EMar 9
Encryption alone won’t prevent ransomware to encrypt it again. The original files need to be readable after all, so they are either unencrypted at boot or appear unencrypted to the (infected) client by machine/session key management. Nevertheless, adding an addittional, "“hostile” encryption layer will make them unreadable. The reasonable thing would be not to use a monocultural, standard setup that is known to be vulnerable to that kind of attack and first of all to get rid of fucking Outlook which has always been a dumpster fire.
Show threadwonderingwandererMar 10

Oh man, I always thought if your drive was already encrypted that a hostile actor couldn’t encrypt it for ransomware. I don’t know where I read that but it was a long time ago and I guess someone lied to me, but it’s whatever.

So what’s the vulnerability that would be exploited, something about using the swap space to get into the encrypted drive? Or does the attack apply to the outside of the container? I’m curious cause I’m working on hardening my own system currently and I want to make sure I’m not leaving any gaps in my blind spots

Show threadB-TR3E
Usually the common vulnerability is a combination of Outlook and Active Directory. Outlook will happily execute whatever users click upon and AD lets them steal their credentials, to simplify things.
Mar 10 at 2:03pmWeb