This is similar to reports that determine how secure a given software platform is based on the total number of CVE's reported for that platform. Such numbers never take into account the severity of the exploits or how quickly a patch was released.
I think a lot of what you described has to do with our elitist guided implementation of capitalism. The "Expert" (read: person who knows how this stuff works) is never the "Decision Maker". Instead the person deciding what we spend time working is operating under the assumption that they are smart because they graduated from some Ivy League university. Truth is that they are probably just of average intelligence and are no more competent than the barista at your local starbucks... They only know how to act on quantifiable data, without any of the technical expertise required to understand what those numbers actually mean. They also don't know where to obtain said data and are easily tricked into accepting falsified numbers. So it all ends in Death by Powerpoint. Case in point, the CEO of Walgreens issued an apology not that long ago for bad decision making. After a bunch of videos of people shoplifting when viral on social media, he reacted by beefing up security due to a perceived increase in theft. Turns out, this had no measurable effect since there was no real increase theft at Walgreens, it was a small number of incidents that fall within normal rates that got pumped up into a bigger thing. Sooo the pattern of behavior is this - CEO acts out of fear because he is too stupid to recognize that social media does not equal reality. That same fear response applies to cybersecurity. -Ben On Saturday, January 13th, 2024 at 12:40 PM, Russell Senior <[email protected]> wrote: > It is a pet peeve of mine the kind of vulnerability journalism that seems > to predominate today, which is all about the DANGER and not about modality > or mitigation. You have to read far into the article (if it is there at > all) to get any idea of what the vulnerability actually is and whether you > are actually vulnerable, how to tell, and what you should do about it. > > Another good example is journalism around ransomware. To me, no story about > ransomware should omit the kind-of-obvious mitigation of having up-to-date > backups, and yet I NEVER see that mentioned. > > Just yesterday, I heard a story about cybersecurity that cited the huge > number of "attacks" happening daily on the Internet. Probably (WAG) 95% by > volume are brute force password guessing against ssh services. I see them a > lot in my own logs of public facing machines, but at the rate passwords are > being tried, my math suggests it will take many centuries to guess a decent > password. Answer: have a decent password. > > -- > Russell Senior > [email protected] > > On Thu, Jan 11, 2024 at 12:29 PM Russell Senior [email protected] > > wrote: > > > TL;DR, this is using password guessing. Solution: use better passwords or > > turn off passwords altogether and use ssh authorized_keys. > > > > On Thu, Jan 11, 2024 at 12:13 PM MC_Sequoia [email protected] > > wrote: > > > > > "For the past year, previously unknown self-replicating malware has been > > > compromising Linux devices around the world and installing cryptomining > > > malware that takes unusual steps to conceal its inner workings, > > > researchers > > > said. > > > > > > The worm is a customized version of Mirai, the botnet malware that > > > infects Linux-based servers, routers, web cameras, and other so-called > > > Internet of Things devices. Mirai came to light in 2016 when it was used > > > to > > > deliver record-setting distributed denial-of-service attacks > > > that paralyzed > > > key parts of the Internet that year. The creators soon released the > > > underlying source code, a move that allowed a wide array of crime groups > > > from around the world to incorporate Mirai into their own attack > > > campaigns. > > > Once taking hold of a Linux device, Mirai uses it as a platform to infect > > > other vulnerable devices, a design that makes it a worm, meaning it > > > self-replicates." > > > > > > Article link - > > > https://arstechnica.com/security/2024/01/a-previously-unknown-worm-has-been-stealthily-targeting-linux-devices-for-a-year/ > > > > > > Sent with Proton Mail secure email.
